diff --git a/.eslintrc.json b/.eslintrc.json
index 3a1c197326d4..fae64d869e85 100644
--- a/.eslintrc.json
+++ b/.eslintrc.json
@@ -4,7 +4,7 @@
     "browser": true,
     "webextensions": true
   },
-  "plugins": ["@typescript-eslint", "rxjs", "rxjs-angular"],
+  "plugins": ["@typescript-eslint", "rxjs", "rxjs-angular", "import"],
   "parser": "@typescript-eslint/parser",
   "parserOptions": {
     "project": ["./tsconfig.eslint.json"],
@@ -18,6 +18,16 @@
     "prettier",
     "plugin:rxjs/recommended"
   ],
+  "settings": {
+    "import/parsers": {
+      "@typescript-eslint/parser": [".ts"]
+    },
+    "import/resolver": {
+      "typescript": {
+        "alwaysTryTypes": true
+      }
+    }
+  },
   "rules": {
     "@typescript-eslint/no-explicit-any": "off", // TODO: This should be re-enabled
     "@typescript-eslint/no-unused-vars": ["error", { "args": "none" }],
@@ -65,6 +75,27 @@
         "selector": "CallExpression[callee.name='svgIcon']"
       }
     ],
-    "curly": ["error", "all"]
+    "curly": ["error", "all"],
+    "import/namespace": ["off"], // This doesn't resolve namespace imports correctly, but TS will throw for this anyway
+    "import/no-restricted-paths": [
+      "error",
+      {
+        "zones": [
+          // Do not allow angular/node/electron code to be imported into common
+          {
+            "target": "./libs/common/**/*",
+            "from": "./libs/angular/**/*"
+          },
+          {
+            "target": "./libs/common/**/*",
+            "from": "./libs/node/**/*"
+          },
+          {
+            "target": "./libs/common/**/*",
+            "from": "./libs/electron/**/*"
+          }
+        ]
+      }
+    ]
   }
 }
diff --git a/.github/workflows/build-web-ee.yml b/.github/workflows/build-web-ee.yml
new file mode 100644
index 000000000000..678ccd83200e
--- /dev/null
+++ b/.github/workflows/build-web-ee.yml
@@ -0,0 +1,16 @@
+---
+name: Build Web for EE
+
+on:
+  workflow_dispatch:
+
+jobs:
+  stub:
+    name: stub
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b  # v3.0.2
+
+      - name: Stub
+        run: print 'This is only a stub'
diff --git a/.github/workflows/build-web.yml b/.github/workflows/build-web.yml
index a5fc5f6185b7..94396b757097 100644
--- a/.github/workflows/build-web.yml
+++ b/.github/workflows/build-web.yml
@@ -117,15 +117,11 @@ jobs:
         working-directory: apps/web
         run: npm run ${{ matrix.npm_command }}
 
-      - name: Package ${{ matrix.name }} artifact
-        working-directory: apps/web
-        run: zip -r web-$_VERSION-${{ matrix.name }}.zip build
-
       - name: Upload ${{ matrix.name }} artifact
         uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535  # v3.0.0
         with:
           name: web-${{ env._VERSION }}-${{ matrix.name }}.zip
-          path: apps/web/web-${{ env._VERSION }}-${{ matrix.name }}.zip
+          path: apps/web/build
           if-no-files-found: error
 
   build-commercial-selfhost-image:
@@ -155,11 +151,7 @@ jobs:
         uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
         with:
           name: web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip
-          path: apps/web
-
-      - name: Extract selfhosted-COMMERCIAL artifact
-        working-directory: apps/web
-        run: unzip web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip
+          path: apps/web/build
 
       - name: Build Docker image
         working-directory: apps/web
