Password Managing Policy

The purpose of this policy is to maintain the security, consistency, and accessibility of company credentials. Leofit requires that all employees use Bitwarden as the sole password management system for company-related accounts and information.

About Bitwarden

The purpose of this policy is to establish a standardized and secure approach to password management across Leofit. This ensures that company credentials are properly protected, shared, and maintained using a unified password management solution – Bitwarden.

Benefits of Using Bitwarden

• Automatic Synchronization: Passwords are updated in real time across all authorized devices. When a password is changed, all users with appropriate access receive the update automatically—eliminating the need for manual notifications.
• Improved Security: Centralized storage reduces the risks associated with sharing passwords through unsecured methods such as emails, messages, or notes.
• Efficient Collaboration: Departmental collections within Bitwarden allow teams to securely share access to systems and applications relevant to their roles.
• Administrative Oversight: IT can ensure that all company credentials are properly maintained and protected under a single, controlled platform.

Using Bitwarden at Leofit

Mandatory Use of Bitwarden

All employees must use Bitwarden for storing and managing company passwords. Use of other password managers – including but not limited to Google Passwords, Apple Keychain, or browser-based password saving tools – is strictly prohibited.

The IT department will disable non-approved password managers on company systems.

Company Access and Ownership

All company-issued Bitwarden accounts are administered by Leofit.

• The company maintains administrative access to each employee’s Bitwarden vault used for work purposes. There is no expectation of privacy for any information stored in the company’s Bitwarden vaults.
• Bitwarden accounts are to be used for business purposes only. Personal passwords must not be stored within company-managed Bitwarden accounts.
• Owners may store personal passwords within their Bitwarden accounts as an owner’s privilege. There is no expectation of privacy for any information stored in the company’s Bitwarden vaults.

Password Organization and Sharing

When creating or updating a password in Bitwarden, employees must:

• Select Leofit as the Owner of the password entry.
• Assign the password to the appropriate Collections/Departments (e.g., Sales, Marketing, IT, etc.) to ensure proper access for authorized personnel.

Always ensure to select “Leofit” as the Owner of the login and to select proper Collections/Departments.