Post

Getting Started with Bitwarden

A guide for new users to set up Bitwarden, sign in securely, and start managing passwords across STRSI devices and services.

Posted Updated
By Trever Ehrfurth
3 min read
Getting Started with Bitwarden

Getting Started with Bitwarden

Bitwarden is STRSI’s secure password manager for storing, sharing, and managing company credentials. Access is granted through Microsoft SSO, and all company-related items are stored within the STRSI Organization Vault. This guide will walk you through signing in, using your vault, understanding company policies, and keeping personal and corporate data separate.

1. Access & Provisioning

How Access Works

STRSI uses Microsoft SSO + SCIM provisioning to manage Bitwarden accounts.
You do not create a Bitwarden account manually.

You will automatically receive access when:

  1. An admin places you in the Bitwarden Access security group in Azure AD.
  2. Bitwarden provisions your account via SCIM.
  3. You sign in using Use single sign-on and your @strsi.com email address.

Go to vault.bitwarden.com to sign in.

Admin Approval

Before you can save items, an admin must approve your account inside Bitwarden.
Once approved, you can store and manage items normally.

2. STRSI Organization Vault & “My Items”

STRSI uses the Enforce Organization Data Ownership policy.
This means:

  • You do not have a personal “My Vault”.
  • Instead, you get a private collection called My Items inside the Organization Vault.
  • Only you can access your My Items collection.

This ensures all data inside Bitwarden belongs to STRSI and is retained securely.

For reference: https://bitwarden.com/help/my-items/

Where Should You Store Things?

Type of PasswordStore In
Company accounts, shared systems, SaaS apps, internal toolsSTRSI Bitwarden – Organization Vault
Personal apps, banking, shopping, personal email, family itemsYour personal Bitwarden Family account

Do NOT store personal credentials in the STRSI Bitwarden organization.

3. Free Bitwarden Families Account

Every STRSI employee receives a free Bitwarden Families plan (normally $40/year).
This is yours personally and can be claimed using a personal email address.

You may:

  • Create a personal family vault
  • Add up to 5 family members
  • Store personal passwords
  • Manage your household’s security

This keeps personal and company credentials separate while giving you a premium tool for your home life.

4. Switching Between Corporate & Personal Accounts

Bitwarden supports multiple accounts on:

  • Browser extensions
  • Desktop app
  • Mobile app
  • Web vault

To switch:

  1. Open the Bitwarden extension.
  2. Select your profile at the top.
  3. Choose STRSI Organization Account or Personal Account.

This allows you to keep work and personal vaults isolated while using one interface.

5. Importing Passwords

Importing (Allowed)

You can import passwords into your STRSI account from:

  • Web browsers (Chrome, Edge, Firefox, etc.)
  • Other password managers

Exporting (Blocked)

Due to STRSI security policies, vault exporting is disabled.
This is intentional to prevent sensitive data leakage.

6. Authentication, Unlocking & Security Requirements

STRSI enforces the following security controls:

SSO Login (Required)

  • You must log in using Sign in with SSO.
  • Use your STRSI Microsoft account.

Master Password (Required for Unlocking)

Even though SSO handles account login:

  • A master password is still required to unlock Bitwarden.
  • This master password protects your encrypted vault locally.

Disabled or Restricted Features

The following features are turned off for security:

  • ❌ Unlock with PIN
  • ❌ Individual vault export
  • ❌ Multiple organizational memberships (Single Organization policy)

Admin Recovery

If necessary, STRSI IT can initiate account recovery.

7. Department Collections (Upcoming)

We are rolling out a structure where:

  • Each department receives its own top-level Collection.
  • Department leads can manage access.
  • Sub-collections may be created (e.g., IT > Infrastructure, IT > Security).
  • Granular permissions will ensure employees only see what they need.

This will support secure sharing and reduce accidental exposure.

8. Best Practices for End Users

✔ Use Bitwarden for all STRSI accounts

Store every company login—no spreadsheets, browsers, or note files.

✔ Keep personal and work data separate

Use:

  • STRSI account → work passwords
  • Family account → personal passwords

✔ Use strong, unique passwords + generator

Never reuse passwords across systems.

✔ Share credentials only via Collections

Never send passwords through:

  • Teams
  • Email
  • SMS
  • Slack

9. Getting Help

If you need assistance:

  • Access problems
  • SSO login issues
  • Not seeing your vault
  • Department collection missing
  • Password import questions

Contact Trever Ehrfurth.

Summary

With Bitwarden you get:

  • Secure company password storage
  • Microsoft SSO access
  • A private “My Items” collection
  • Free Bitwarden Families for personal use
  • Enforced STRSI security best practices
  • Future departmental collections for structured access

Bitwarden ensures STRSI credentials remain secure, centralized, and easy to manage—while giving you tools to protect your personal life as well.

Business Applications, Bitwarden
bitwarden password management onboarding security
This post is licensed under CC BY 4.0 by the author.