@@ -266,11 +258,7 @@ jobs:
         uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
         with:
           name: web-${{ env._VERSION }}-cloud-QA.zip
-          path: apps/web
-
-      - name: Extract cloud-QA artifact
-        working-directory: apps/web
-        run: unzip web-${{ env._VERSION }}-cloud-QA.zip
+          path: apps/web/build
 
       - name: Build Docker image
         working-directory: apps/web
@@ -367,6 +355,7 @@ jobs:
       - cloc
       - setup
       - build-artifacts
+      - build-commercial-selfhost-image
       - build-qa
       - crowdin-push
     steps:
@@ -376,6 +365,7 @@ jobs:
           CLOC_STATUS: ${{ needs.cloc.result }}
           SETUP_STATUS: ${{ needs.setup.result }}
           ARTIFACT_STATUS: ${{ needs.build-artifacts.result }}
+          BUILD_SELFHOST_STATUS: ${{ needs.build-commercial-selfhost-image.result }}
           BUILD_QA_STATUS: ${{ needs.build-qa.result }}
           CROWDIN_PUSH_STATUS: ${{ needs.crowdin-push.result }}
         run: |
@@ -385,6 +375,8 @@ jobs:
               exit 1
           elif [ "$ARTIFACT_STATUS" = "failure" ]; then
               exit 1
+          elif [ "$BUILD_SELFHOST_STATUS" = "failure" ]; then
+              exit 1
           elif [ "$BUILD_QA_STATUS" = "failure" ]; then
               exit 1
           elif [ "$CROWDIN_PUSH_STATUS" = "failure" ]; then
diff --git a/.github/workflows/release-qa-web.yml b/.github/workflows/release-qa-web.yml
index 80d15ac653de..1e31c95cbebb 100644
--- a/.github/workflows/release-qa-web.yml
+++ b/.github/workflows/release-qa-web.yml
@@ -2,94 +2,12 @@
 name: QA - Web Release
 
 on:
-  workflow_dispatch:
-    inputs:
-      image_extension:
-        description: "Image tag extension"
-        required: false
-      azure_publish:
-        description: 'Release to Azure'
-        required: false
-        default: true
-        type: boolean
-      cloudflare_publish:
-        description: 'Release to Cloudflare'
-        required: false
-        default: true
-        type: boolean
-
-env:
-  _QA_CLUSTER_RESOURCE_GROUP: "bw-env-qa"
-  _QA_CLUSTER_NAME: "bw-aks-qa"
-  _QA_K8S_NAMESPACE: "bw-qa"
-  _QA_K8S_APP_NAME: "bw-web"
+  workflow_dispatch: {}
 
 jobs:
-  deploy:
-    name: Deploy QA Web
-    if: inputs.azure_publish
-    runs-on: ubuntu-20.04
-    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b  # v3.0.2
-
-      - name: Setup
-        run: export PATH=$PATH:~/work/web/web
-
-      - name: Login to Azure
-        uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010  # v1.1
-        with:
-          creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
-
-      - name: Retrieve secrets
-        id: retrieve-secrets
-        env:
-          KEYVAULT: bitwarden-qa-kv
-          SECRETS: |
-            qa-aks-kubectl-credentials
-        run: |
-          for i in ${SECRETS//,/ }
-          do
-            VALUE=$(az keyvault secret show --vault-name $KEYVAULT --name $i --query value --output tsv)
-            echo "::add-mask::$VALUE"
-            echo "::set-output name=$i::$VALUE"
-          done
-
-      - name: Login with qa-aks-kubectl-credentials SP
-        uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010  # v1.1
-        with:
-          creds: ${{ env.qa-aks-kubectl-credentials }}
-
-      - name: Setup AKS access
-        run: |
-          echo "---az install---"
-          az aks install-cli --install-location ./kubectl --kubelogin-install-location ./kubelogin
