bitwarden/help
1
0
Fork 0
mirror of https://github.com/bitwarden/help synced 2025-12-06 00:03:30 +00:00
Code Issues Releases Wiki Activity

Release Updates (#474)

Browse Source 
* Send Staging (#447)

* - js for in-page tabs
- send category early drafts of articles
- send images

* fix scrolling on tab

* send web vault

* mobile image

* redone 'receive send' article

* send from browser ext & mobile

* send work

* improvements to 'about'

* send additions

* so much send

* lotsa send

* all send all the time

* ain't nothin but a send thang

* cli

* send cli

* simple cli sends in /create-send/

* simple disable & delete in /send-lifespan/

* send desktop screenshots

* send final cleanup

* cli final cleanup

* send edits

* fix

* send final touches

* fixed links & non-send updates

* new import message documentation, several import articles condensed to use tabs, U2F support for Edge, excluded domains article, remove in innacurate note on emergency accesss

* Firefox Attachment Workflow + Date Picker for custom timestamps

* safari attach file Send req

* excluded domains addition

* fix tab titles

* release notes

* unlock articles

* link to status feed

* small typos

* test

* updated release notes

* lastpass article form fill rewrites

* import to org & personal clarifications

* send self-hosting, safari web extension edits, and release notes
This commit is contained in:
fred_the_tech_writer
2021-03-11 11:58:16 -05:00
committed by GitHub
parent 7b16aceea1
commit 535ea72847
69 changed files with 1600 additions and 425 deletions
Download Patch File Download Diff File Expand all files Collapse all files

