SkillsApr 13, 2026·3 min read

Bitwarden — Open Source Password Manager for Teams

Bitwarden is the leading open-source password manager with cloud sync. It provides end-to-end encrypted credential storage across all devices — web, desktop, mobile, browser, and CLI — with free personal use and affordable team/enterprise plans.

Script Depot · Community

Agent ready

Safe staging for this asset

This asset is staged first. The copied prompt tells the agent to inspect the staged files and ask before activating scripts, MCP config, or global config.

Stage only · 29/100Policy: stage

Agent surface

Any MCP/CLI agent

Kind

Skill

Install

Stage only

Trust

Trust: Established

Entrypoint

step-1.md

Safe staging command

npx -y tokrepo@latest install 878e74e6-372b-11f1-9bc6-00163e2b0d79 --target codex

Stages files first; activation requires review of the staged README and plan.

TL;DR

Bitwarden provides end-to-end encrypted password management across all devices, free and open-source.

§01

What it is

Bitwarden is an open-source password manager that provides end-to-end encrypted credential storage synchronized across all devices. It offers clients for web, desktop, mobile, browser extensions, and CLI. Personal use is free. Teams and enterprise plans add shared vaults, RBAC, and SSO integration.

This tool is for anyone who manages passwords, but especially developers and teams who need secure credential sharing, CLI access for automation, and self-hosting options.

§02

How it saves time or tokens

Bitwarden eliminates password reuse and insecure credential sharing. The CLI client integrates with scripts and CI pipelines to inject secrets without hardcoding them. Browser extensions auto-fill credentials, saving time on repeated logins. For AI-assisted workflows, the CLI can programmatically retrieve credentials that agents need for API authentication.

§03

How to use

Create a Bitwarden account or deploy a self-hosted instance.
Install clients on your devices.
Import existing passwords or add them manually.
Use the browser extension for auto-fill and the CLI for automation.

# Install Bitwarden CLI
npm install -g @bitwarden/cli

# Login
bw login

# Unlock vault
export BW_SESSION=$(bw unlock --raw)

# Get a password by name
bw get password 'My API Key'

# List items in a folder
bw list items --folderid <folder-id>

# Use in scripts
API_KEY=$(bw get password 'production-api-key')
curl -H "Authorization: Bearer $API_KEY" https://api.example.com

§04

Example

Using Bitwarden CLI in a CI pipeline:

# GitHub Actions example
steps:
  - name: Install Bitwarden CLI
    run: npm install -g @bitwarden/cli

  - name: Unlock vault
    run: |
      bw login --apikey
      export BW_SESSION=$(bw unlock --raw --passwordenv BW_PASSWORD)
      echo "BW_SESSION=$BW_SESSION" >> $GITHUB_ENV
    env:
      BW_CLIENTID: ${{ secrets.BW_CLIENTID }}
      BW_CLIENTSECRET: ${{ secrets.BW_CLIENTSECRET }}
      BW_PASSWORD: ${{ secrets.BW_PASSWORD }}

  - name: Deploy with secrets
    run: |
      DB_PASS=$(bw get password 'prod-db-password')
      deploy --db-password "$DB_PASS"

§05

Related on TokRepo

Security tools — More security and credential management tools
Self-hosted solutions — Tools you can host yourself

§06

Common pitfalls

The master password cannot be recovered if lost. Bitwarden uses zero-knowledge encryption, so even Bitwarden cannot reset your password.
Self-hosting requires maintaining the server, database, and SSL certificates. Use the cloud version unless you have specific compliance requirements.
The CLI session token expires. Scripts that run for long periods need to handle re-authentication.
Browser extension conflicts with other password managers. Disable competing managers to avoid auto-fill confusion.
Free personal accounts support unlimited passwords but limit sharing. Team features require a paid plan.

Frequently Asked Questions

Is Bitwarden truly open-source?+

Yes. Bitwarden's client applications and server are open-source. The client code is available on GitHub under GPL-3.0. The server code is available under AGPL-3.0. You can audit the code and self-host the entire stack.

Can I self-host Bitwarden?+

Yes. Bitwarden provides Docker-based self-hosting. You can also use Vaultwarden, a community-maintained alternative server implementation written in Rust that is lighter on resources.

Does Bitwarden support two-factor authentication?+

Yes. Bitwarden supports TOTP authenticator apps, email codes, hardware security keys (FIDO2/WebAuthn), and Duo Security for two-factor authentication on your vault.

How does the CLI work for automation?+

The Bitwarden CLI lets you login, unlock, and retrieve credentials programmatically. Use it in scripts, CI pipelines, or automation tools. Session tokens authenticate requests, and all operations are encrypted.

Can teams share passwords securely?+

Yes. Bitwarden Organizations allow teams to share credentials through shared vaults with role-based access control. Admins manage who can view or edit specific credential collections.

Citations (3)

Bitwarden GitHub— Bitwarden is an open-source password manager
Bitwarden CLI Docs— Bitwarden CLI for automation and scripting
Bitwarden Security Whitepaper— End-to-end encryption architecture

Related on TokRepo

Security tools Self-hosted solutions Featured workflows

Discussion

No comments yet. Be the first to share your thoughts.

Related Assets

KeeWeb — Free Cross-Platform Password Manager Compatible with KeePass

KeeWeb is a free, open-source password manager that runs in the browser or as a desktop app. It is fully compatible with KeePass kdbx database files and requires no server, storing your encrypted vault locally or syncing via Dropbox, Google Drive, or WebDAV.

Skills

Script Depot

Maybe — Open Source Personal Finance Manager

Maybe is an open-source personal finance app for tracking net worth, investments, spending, and budgets with bank syncing and self-hosting support.

Skills

AI Open Source

SuperTokens — Open Source Auth0 Alternative

SuperTokens is an open-source authentication solution with email/password, passwordless, social login, session management, and MFA. Drop-in UI components for React, Vue, and Angular.

Skills

Script Depot

Zitadel — Open Source Identity Infrastructure

Zitadel is an open-source identity management platform with OIDC, SAML, SSO, MFA, passkeys, and multi-tenancy — built for cloud-native apps and enterprise needs.

Skills

Script Depot