-          echo "---az get-creds---"
-          az aks get-credentials -n $_QA_CLUSTER_NAME -g $_QA_CLUSTER_RESOURCE_GROUP
-
-      - name: Get image tag
-        id: image_tag
-        run: |
-          IMAGE_TAG=$(echo "${GITHUB_REF:11}" | sed "s#/#-#g")
-          TAG_EXTENSION=${{ github.event.inputs.image_extension }}
-
-          if [[ $TAG_EXTENSION ]]; then
-            IMAGE_TAG=$IMAGE_TAG-$TAG_EXTENSION
-          fi
-          echo "::set-output name=value::$IMAGE_TAG"
-
-      - name: Deploy Web image
-        env:
-          IMAGE_TAG: ${{ steps.image_tag.outputs.value }}
-        run: |
-          kubectl set image -n $_QA_K8S_NAMESPACE deployment/web web=bitwardenqa.azurecr.io/web:$IMAGE_TAG --record
-          kubectl rollout restart -n $_QA_K8S_NAMESPACE deployment/web
-          kubectl rollout status deployment/web -n $_QA_K8S_NAMESPACE
-
   cfpages-deploy:
     name: Deploy Web Vault to QA CloudFlare Pages branch
     runs-on: ubuntu-20.04
-    if: inputs.cloudflare_publish
     steps:
       - name: Create GitHub deployment
         uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
diff --git a/.prettierignore b/.prettierignore
index 8790a1e73ff0..b1c9359fa1ee 100644
--- a/.prettierignore
+++ b/.prettierignore
@@ -27,3 +27,6 @@ libs/.github
 
 # Github Workflows
 .github/workflows
+
+# Forked library files
+libs/common/src/types/deep-jsonify.ts
diff --git a/apps/browser/src/_locales/ar/messages.json b/apps/browser/src/_locales/ar/messages.json
index 34abd9594f5f..a6fb87d23055 100644
--- a/apps/browser/src/_locales/ar/messages.json
+++ b/apps/browser/src/_locales/ar/messages.json
@@ -500,13 +500,13 @@
     "message": "هل أنت متأكد من حذف هذا المجلّد؟"
   },
   "deletedFolder": {
-    "message": "Deleted folder"
+    "message": "تم حذف المجلد"
   },
   "gettingStartedTutorial": {
-    "message": "Getting Started Tutorial"
+    "message": "لنبدأ نتعلم معاً"
   },
   "gettingStartedTutorialVideo": {
-    "message": "Watch our getting started tutorial to learn how to get the most out of the browser extension."
+    "message": "مشاهدة دروس البَدْء تمكنك من الحصول على أقصى أستفادة من ملحق المتصفح."
   },
   "syncingComplete": {
     "message": "تم إكمال المزامنة"
@@ -531,13 +531,13 @@
     }
   },
   "newUri": {
-    "message": "New URI"
+    "message": "رابط جديد"
   },
   "addedItem": {
-    "message": "Added item"
+    "message": "تمت إضافة العنصر"
   },
   "editedItem": {
-    "message": "Edited item"
+    "message": "تم تعديل العنصر"
   },
   "deleteItemConfirmation": {
     "message": "هل تريد حقاً أن ترسل إلى سلة المهملات؟"
diff --git a/apps/browser/src/_locales/be/messages.json b/apps/browser/src/_locales/be/messages.json
index b132e0c464a4..e7f0f7a8015d 100644
--- a/apps/browser/src/_locales/be/messages.json
+++ b/apps/browser/src/_locales/be/messages.json
@@ -20,7 +20,7 @@
     "message": "Увайсці"
   },
   "enterpriseSingleSignOn": {
-    "message": "Адзіны ўваход у карпаратыўную сістэму (SSO)."
+    "message": "Адзіны ўваход прадпрыемства (SSO)"
   },
   "cancel": {
     "message": "Скасаваць"
@@ -32,7 +32,7 @@
     "message": "Адправіць"
   },
   "emailAddress": {
-    "message": "Адрас эл. пошты"
+    "message": "Адрас электроннай пошты"
   },
   "masterPass": {
     "message": "Асноўны пароль"
@@ -41,7 +41,7 @@
     "message": "Асноўны пароль — ключ да вашага бяспечнага сховішча. Ён вельмі важны, таму не забывайце яго. Аднавіць асноўны пароль немагчыма."