163
_articles/account/biometrics.md
View File

@@ -8,104 +8,139 @@ tags: [unlock, face id, touch id, hello, windows, mac, ios, android]
order: 11
---
Bitwarden can be configured to accept biometrics as a method to unlock your Vault. Biometrics can **only be used to unlock** your Vault, you will still be required to log in to your Vault with your Master Password and any enabled [Two-step Login method]({% link _articles/two-step-login/setup-two-step-login.md %}).
Bitwarden can be configured to accept biometrics as a method to unlock your Vault.
Biometric features are part of the built-in security in your device and/or operating system. Bitwarden leverages native APIs to perform this validation, and as such **does not receive any biometrics information** from the device.
Biometrics can **only be used to unlock** your Vault, you will still be required to use your Master Password and any enabled [Two-step Login method]({% link _articles/two-step-login/setup-two-step-login.md %}) when you **log in**. If you're not sure of the difference, scroll down to [Understanding Unlock vs. Log In](#understanding-unlock-vs-log-in).
## Mobile Applications
Biometric Unlock is supported for both the Android (Google Play or FDroid) and iOS Mobile Applications:
- For **Android**, via [fingerprint unlock](https://support.google.com/nexus/answer/6285273?hl=en){:target="\_blank"} or [face unlock](https://support.google.com/pixelphone/answer/9517039?hl=en){:target="\_blank"}.
- For **iOS**, via [Touch ID](https://support.apple.com/en-us/HT201371){:target="\_blank"} and [Face ID](https://support.apple.com/en-us/HT208109){:target="\_blank"}.
### Enable Biometric Unlock in Mobile
Complete the following steps to enable Biometric Unlock in your Mobile App:
{% callout info %}
Your Biometric method of choice must be enabled on your device or operating system **before** it can be enabled in Bitwarden.
{% callout success %}
Biometric features are part of the built-in security in your device and/or operating system. Bitwarden leverages native APIs to perform this validation, and therefore **Bitwarden does not receive any biometrics information** from the device.
{% endcallout %}
1. Open your **Settings** tab.
2. In the Security section, your available Biometrics options will be listed. Tap the Biometric method you would like to enable:
## Enable Unlock with Biometrics
{% image /biometrics/ios_faceid.jpeg Enable Face ID in iOS%}
Unlock with Biometrics can be enabled for Bitwarden on Mobile, Desktop, and Browser Extensions:
A green `Enabled` status will appear when activated. Once Biometric Unlock is enabled, your device will automatically prompt for your biometric data when unlocking the app.
<ul class="nav nav-tabs" id="myTab" role="tablist">
<li class="nav-item" role="presentation">
<a class="nav-link active" id="mobtab" data-target="#mobile" role="tab" aria-controls="mobile" aria-selected="false">Mobile</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="desktab" data-target="#desktop" role="tab" aria-controls="desktop" aria-selected="false">Desktop</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="betab" data-target="#browserextension" role="tab" aria-controls="browserextension" aria-selected="false">Browser Extension</a>
</li>
</ul>
<div class="tab-content" id="clientsContent">
<div class="tab-pane show active" id="mobile" role="tabpanel" aria-labelledby="mobtab">
{% capture mobile_info %}
## Desktop Applications
#### Enable for Mobile
Biometric Unlock is supported for both the Windows and macOS Desktop Applications:
- For **Windows**, via [Windows Hello](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello){:target="\_blank"} using PIN, Facial Recognition, or [other hardware that meets Windows Hello biometric requirements](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-biometric-requirements){:target="\_blank"}.
- For **macOS**, via [Touch ID](https://support.apple.com/en-us/HT207054){:target="\_blank"}.
Unlock with Biometrics is supported for Android (Google Play or FDroid) via [fingerprint unlock](https://support.google.com/nexus/answer/6285273?hl=en){:target="\_blank"} or [face unlock](https://support.google.com/pixelphone/answer/9517039?hl=en){:target="\_blank"}, and for iOS via [Touch ID](https://support.apple.com/en-us/HT201371){:target="\_blank"} and [Face ID](https://support.apple.com/en-us/HT208109){:target="\_blank"}.
### Enable Biometric Unlock in Desktop
To enable Unlock with Biometrics for your Mobile device:
Complete the following steps to enable Biometric Unlock in your Desktop App:
1. In your device's native settings (e.g. the iOS {% icon fa-cog %} **Settings** app), make sure your biometric method is turned on.
2. In your Bitwarden app, open the {% icon fa-cogs %} **Settings** tab.
3. Scroll down to the Security section and tap the biometrics option you want to enable. What's available on this screen is determined by your device's hardware capabilities and what you've enabled (**Step 1**), for example:
{% callout info %}
Your Biometric method of choice must be enabled on your device or operating system **before** it can be enabled in Bitwarden.
{% endcallout %}
{% image /biometrics/ios_faceid.jpeg Enable Face ID in iOS%}
1. Open your **Settings** (on Windows, **File** &rarr; **Settings**) (on macOS, **Bitwarden** &rarr; **Preferences**).
2. In the Security section, your available Biometrics options will be listed as checkbox items. Check the Biometric method you would like to enable:
Tapping the option should prompt you to input your biometric (i.e. face or thumb-print). A green `Enabled` status indicator (pictured above) will indicate when Unlock with Biometrics is successfully enabled.
{% image /biometrics/windows.png Configuring Hello in Windows %}
{% endcapture %}
{{ mobile_info | markdownify}}
</div>
<div class="tab-pane" id="desktop" role="tabpanel" aria-labelledby="desktab">
{% capture desktop_info %}
