SSO with trusted devices allows you to authenticate, using SSO, to decrypt your vault using an encryption key stored on a device. Effectively, you could store the encryption key on your phone, which would allow you to unlock the desktop or web version of Bitwarden with your phone.
That way, instead of having to type a master password (which someone could either view or intercept), you unlock your phone and tap the request to authenticate, which unlocks your vault (wherever you are viewing it).
Now, with passwordless SSO, users are able to work with trusted devices, even on a Bitwarden enterprise account, thereby making it faster and more secure.
This, of course, doesn’t mean you’ll be limited only to SSO with trusted devices, as Bitwarden will still allow login with a master password or biometrics. But for enterprise customers, SSO with trusted devices is a far more efficient, secure, and scalable method of unlocking vaults.
The new SSO option only works with enterprise organizations (for both Bitwarden Password Manager and Bitwarden Secrets Manager) and admins must enable the Login with SSO function. Once that has been enabled, users can turn on SSO with trusted devices from within the app. Of course, if you’ve never used SSO, you’ll want to visit the Bitwarden help center to find out how.
Bitwarden also plans to roll out support for SSO with trusted devices for Firefox soon.