   },
   "masterPassHintDesc": {
-    "message": "Падказка да асноўнага пароля можа дапамагчы вам яго ўспомніць."
+    "message": "Падказка да асноўнага пароля можа дапамагчы вам успомніць яго, калі вы яго забылі."
   },
   "reTypeMasterPass": {
     "message": "Увядзіце асноўны пароль паўторна"
@@ -71,34 +71,34 @@
     "message": "Бягучая ўкладка"
   },
   "copyPassword": {
-    "message": "Капіяваць пароль"
+    "message": "Скапіяваць пароль"
   },
   "copyNote": {
-    "message": "Капіяваць нататку"
+    "message": "Скапіяваць нататку"
   },
   "copyUri": {
-    "message": "Капіяваць URI"
+    "message": "Скапіяваць URI"
   },
   "copyUsername": {
-    "message": "Капіяваць імя карыстальніка"
+    "message": "Скапіяваць імя карыстальніка"
   },
   "copyNumber": {
-    "message": "Капіяваць нумар"
+    "message": "Скапіяваць нумар"
   },
   "copySecurityCode": {
-    "message": "Капіяваць код бяспекі"
+    "message": "Скапіяваць код бяспекі"
   },
   "autoFill": {
     "message": "Аўтазапаўненне"
   },
   "generatePasswordCopied": {
-    "message": "Стварыць пароль (з капіяваннем)"
+    "message": "Генерыраваць пароль (з капіяваннем)"
   },
   "copyElementIdentifier": {
     "message": "Скапіяваць назву карыстальніцкага пароля"
   },
   "noMatchingLogins": {
-    "message": "Няма падыходных уліковых даных."
+    "message": "Няма адпаведных лагінаў."
   },
   "unlockVaultMenu": {
     "message": "Разблакіраваць сховішча"
@@ -110,7 +110,7 @@
     "message": "Няма ўліковых даных, даступных для аўтазапаўнення ў бягучую ўкладку браўзера."
   },
   "addLogin": {
-    "message": "Дадаць ўліковыя даныя"
+    "message": "Дадаць лагін"
   },
   "addItem": {
     "message": "Дадаць элемент"
@@ -119,10 +119,10 @@
     "message": "Падказка да пароля"
   },
   "enterEmailToGetHint": {
-    "message": "Увядзіце адрас электроннай пошты ўліковага запісу для атрымання падказкі для асноўнага пароля."
+    "message": "Увядзіце адрас электроннай пошты ўліковага запісу для атрымання падказкі да асноўнага пароля."
   },
   "getMasterPasswordHint": {
-    "message": "Атрымаць падказку для асноўнага пароля"
+    "message": "Атрымаць падказку да асноўнага пароля"
   },
   "continue": {
     "message": "Працягнуць"
@@ -208,23 +208,23 @@
     "message": "Генератар пароляў"
   },
   "generator": {
-    "message": "Згенерыраваць",
+    "message": "Генератар",
     "description": "Short for 'Password Generator'."
   },
   "passGenInfo": {
-    "message": "Аўтаматычна ствараць моцныя, унікальныя паролі для вашых уліковых даных."
+    "message": "Аўтаматычна генерыруйце надзейныя і ўнікальныя паролі для вашых лагінаў."
   },
   "bitWebVault": {
     "message": "Вэб-сховішча Bitwarden"
   },
   "importItems": {
-    "message": "Імпарт элементаў"
+    "message": "Імпартаванне элементаў"
   },
   "select": {
     "message": "Выбраць"
   },
   "generatePassword": {
-    "message": "Стварыць пароль"
+    "message": "Генерыраваць пароль"
   },
   "regeneratePassword": {
     "message": "Стварыць новы пароль"
@@ -254,17 +254,17 @@
     "message": "Раздзяляльнік слоў"
   },
   "capitalize": {
-    "message": "З вялікай літары",
+    "message": "Вялікія літары",
     "description": "Make the first letter of a work uppercase."