{% callout info %}
If you do not see the option to enable Windows Hello within the Desktop preferences, you may need to install the [Microsoft Visual C++ Redistributable](https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads).
{% endcallout %}
#### Enable for Desktop
Once Biometric Unlock is enabled, a new button will be presented on the Unlock screen. Selecting this button (for example, **Unlock with Windows Hello**) will initiate unlock. You may at any time choose to unlock your Vault with your Master Password instead.
Unlock with Biometrics is supported for Windows via [Windows Hello](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello){:target="\_blank"} using PIN, Facial Recognition, or [other hardware that meets Windows Hello biometric requirements](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-biometric-requirements){:target="\_blank"} and for macOS via [Touch ID](https://support.apple.com/en-us/HT207054){:target="\_blank"}.
To enable Unlock with Biometrics for your Desktop app:
1. In your device's native settings (e.g. the macOS {% icon fa-cog %} **System Preferences** app), make sure your biometric method is turned on.
{% callout success%}Windows Users may need to install the [Microsoft Visual C++ Redistributable](https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads){:target="\_blank"} before Windows Hello can be turned on in Desktop Preferences.{% endcallout %}
2. In your Bitwarden app, open your Settings (on Windows, **File** &rarr; **Settings**) (on macOS, **Bitwarden** &rarr; **Preferences**).
3. Scroll down to the Security section and select the biometrics option you want to enable. What's available on this screen is determined by your device's hardware capabilities and what you've turned on (**Step 1**), for example:
{% image /biometrics/windows.png Unlock with Windows Hello %}
Once enabled, a new button will be presented on the Unlock screen:
{% image /biometrics/hello-unlock.png Unlock with Windows Hello %}
## Browser Extensions
{% endcapture %}
{{ desktop_info | markdownify}}
</div>
<div class="tab-pane" id="browserextension" role="tabpanel" aria-labelledby="betab">
{% capture browser_extension %}
Biometric Unlock is supported for **Chromium-based** (e.g. Chrome, Edge) Bitwarden Browser Extensions by integration with a native Bitwarden Desktop App (the Desktop App must also be running the latest version). Through the Desktop App's access to Biometric APIs, Browser Extensions support Biometric Unlock:
- For **Windows**, via [Windows Hello](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello){:target="\_blank"} using PIN, Facial Recognition, or [other hardware that meets Windows Hello biometric requirements](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-biometric-requirements){:target="\_blank"}.
- For **macOS**, via [Touch ID](https://support.apple.com/en-us/HT207054){:target="\_blank"}.
#### About Biometrics in Browser Extensions
{% callout note %}
**Biometric Unlock is currently not available for:**
Unlock with Biometrics is supported for Extensions through an integration with the Bitwarden Desktop app. In practical terms, this means:
- Firefox Browser Extensions (keep an eye on the required up-stream enhancement to make `nativeMessaging` optional [here](https://bugzilla.mozilla.org/show_bug.cgi?id=1630415){:target="\_blank"}).
- Safari Browser Extensions.
1. A Bitwarden Desktop app must be installed, logged in, and running in order to use Unlock with Biometrics for a Browser Extension. Additionally, you will need to enable Unlock with Biometrics in **Desktop** before proceeding.
2. Browser Extensions support the same biometrics options as Desktop; for Windows via [Windows Hello](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello){:target="\_blank"} using PIN, Facial Recognition, or [other hardware that meets Windows Hello biometric requirements](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/windows-hello-biometric-requirements){:target="\_blank"} and for macOS via [Touch ID](https://support.apple.com/en-us/HT207054){:target="\_blank"}.
Two things to bear in mind before enabling the integration are **Permissions** and **Supportability**, documented below:
##### Permissions
To facilitate this integration, your browser will ask you to accept a new permission for Bitwarden to `communicate with cooperating native applications`. This permission is safe, but **optional**, and will enable the integration that is required to enable Unlock with Biometrics.
Declining this permission will allow you to use the Browser Extension as normal, without Unlock with Biometrics functionality.
##### Supportability
Unlock with Biometrics is supported for Extensions on **Chromium-based** browsers (Chrome, Edge, Opera, Brave, etc.). Unlock with Biometrics is **currently not supported for**:
- Safari
- Firefox (there's a required up-stream enhancement to make `nativeMessaging` optional, documented [here](https://bugzilla.mozilla.org/show_bug.cgi?id=1630415){:target="\_blank"}).
- Microsoft App Store Desktop Apps (a side-loaded Windows Desktop App, available at [bitwarden.com/download](https://bitwarden.com/download){:target="\_blank"} will work fine).
- Side-loaded MacOS Desktop Apps (an App Store Desktop app will work fine).
In the cases of FireFox and the Microsoft App Store, this is due to native messaging limitations (see [Native Messaging Permissions](#native-messaging-permissions)). In all cases, Bitwarden team is investigating and will provide updates as things progress.
{% endcallout %}
#### Enable for Browser Extensions
The Bitwarden Desktop Application must be installed, logged in, and running in order to use Biometric Unlock in a Browser Extension. Additionally, you will need to [enable Biometric Unlock in the desktop app](#enable-biometric-unlock-in-desktop) before proceeding.
To enable Unlock with Biometrics for your Browser Extension:
