Security

Emails from Bitwarden

Like using strong passwords, avoiding suspicious emails is an important tool in your online security toolkit. We recommend familiarizing yourself with these FTC Guidelines for spotting and avoiding phishing.

Here are some guidelines to help you determine whether an email that looks like it's from Bitwarden is legitimate:

Automated emails

Product interaction emails

Emails such as new device alerts, invitations to join an organization, and two-step login codes will come from no-reply@bitwarden.com or, if you are self-hosting, a configured domain like no-reply@my.domain.com.

These emails will never contain attachments. If you are prompted to download a file, please report the email to us.

Some of these emails, such as organization invites, will contain buttons. Always check the validity of the hyperlink before clicking on it by confirming that it leads to https://vault.bitwarden.com or your organization's self-hosted domain. If you don't know your organization's domain, ask a member of your IT team or an administrator.

Invitation Window
Invitation Window

Payments emails

Automated payments emails for individual premium and paid organizations subscriptions will come from an @stripe.com address, like invoice+statements+acct_xxxxxxxxxxx@stripe.com.

These emails will contain attachments, specifically PDF invoices and receipts.

Opt-in emails

While you will receive automated emails as part of everyday use of Bitwarden, you might also receive emails from the following addresses if you have interacted with various parts of the Bitwarden ecosystem:

  • Support requests will be received from support@bitwarden.com.

  • Product announcements will be received from productupdates@bitwarden.com.

  • Trial information will be received from trial@bitwarden.com.

  • Marketing campaigns will be received from marketing@bitwarden.com.

  • Emails from members of the Bitwarden team will be received from @bitwarden.com email addresses.

Alert emails

Bitwarden will send an email alert for suspicious activities such as logging in from an unknown device, and failed login attempts from an unknown device.

These emails will never contain attachments. If you are prompted to download a file or click an unknown link, please contact us.

New device logged in

If your account successfully logs in from an unknown device, you will receive an email containing information about the login.

Login from unknown device email
Login from unknown device email

The email will contain:

  • Date

  • IP Adress

  • Device type

If you do not recognize this login, see here and take immediate steps to protect your account.

Failed login attempts detected

If multiple failed login attempts occur on your account from an unknown device, Bitwarden will send an email to notify you of the failed login attempts.

Failed login attempt email
Failed login attempt email

As a security measure, Bitwarden will place CAPTCHA requirements on the account. Receiving this email does not mean that your account has been accessed, however if you did not expect this email we recommend changing your master password. For more information on brute-force attacks, and actions you can take to help protect your account, see here.

Password compromised with active 2FA

Bitwarden will detect if multiple failed login attempts have occurred during the 2FA step. This means that the login attempts have used the correct username and master password, but failed to authenticate with 2FA.

Failed login attempts with 2FA
Failed login attempts with 2FA

Enabling 2FA on your Bitwarden account is an important step to adding an additional layer of security. If your username and master password have been compromised, having 2FA enabled may still prevent a malicious actor from accessing your account.

If you receive this email, please follow the instructions and change your master password.

Trusted device request approved

When a request to an organization administrator to add a trusted device is approved, the requesting user is sent an email informing them they can continue logging in on that device. The user must take action by logging in to the new device within 12 hours, or the approval will expire.

The email will contain:

  • Date

  • IP Adress

  • Device type

Make a suggestion to this page

Contact Our Support Team

For technical, billing, and product questions.

Name*
Bitwarden account email*
Verify account email*
Product*
Are you self-hosting?*
Subject*
Message...*

Cloud Status

Check status

© 2024 Bitwarden, Inc. Terms Privacy Cookie Settings Sitemap

This site is available in English.
Go to EnglishStay Here