   },
   "includeNumber": {
     "message": "Уключыць лічбу"
   },
   "minNumbers": {
-    "message": "Мін. колькасць лічбаў"
+    "message": "Мінімум лічбаў"
   },
   "minSpecial": {
-    "message": "Мін. колькасць сімвалаў"
+    "message": "Мінімум спецыяльных сімвалаў"
   },
   "avoidAmbChar": {
     "message": "Пазбягаць неадназначных сімвалаў"
@@ -300,10 +300,10 @@
     "message": "Нататкі"
   },
   "note": {
-    "message": "Нататкі"
+    "message": "Нататка"
   },
   "editItem": {
-    "message": "Рэдагаванне элемента"
+    "message": "Рэдагаваць элемент"
   },
   "folder": {
     "message": "Папка"
@@ -324,7 +324,7 @@
     "message": "Пераключыць бачнасць"
   },
   "manage": {
-    "message": "Кіраваць"
+    "message": "Кіраванне"
   },
   "other": {
     "message": "Iншае"
@@ -348,7 +348,7 @@
     "message": "Разблакіраваць"
   },
   "loggedInAsOn": {
-    "message": "Выкананы ўваход на $HOSTNAME$ як $EMAIL$.",
+    "message": "Вы ўвайшлі як $HOSTNAME$ у $EMAIL$.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -403,7 +403,7 @@
     "message": "4 гадзіны"
   },
   "onLocked": {
-    "message": "Разам з камп'ютарам"
+    "message": "Пры блакіраванні сістэмы"
   },
   "onRestart": {
     "message": "Пры перазапуску браўзера"
@@ -433,7 +433,7 @@
     "message": "Асноўны пароль павінен быць даўжынёй не менш за 8 сімвалаў."
   },
   "masterPassDoesntMatch": {
-    "message": "Асноўныя паролі не супадаюць."
+    "message": "Пацвярджэнне асноўнага пароля не супадае."
   },
   "newAccountCreated": {
     "message": "Ваш уліковы запіс створаны! Вы можаце ўвайсці."
@@ -448,7 +448,7 @@
     "message": "Памылковы праверачны код"
   },
   "valueCopied": {
-    "message": "$VALUE$ скапіяваны(-а)",
+    "message": "$VALUE$ скапіяваны",
     "description": "Value has been copied to the clipboard.",
     "placeholders": {
       "value": {
@@ -458,10 +458,10 @@
     }
   },
   "autofillError": {
-    "message": "Не ўдаецца аўтаматычна запоўніць выбраны элемент на гэтай старонцы. Скапіюйце і ўстаўце інфармацыю ўручную."
+    "message": "Немагчыма аўтазапоўніць выбраны элемент на гэтай старонцы. Скапіюйце і ўстаўце інфармацыю ўручную."
   },
   "loggedOut": {
-    "message": "Вы выйшлі са сховішча"
+    "message": "Вы выйшлі"
   },
   "loginExpired": {
     "message": "Скончыўся тэрмін дзеяння вашага сеансу."
@@ -479,7 +479,7 @@
     "message": "Адбылася нечаканая памылка."
   },
   "nameRequired": {
-    "message": "Патрэбна назва."
+    "message": "Патрабуецца назва."
   },
   "addedFolder": {
     "message": "Папка дададзена"
@@ -503,7 +503,7 @@
     "message": "Папка выдалена"
   },
   "gettingStartedTutorial": {
-    "message": "Дапаможнік па пачатку працы"
+    "message": "Уводзіны ў карыстанне праграмай"
   },
   "gettingStartedTutorialVideo": {
     "message": "Праглядзіце невялікі навучальны матэрыял, каб даведацца. як атрымаць максімальную аддачу ад пашырэння браўзера."
@@ -540,7 +540,7 @@
     "message": "Элемент адрэдагаваны"
   },
   "deleteItemConfirmation": {
-    "message": "Вы ўпэўнены, што хочаце выдаліць гэты элемент?"