### Native Messaging Permissions
1. In your Bitwarden Desktop app, navigate to Settings (on Windows, **File** &rarr; **Settings**) (on macOS, **Bitwarden** &rarr; **Preferences**).
2. Scroll down to the Options section, and check the **Enable Browser Integration** box.
When your Chromium-based Browser Extension updates to the version that supports Biometric Unlock (v1.48.0), you may be asked to accept a new permission for Bitwarden to `Communicate with cooperating native applications`. This permission is safe, but **optional**, and will enable the Browser Extension to communicate with the Bitwarden Desktop App, which is required to enable Biometric Unlock, as described above.
{% callout note %}Optionally, check the **Require verification for browser integration** option to require [account fingerprint]({% link _articles/features/fingerprint-phrase.md %}) verification when you activate the integration.{% endcallout %}
3. In your Browser, navigate to the Extensions manager (e.g. `chrome://extensions` or `brave://extensions`), open Bitwarden, and toggle the **Allow access to file URLs** option.
{% callout success %}
Some browsers may additionally require you to **Allow access to file URLs** for Browser Extension Biometrics to function properly.
{% endcallout %}
Declining this permission will allow you to use v1.48.0 as normal, without Biometric Unlock functionality.
Not all browsers will require this to be toggled on, so feel free to skip this step and circle back to it only if the remaining procedure doesn't work.
4. In your Browser Extension, open the {% icon fa-cogs %} **Settings** tab.
5. Scroll down to the Security section and check the **Unlock with biometrics** box.
### Enable Biometric Unlock for Browser Extensions
{% callout success %}You may be prompted at this stage to allow Bitwarden to `communicate with cooperating native applications`. This permission is safe, but **optional** and solely enables the Browser Extension to communicate with Desktop as described above.{% endcallout %}
Complete the following steps to enable Biometric Unlock in your Browser Extension:
You should be prompted by your Desktop app to input your biometric. Doing so will complete the initial setup procedure. If you've opted to require verification (**Step 2**), you'll need to approve a fingerprint validation check.
1. In the Desktop App, navigate to **Settings** (on Windows, **File** &rarr; **Settings**) (on macOS, **Bitwarden** &rarr; **Preferences**).
2. Check the **Enable Browser Integration** checkbox.
Once enabled, a new button will be presented on the Unlock screen:
Optionally, enable the **Require verification for browser integration** option to require [account fingerprint]({% link _articles/features/fingerprint-phrase.md %}) verification when activating the integration between Browser Extension and Desktop App.
3. In the Browser Extension, open the **Settings** tab.
4. Check the **Unlock with biometrics** checkbox to activate the integration. You will be prompted by your Desktop App to input your biometric authentication method to complete the setup.
{% image /biometrics/be-bio-unlock.png Unlock with Biometrics %}
If you've opted to **Require verification for browser integration**, a `Desktop sync verification` dialog box will appear in your Browser Extension and a `Verify browser connection` dialog box will appear in your Desktop Application. Validate that the displayed [account fingerprint]({% link _articles/features/fingerprint-phrase.md %}) matches in both locations. If they match, select the **Approve** button and input your Biometric authentication method.
{% endcapture %}
{{ browser_extension | markdownify}}
</div>
</div>
{% callout success %}In either case, you'll need to redo this "activation" step each time the Desktop App or Browser Extension is restarted.{% endcallout %}
## Understanding Unlock vs. Log In
Once Biometric Unlock is enabled, a new button will be presented on the Unlock screen. Selecting the **Unlock biometrics** button will initiate unlock via the Desktop App.
In order to understand why unlocking and logging in aren't the same, it's important to remember that Bitwarden [never stores unencrypted data]({% link _articles/security/vault-data.md %}) on its servers. **When your Vault is neither unlocked nor logged in**, your Vault data only exists on the server in its [encrypted form]({% link _articles/security/what-encryption-is-used.md %}).
{% callout warning %}
If you attempt to use Biometric Unlock when the Desktop App is closed, you will be prompted to open the Desktop App. If you've opted to **Require verification for browser integration**, you'll also be prompted to recomplete fingerprint verification.
{% endcallout %}
**Logging in** to Bitwarden **decrypts** your Vault data to your device. In practice, that means two things:
1. Logging in will always require your Master Password, because your Master Password is the source of the key needed to decrypt your Vault data. Additionally, because decryption is an operation that needs to be protected, this stage is where [any enabled Two-step Login methods]({% link _articles/two-step-login/setup-two-step-login.md %}) would be required.
2. Logging in will always require you to be connected to the internet (or, if you're self-hosting, connected to the server), because you need access to the encrypted Vault in order to decrypt it.
**Unlocking** can only be done when you're already logged in. In other words, only when your Vault data is already decrypted to your device. Because your Vault is already decrypted:
1. You don't need the decryption key derived from your Master Password, so you're free to use other access methods, like [PIN codes]({% link _articles/account/unlock-with-pin.md %}) and [biometrics]({% link _articles/account/biometrics.md %}).
2. You don't need to be connected to the internet (or, if you're self-hosting, connected to the server).

177
_articles/account/export-your-data.md
View File

@@ -8,11 +8,11 @@ tags: [export, accounts, csv]
order: 06
---
Bitwarden allows you to export your personal Vault data from any client application, or an Organization Vault from the Web Vault or CLI. Exports can be downloaded as plaintext `.json` or `.csv` files, or as a `.json` [Encrypted Export]({% link _articles/importing/encrypted-export.md %}).
You can export your personal Vault data from any client application, or export an Organization Vault from the Web Vault or CLI. Exports can be downloaded as plaintext `.json` or `.csv` files, or as a `.json` [encrypted export]({% link _articles/importing/encrypted-export.md %}).
Bitwarden recommends using `.json` for a more complete option for standard backup procedures as `.csv` exports will not export Cards or Identities. For information on the format of Bitwarden `.csv` and `.json` exports, see [Condition a Bitwarden .csv or .json]({% link _articles/importing/condition-bitwarden-import.md %}).
We recommend using `.json` for a more complete export, as `.csv` files won't currently export Cards or Identities. For complete information on the format of Bitwarden `.csv` and `.json` files, see [Condition a Bitwarden .csv or .json]({% link _articles/importing/condition-bitwarden-import.md %}).
Vault Exports **will not include** File Attachments or Items in the Trash.
Vault Exports **will not include** [file attachments]({% link _articles/features/attachments.md %}) or Items in the Trash.
{% callout warning %}
Unless you're using an [Encrypted Export]({% link _articles/importing/encrypted-export.md %}), do not store or send the exported file over insecure channels, like email, and delete the file immediately after use.
@@ -20,74 +20,153 @@ Unless you're using an [Encrypted Export]({% link _articles/importing/encrypted-
## Export a Personal Vault
Export your Personal Vault data from any client application:
Export your personal Vault data from any client application:
### From the Web Vault
<ul class="nav nav-tabs" id="myTab" role="tablist">
<li class="nav-item" role="presentation">
<a class="nav-link active" id="wvtab" data-target="#webvault" role="tab" aria-controls="webvault" aria-selected="true">Web Vault</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="betab" data-target="#browserextension" role="tab" aria-controls="browserextension" aria-selected="false">Browser Extension</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="desktab" data-target="#desktop" role="tab" aria-controls="desktop" aria-selected="false">Desktop</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="mobtab" data-target="#mobile" role="tab" aria-controls="mobile" aria-selected="false">Mobile</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="clitab" data-target="#cli" role="tab" aria-controls="cli" aria-selected="false">CLI</a>
</li>
</ul>
<div class="tab-content" id="clientsContent">
<div class="tab-pane show active" id="webvault" role="tabpanel" aria-labelledby="wvtab">
{% capture web_vault %}
#### Export from the Web Vault
To export your personal Vault data from the Web Vault:
1. Select **Tools** from the top navigation bar.
3. Select **Export Vault** from the left-hand Tools menu.
4. On the Export Vault page:
- Select a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
- Enter your **Master Password**.
5. Select the **Export Vault** button to download your Vault Export. You will be prompted to specify a location for download.
2. Select **Export Vault** from the left-hand Tools menu.
3. On the Vault Export page, choose a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
4. Enter your **Master Password** and select the **Export Vault** button.
### From the Mobile App
{% endcapture %}
{{ web_vault | markdownify}}
</div>
<div class="tab-pane" id="browserextension" role="tabpanel" aria-labelledby="betab">
{% capture browser_extension %}
1. Tap the **Settings** tab.
2. Scroll down to the **Tools** section, and tap **Export Vault**.
3. On the Export Vault page:
- Select a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
- Enter your **Master Password**.
4. Select the **Export Vault** button to download your Vault Export. You will be prompted to specify a location for download.
#### Export from a Browser Extension
### From the Browser Extension
To export your personal Vault data from a Browser Extension:
1. Open the **Settings** tab.
2. Scroll down to the **Tools** section, and select **Export Vault**.
4. On the Export Vault page:
- Select a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
- Enter your **Master Password**.
5. Select the **Export Vault** button to download your Vault Export. You will be prompted to specify a location for download.
1. Open the {% icon fa-cogs %} **Settings** tab.
2. Scroll down to the **Tools** section and select the **Export Vault** option.
3. On the Export Vault view, choose a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
4. Enter your **Master Password** and select **Submit**.
### From the Desktop App
{% endcapture %}
{{ browser_extension | markdownify}}
</div>
<div class="tab-pane" id="desktop" role="tabpanel" aria-labelledby="desktab">
{% capture desktop_info %}
1. Navigate to **File** &rarr; **Export Vault**.
2. In the Export Vault window:
- Select a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
- Enter your **Master Password**.
3. Select the **Submit** button to download your Vault Export. You will be prompted to specify a location for download.
#### Export from Desktop
### From the CLI
To export your personal Vault data from a Desktop app:
Use the `bw export` command to export your Vault data. By default, `bw export` will create a `.csv` export in the current working directory.
1. From the menu bar, navigate to **File** &rarr; **Export Vault**.
2. In the Export Vault window, choose a **File Format** (`.json`, `.csv`, or `.json (Encryped)`).
3. Enter your **Master Password** and select the {% icon fa-download %} **Download** button.
You may pass the following options with the `bw export` command:
- `--output <filePath>` to specify a saving location of your choice.
- `--format <format>` to specify the file format as `csv` (*default*), `json`, or `encrypted_json`.
{% endcapture %}
{{ desktop_info | markdownify}}
</div>
<div class="tab-pane" id="mobile" role="tabpanel" aria-labelledby="mobtab">
{% capture mobile_info %}
#### Export from Mobile
To export your personal Vault data from a Mobile app:
1. Tap the {% icon fa-cogs %} **Settings** tab.
2. Scroll down to the **Tools** section and tap the **Export Vault** option.
3. On the Export Vault view, choose a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
4. Enter your **Master Password** and tap the **Export Vault** button.
{% endcapture %}
{{ mobile_info | markdownify}}
</div>
<div class="tab-pane" id="cli" role="tabpanel" aria-labelledby="cliab">
{% capture cli_info %}
#### Export from the CLI
To export your personal Vault from the CLI, use the `export` command. By default, `export` will export your Vault as a `.csv` and save the file to the working directory, however this behavior can be altered using options:
```
bw export my-master-password --output /users/me/documents/ --format json
```
For more detail, see our [CLI documentation]({% link _articles/miscellaneous/cli.md %}).
{% endcapture %}
{{ cli_info | markdownify}}
</div>
</div>
## Export an Organization Vault
Admins and Owners may export their Organization Vault from the Web Vault or CLI:
Organization [Admins and Owners]({% link _articles/organizations/user-types-access-control.md %}) can export their Organization Vault (i.e. all items [shared in Collections]({% link _articles/organizations/share-to-a-collection.md %})) from the Web Vault or CLI:
### From the Web Vault
<ul class="nav nav-tabs" id="myTab" role="tablist">
<li class="nav-item" role="presentation">
<a class="nav-link active" id="orgwvtab" data-target="#orgwebvault" role="tab" aria-controls="orgwebvault" aria-selected="true">Web Vault</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="orgclitab" data-target="#orgcli" role="tab" aria-controls="orgcli" aria-selected="false">CLI</a>
</li>
</ul>
<div class="tab-content" id="clientsContent">
<div class="tab-pane show active" id="orgwebvault" role="tabpanel" aria-labelledby="orgwvtab">
{% capture org_web_vault %}
1. Open your Organization and select the **Tools** tab.
#### Export Org from the Web Vault
To export your Organization Vault data from the Web Vault:
1. Open your Organization and select the **Tools** tab:
{% image organizations/org-export.png Export Organization Vault %}
2. Select **Export Vault** from the left-hand Tools menu.
4. On the Export Vault page:
- Select a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
- Enter your **Master Password**.
5. Select the **Export Vault** button to download your Vault Export. You will be prompted to specify a location for download.
4. On the Vault Export page, choose a **File Format** (`.json`, `.csv`, or `.json (Encrypted)`).
4. Enter your **Master Password** and select the **Export Vault** button.
### From the CLI
{% endcapture %}
{{ org_web_vault | markdownify}}
</div>
<div class="tab-pane" id="orgcli" role="tabpanel" aria-labelledby="orgclitab">
{% capture org_cli_info %}
From the Bitwarden CLI application, use the `bw export` command with the `--organizationid <orgId>` option to export your Organization Vault.
#### Export Org from the CLI
{% callout info %}
Retrieve your `<orgId>` value using the command: `bw list organizations`.
To export your Organization Vault from the CLI, use the `export` command with the `--organizationid` option.
By default, `export` will export your Vault as a `.csv` and save the file to the working directory, however this behavior can be altered using options:
```
bw export my-master-password --organizationid 7063feab-4b10-472e-b64c-785e2b870b92 --output /users/me/documents/ --format json
```
{% callout success %}
If you don't know your `organizationid` value off-hand, you can access it at the command-line using `bw list organizations`.
{% endcallout %}
By default, `bw export` will create a `.csv` export in the current working directory, however you may pass the following options with the command:
- `--output <filePath>` to specify a saving location of your choice.
- `--format <format>` to specify the file format as `csv` (*default*), `json`, or `encrypted_json`.
For more detail, see our [CLI documentation]({% link _articles/miscellaneous/cli.md %}).
{% endcapture %}
{{ org_cli_info | markdownify}}
</div>
</div>