+    "message": "Вы ўпэўнены, што хочаце адправіць гэты элемент у сметніцу?"
   },
   "deletedItem": {
     "message": "Выдалены элемент"
@@ -574,19 +574,19 @@
     "message": "Пытацца пры дадаванні лагіна"
   },
   "addLoginNotificationDesc": {
-    "message": "Апавяшчэнне аб даданні ўліковых даных аўтаматычна прапануе вам захаваць новыя ўліковыя даныя ў сховішчы."
+    "message": "Пытацца пра дадаванне элемента, калі ён адсутнічае ў вашым сховішчы."
   },
   "showCardsCurrentTab": {
     "message": "Паказваць карткі на старонцы з укладкамі"
   },
   "showCardsCurrentTabDesc": {
-    "message": "Паказваць спіс элементаў на старонцы з укладкамі для лёгкага аўтазапаўнення."
+    "message": "Спіс элементаў картак на старонцы з укладкамі для лёгкага аўтазапаўнення."
   },
   "showIdentitiesCurrentTab": {
     "message": "Паказваць пасведчанні на старонцы з укладкамі"
   },
   "showIdentitiesCurrentTabDesc": {
-    "message": "Паказваць пасведчанні элементаў на старонцы з укладкамі для лёгкага аўтазапаўнення."
+    "message": "Спіс элементаў пасведчання на старонцы з укладкамі для лёгкага аўтазапаўнення."
   },
   "clearClipboard": {
     "message": "Ачыстка буфера абмену",
@@ -603,13 +603,13 @@
     "message": "Так, захаваць зараз"
   },
   "enableChangedPasswordNotification": {
-    "message": "Пытацца пра абнаўленні існуючых даных уваходу"
+    "message": "Пытацца пра абнаўленні існуючага лагіна"
   },
   "changedPasswordNotificationDesc": {
-    "message": "Пытаць пра абнаўленне пароля ўваходу пры выяўленні змяненняў на вэб-сайце."
+    "message": "Пытацца пра абнаўленне пароля ад лагіна пры выяўленні змяненняў на вэб-сайце."
   },
   "notificationChangeDesc": {
-    "message": "Вы хочаце абнавіць гэты пароль у Bitwarden?"
+    "message": "Хочаце абнавіць гэты пароль у Bitwarden?"
   },
   "notificationChangeSave": {
     "message": "Так, абнавіць зараз"
@@ -621,17 +621,17 @@
     "message": "Выкарыстоўваць падвоены націск для доступу да генератара пароля і супастаўлення лагінаў для вэб-сайтаў. "
   },
   "defaultUriMatchDetection": {
-    "message": "Выяўленне супадзення URI па змаўчанні",
+    "message": "Прадвызначанае выяўленне супадзення URI",
     "description": "Default URI match detection for auto-fill."
   },
   "defaultUriMatchDetectionDesc": {
-    "message": "Выберыце спосаб па змаўчанні, які выкарыстоўваецца пры вызначэнні адпаведнасці URI для ўліковых даных пры выкананні такіх дзеянняў, як аўтаматычнае запаўненне."
+    "message": "Выберыце прадвызначаны спосаб вызначэння адпаведнасці URI для лагінаў пры выкананні такіх дзеянняў, як аўтаматычнае запаўненне."
   },
   "theme": {
     "message": "Тэма"
   },
   "themeDesc": {
-    "message": "Змена колеравай тэмы праграмы."
+    "message": "Змена каляровай тэмы праграмы."
   },
   "dark": {
     "message": "Цёмная",
@@ -646,7 +646,7 @@
     "description": "'Solarized' is a noun and the name of a color scheme. It should not be translated."