14
_articles/account/forgot-master-password.md
View File

@@ -8,22 +8,22 @@ tags: [master password, account]
order: 02
---
As described in the [Your Master Password]({% link _articles/account/master-password.md %}) article, Bitwarden has no knowledge of, way to retrieve, or way to reset your Master Password. If you've already lost your Master Password, there is unfortunately no way for the team to recover the account or the data therein. You will need to delete your account and start a new one.
As described in the [Your Master Password]({% link _articles/account/master-password.md %}) article, Bitwarden has no knowledge of, way to retrieve, or way to reset your Master Password.
If you've already lost your Master Password, there is unfortunately no way for the team to recover the account or the data therein. You will need to delete your account and start a new one.
{% callout success %}
Before deleting your account:
**First**, use the [Get master password hint](https://vault.bitwarden.com/#/hint){:target="\_blank"} link if you have a hint setup. Hints will be emailed to the email address associated with your account. If you don't have a hint setup, you'll get an email reporting this.
**Second**, if you're using any Bitwarden client applications (Mobile Apps, Browser Extensions, etc.), you should check whether any of these sessions are still logged in prior to deleting your account. If a client application is still logged in, you should manually catalogue your Vault items to preserve your data.
{% endcallout %}
Complete the following steps to delete your account:
{% callout warning%}
This action is permanent and cannot be undone.
{% endcallout %}
If you weren't able to gain access to your Vault, complete the following steps to delete your account:
1. Navigate to [vault.bitwarden.com/#/recover-delete](https://vault.bitwarden.com/#/recover-delete).
2. Enter the **Email Address** associated with your account.
2. Enter the **Email Address** associated with your account and select **Submit**.
3. In your email inbox, open the email and verify that you want to delete this Bitwarden account.
Once deleted, you're free to create a new Bitwarden account with that email address. If you delete a Bitwarden account that has a Premium subscription associated with it, [Contact Us](https://bitwarden.com/contact/){:target="\_blank"} and we'll reapply your existing subscription to the new account.

16
_articles/account/install-safari-app-extension.md
View File

@@ -1,27 +1,23 @@
---
layout: article
title: Bitwarden Safari App Extension
title: Safari Web Extension
categories: [miscellaneous]
featured: false
popular: false
tags: [browser, safari]
---
## Get the Extension
Bitwarden's Safari Web Extension is a port of the prior *App Extension* designed for use with [Safari 14](https://developer.apple.com/documentation/safariservices/safari_web_extensions/converting_a_safari_app_extension_to_a_safari_web_extension?language=objc){:target="\_blank"}. The Safari Web Extension is packaged with the Bitwarden Desktop App available on the App Store.
Bitwarden's Safari App Extension is packaged with the Bitwarden Desktop App available on the App Store, as recommended by from Apple regarding Safari App Extensions.
{% callout warning %}
Due to changes by Apple, Safari now limits Safari App Extension use to only those obtained through Mac App Store downloads. As of Q1 2021, users will not be able to use a Bitwarden Safari App Extension obtained through a `.dmg` installation from [bitwarden.com/download](https://bitwarden.com/download){:target="\_blank"} or any other non-App Store source.
To read community conversation on the topic, refer to the following Apple Developer Forum threads ([Thread #1](https://developer.apple.com/forums/thread/659029){:target="\_blank"}, [Thread #2](https://developer.apple.com/forums/thread/667859){:target="\_blank"}).
{% callout info %}
Due to changes by Apple, Safari limits Web Extension use to **only those obtained through Mac App Store downloads**. As of the [2021-03-11 Release]({% link _articles/getting-started/releasenotes.md %}), users will not be able to use a Bitwarden Safari Extension obtained through a `.dmg` installation from [bitwarden.com/download](https://bitwarden.com/download){:target="\_blank"} or any other non-App Store source.
{% endcallout %}
For developer detail on Safari App Extensions, click [here](https://developer.apple.com/documentation/safariservices/safari_app_extensions).
The Safari Web Extension has full feature parity to the prior App Extension. For developer detail on the difference between Safari Web Extensions and App Extensions, click [here](https://developer.apple.com/documentation/safariservices/safari_web_extensions/converting_a_safari_app_extension_to_a_safari_web_extension?language=objc).
## Enable the Extension
Before enabling the Safari App Extension, run the Desktop Application at least once. In Safari:
Before enabling the Safari Web Extension, run the Desktop Application at least once. In Safari:
1. Open the **Preferences** window.
2. Navigate to the **Extensions** page.

5
_articles/account/managing-items.md
View File

@@ -8,15 +8,14 @@ tags: [account, items, import, delete, trash, clone]
order: 03
---
Bitwarden can store 4 types of items in your Vault:
Effectively managing the items in your Vault is key to making sure that you secure and have seamless access to your information, and can safely share information with friends, family, teams, and colleagues.
Bitwarden can store 4 types of items in your Vault:
- [Logins](#logins)
- [Cards](#cards)
- [Identities](#identities)
- [Secure Notes](#secure-notes)
Effectively managing the items in your Vault is key to making sure that you secure and have seamless access to your information, and can safely share information with friends, family, teams, and colleagues.
## Add a Vault Item
You can add items to your Vault from the Bitwarden [Web Vault](https://vault.bitwarden.com){:target="\_blank"} or any client application. Look for a {% icon fa-plus %} **Add** icon to add an item to your Vault. There are 4 types of items you can add to your Vault.

41
_articles/account/master-password.md
View File

@@ -10,7 +10,7 @@ redirect_from:
- /article/change-your-master-password/
---
## About Your Master Password
## About your Master Password
Your Master Password is the primary method for accessing your Vault. It's critically important that your Master Password is:
@@ -31,35 +31,40 @@ If you're worried about forgetting your Master Password, the team at Bitwarden h
{% endcallout %}
## Changing Your Master Password
## Change your Master Password
You can change your Master Password at any time from the [Web Vault](https://vault.bitwarden.com){:target="\_blank"}, **provided you know you current Master Password** (if you don't, see [I Forgot My Master Password](#i-forgot-my-master-password)).
Provided you **know your current Master Password**, change your Master Password at any time from the [Web Vault](https://vault.bitwarden.com){:target="\_blank"}:
1. Log in to your [Web Vault](https://vault.bitwarden.com){:target="\_blank"}.
2. Select the **Settings** tab from the top navigation.
3. On the **My Account** page, scroll down and locate the **Change Master Password** section.
4. Enter your **Current Master Password**.
5. Enter and Confirm your **New Master Password**.
6. Select the **Change Master Password** button.
Completing these steps will log you out of your current session, requiring you to log back in with you new Master Password. Currently logged-in client applications (Mobile Apps, Browser Extensions, etc.) may remain active for up to an hour, however they will eventually also require you to log back in with your new Master Password.
{% callout warning %}
Opting to **rotate account's encryption key** is a potentially dangerous operation. Read the article on [Account Encryption Keys]({% link _articles/account/account-encryption-key.md %}) before doing so to fully understand the ramifications and required follow-up procedures.
{% callout success %}
If you don't know your Master Password, see [I Forgot my Master Password]({% link _articles/account/forgot-master-password.md %}).
{% endcallout %}
## I Forgot My Master Password
1. In your Web Vault, Select the **Settings** tab from the top navigation.
2. On the **My Account** page, scroll down to the **Change Master Password** section.
3. Enter your **Current Master Password**.
4. Enter and Confirm your **New Master Password**.
As described in the [About Your Master Password](#about-your-master-password) section, Bitwarden has no knowledge of, way to retrieve, or way to reset your Master Password. If you've already lost your Master Password, there is unfortunately no way for the team to recover the account or the data therein. You will need to delete your account and start a new one.
{% callout warning %}Don't check the **rotate account's encryption key** box unless you fully understand the ramifications and required follow-up procedures. Learn more [here]({% link _articles/account/account-encryption-key.md %}).{% endcallout %}
5. Select the **Change Master Password** button.
Changing your Master Password will log you out of your current Web Vault session, requiring you to log back in with your new Master Password.
Other logged-in client applications (Mobile Apps, Browser Extensions, etc.) may remain active for up to an hour, however they will eventually also require you to log back in with your new Master Password.
## I forgot my Master Password
As described in the [About Your Master Password](#about-your-master-password) section, Bitwarden has no knowledge of, way to retrieve, or way to reset your Master Password.
If you've already lost your Master Password, there is unfortunately no way for the team to recover the account or the data therein. You will need to delete your account and start a new one.
{% callout success %}
If you're using any Bitwarden client applications (Mobile Apps, Browser Extensions, etc.) you should check whether any of these sessions are still logged in prior to deleting your account. If a client application is still logged in, you should manually catalogue your Vault items to preserve your data.
{% endcallout %}
Complete the following steps to delete your account:
To delete your account:
1. Navigate to [vault.bitwarden.com/#/recover-delete](https://vault.bitwarden.com/#/recover-delete).
2. Enter the **Email Address** associated with your account.
2. Enter the **Email Address** associated with your account and select **Submit**.
3. In your email inbox, open the email and verify that you want to delete this Bitwarden account.
Once deleted, you're free to create a new Bitwarden account with that email address. If you delete a Bitwarden account that has a Premium subscription associated with it, [Contact Us](https://bitwarden.com/contact/){:target="\_blank"} and we'll reapply your existing subscription to the new account.

90
_articles/account/unlock-with-pin.md
View File

@@ -8,50 +8,90 @@ tags: [unlock, pin]
order: 10
---
Bitwarden can be configured to accept a Personal Identification Number (PIN) as a method to unlock your Vault. PINs can **only be used to unlock** your Vault, you will still be required to log in to your Vault with your Master Password and any enabled [Two-step Login Method]({% link _articles/two-step-login/setup-two-step-login.md %}).
Bitwarden can be configured to accept a Personal Identification Number (PIN) as a method to unlock your Vault.
PINs can **only be used to unlock** your Vault, you will still be required to use your Master Password and any enabled [Two-step Login method]({% link _articles/two-step-login/setup-two-step-login.md %}) when you **log in**. If you're not sure of the difference, scroll down to [Understanding Unlock vs. Log In](#understanding-unlock-vs-log-in).
## Enable Unlock with PIN
Unlock with PIN can be enabled for Bitwarden Browser Extensions, Mobile Apps, and Desktop Apps:
Unlock with PIN can be enabled for Bitwarden Browser Extensions, Desktop, and Mobile:
### Enable for Browser Extensions
Complete the following steps to enable Unlock with PIN in your Browser Extension:
<ul class="nav nav-tabs" id="myTab" role="tablist">
<li class="nav-item" role="presentation">
<a class="nav-link active" id="betab" data-target="#browserextension" role="tab" aria-controls="browserextension" aria-selected="false">Browser Extension</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="desktab" data-target="#desktop" role="tab" aria-controls="desktop" aria-selected="false">Desktop</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link" id="mobtab" data-target="#mobile" role="tab" aria-controls="mobile" aria-selected="false">Mobile</a>
</li>
</ul>
<div class="tab-content" id="clientsContent">
<div class="tab-pane show active" id="browserextension" role="tabpanel" aria-labelledby="betab">
{% capture browser_extension %}
#### Enable for Browser Extension
To enable Unlock with PIN for your Browser Extension:
1. Open the {% icon fa-cogs %} **Settings** tab.
2. In the Security section, check the **Unlock with PIN** checkbox.
3. Enter the desired PIN code in the input box. PIN codes can be any combination of characters (a-z, 0-9, $, #, etc.).
2. Scroll down to the Security section and check the **Unlock with PIN** checkbox.
3. Enter the desired PIN code in the input box. Your PIN can be any combination of characters (a-z, 0-9, $, #, etc.).
{% callout success %}**Optional:** The pre-checked option **Lock with master password on browser restart** will require you to enter your Master Password instead of a PIN when your browser restarts. If you want to be able to unlock with a PIN when your browser restarts, uncheck this option.{% endcallout %}
{% callout success %}The pre-checked option **Lock with master password on browser restart** will require you to enter your Master Password instead of the PIN when your browser restarts. If you want the ability to unlock with a PIN even when the browser restarts, uncheck the option.{% endcallout %}
Regardless of whether you use the **Lock with master password on browser restart** option, your PIN settings will remain until you **log out** of Bitwarden.
Your Unlock with PIN settings will persist **until you log out**. When you log out of your Browser Extension, you'll need to re-enable Unlock with PIN.
{% endcapture %}
{{ browser_extension | markdownify}}
</div>
<div class="tab-pane" id="desktop" role="tabpanel" aria-labelledby="desktab">
{% capture desktop_info %}
Once enabled, you'll be prompted to **Verify PIN** to unlock the Browser Extension.
#### Enable for Desktop
### Enable for Desktop Apps
Complete the following steps to enable Unlock with PIN in your Browser Extension:
To enable Unlock with PIN for your Desktop app:
1. Open your **Settings** (on Windows, **File** &rarr; **Settings**) (on macOS, **Bitwarden** &rarr; **Preferences**).
2. In the Security section, check the **Unlock with PIN** checkbox.
3. Enter the desired PIN code in the input box. PIN codes can be any combination of characters (a-z, 0-9, $, #, etc.).
2. Scroll down to the Security section and check the **Unlock with PIN** checkbox.
3. Enter the desired PIN code in the input box. Your PIN can be any combination of characters (a-z, 0-9, $, #, etc.).
{% callout success %}**Optional:** The pre-checked option **Lock with master password on restart** will require you to enter your Master Password instead of a PIN when your app restarts. If you want to be able to unlock with a PIN when your app restarts, uncheck this option.{% endcallout %}
{% callout success %}The pre-checked option **Lock with master password on restart** will require you to enter your Master Password instea of the PIN when the app restarts. If you want the ability to unlock with a PIN when the app restarts, uncheck this option.{% endcallout %}
Regardless of whether you use the **Lock with master password on restart** option, your PIN settings will remain until you **log out** of Bitwarden.
Your Unlock with PIN settings will persist **until you log out**. When you log out of your Desktop App, you'll need to re-enable Unlock with PIN.
{% endcapture %}
{{ desktop_info | markdownify}}
</div>
<div class="tab-pane" id="mobile" role="tabpanel" aria-labelledby="mobtab">
{% capture mobile_info %}
Once enabled, you'll be prompted to **Verify PIN** to unlock the Desktop App.
#### Enable for Mobile
### Enable for Mobile Apps
Complete the following steps to enable Unlock with PIN in your Browser Extension:
To enable Unlock with PIN for your Mobile app:
1. Open the {% icon fa-cogs %} **Settings** tab.
2. In the Security section, tap the **Unlock with PIN code** option.
3. Enter the desired PIN code in the input box and tap **Submit**. PIN codes can be any combination of characters (a-z, 0-9, $, #, etc.).
2. Scroll down to the Security section and tap the **Unlock with PIN Code** option.
3. Enter the the desired PIN code in the input box. Your PIN can be any combination of characters (a-z, 0-9, $, #, etc.).
{% callout success %}A dialog box will appear asking `Do you want to require unlocking with your master password when the application is restarted?` Tap **Yes** to require you to enter your Master Password instead of a PIN after your apps restarts. Tap **No** to be able to unlock with a PIN after your app restarts.{% endcallout %}
{% callout success %}A dialog box will appear asking whether you want to require unlocking with your master password when the application is restarted. Tap **Yes** to require your Master Password instead of PIN when the app restarts. Tap **No** for the ability to unlock with the PIN when the app restarts.{% endcallout %}
Regardless of whether you use the **Lock with master password on app restart** option, your PIN settings will remain until you **log out** of Bitwarden.
Your Unlock with PIN settings will persist **until you log out**. When you log out of your Mobile App, you'll need to re-enable Unlock with PIN.
{% endcapture %}
{{ mobile_info | markdownify}}
</div>
</div>
Once enabled, you'll be prompted to **Verify PIN** to unlock the Mobile App.
## Understanding Unlock vs. Log In
In order to understand why unlocking and logging in aren't the same, it's important to remember that Bitwarden [never stores unencrypted data]({% link _articles/security/vault-data.md %}) on its servers. **When your Vault is neither unlocked nor logged in**, your Vault data only exists on the server in its [encrypted form]({% link _articles/security/what-encryption-is-used.md %}).
**Logging in** to Bitwarden **decrypts** your Vault data to your device. In practice, that means two things:
1. Logging in will always require your Master Password, because your Master Password is the source of the key needed to decrypt your Vault data. Additionally, because decryption is an operation that needs to be protected, this stage is where [any enabled Two-step Login methods]({% link _articles/two-step-login/setup-two-step-login.md %}) would be required.
2. Logging in will always require you to be connected to the internet (or, if you're self-hosting, connected to the server), because you need access to the encrypted Vault in order to decrypt it.
**Unlocking** can only be done when you're already logged in. In other words, only when your Vault data is already decrypted to your device. Because your Vault is already decrypted:
1. You don't need the decryption key derived from your Master Password, so you're free to use other access methods, like [PIN codes]({% link _articles/account/unlock-with-pin.md %}) and [biometrics]({% link _articles/account/biometrics.md %}).
2. You don't need to be connected to the internet (or, if you're self-hosting, connected to the server).