   },
   "exportVault": {
-    "message": "Экспарт сховішча"
+    "message": "Экспартаваць сховішча"
   },
   "fileFormat": {
     "message": "Фармат файла"
@@ -656,7 +656,7 @@
     "description": "WARNING (should stay in capitalized letters if the language permits)"
   },
   "confirmVaultExport": {
-    "message": "Пацвердзіць экспарт сховішча"
+    "message": "Пацвердзіць экспартаванне сховішча"
   },
   "exportWarningDesc": {
     "message": "Экспартуемы файл утрымлівае даныя вашага сховішча ў незашыфраваным фармаце. Яго не варта захоўваць ці адпраўляць па небяспечным каналам (напрыклад, па электроннай пошце). Выдаліце яго адразу пасля выкарыстання."
@@ -668,7 +668,7 @@
     "message": "Ключы шыфравання з'яўляюцца ўнікальнымі для кожнага ўліковага запісу Bitwarden, таму нельга імпартаваць зашыфраванае сховішча ў іншы ўліковы запіс."
   },
   "exportMasterPassword": {
-    "message": "Увядзіце ваш асноўны пароль для экспарту даных са сховішча."
+    "message": "Увядзіце ваш асноўны пароль для экспартавання даных сховішча."
   },
   "shared": {
     "message": "Абагуленыя"
@@ -705,13 +705,13 @@
     "message": "Даведацца больш"
   },
   "authenticatorKeyTotp": {
-    "message": "Ключ праверкі сапраўднасці (TOTP)"
+    "message": "Ключ аўтэнтыфікацыі (TOTP)"
   },
   "verificationCodeTotp": {
     "message": "Код праверкі (TOTP)"
   },
   "copyVerificationCode": {
-    "message": "Капіяваць код праверкі"
+    "message": "Скапіяваць праверачны код"
   },
   "attachments": {
     "message": "Далучэнні"
@@ -753,7 +753,7 @@
     "message": "Прэміяльны статус"
   },
   "premiumManage": {
-    "message": "Кіраванне статусам"
+    "message": "Кіраваць статусам"
   },
   "premiumManageAlert": {
     "message": "Вы можаце кіраваць сваім статусам на bitwarden.com. Перайсці на сайт зараз?"
@@ -798,7 +798,7 @@
     "message": "Дзякуем вам за падтрымку Bitwarden."
   },
   "premiumPrice": {
-    "message": "Усяго толькі за $PRICE$ на год!",
+    "message": "Усяго за $PRICE$ у год!",
     "placeholders": {
       "price": {
         "content": "$1",
@@ -810,13 +810,13 @@
     "message": "Абнаўленне завершана"
   },
   "enableAutoTotpCopy": {
-    "message": "Капіяваць TOTP аўтаматычна"
+    "message": "Скапіяваць TOTP аўтаматычна"
   },
   "disableAutoTotpCopyDesc": {
-    "message": "Калі да вашых уліковых даных прымацаваны ключ праверкі сапраўднасці, то код пацвярджэння TOTP будзе скапіяваны пры аўтазапаўненні ўліковых даных."
+    "message": "Калі ў лагіна ёсць ключ аўтэнтыфікацыі, то праверачны код TOTP будзе скапіяваны ў буфер абмену пры аўтазапаўненні ўваходу."
   },
   "enableAutoBiometricsPrompt": {
-    "message": "Запытваць біяметрыю пры запуску"
+    "message": "Пытацца пра біяметрыю пры запуску"
   },
   "premiumRequired": {
     "message": "Патрабуецца прэміяльны статус"
@@ -825,10 +825,10 @@
     "message": "Для выкарыстання гэтай функцыі патрабуецца прэміяльны статус."
   },
   "enterVerificationCodeApp": {
-    "message": "Увядзіце 6 лічбаў кода праверкі з вашай праграмы праверкі сапраўднасці."
+    "message": "Увядзіце 6 лічбаў праверачнага кода з вашай праграмы аўтэнтыфікацыі."
   },
   "enterVerificationCodeEmail": {
-    "message": "Увядзіце 6 лічбаў кода праверкі, які быў адпраўлены на $EMAIL$.",
+    "message": "Увядзіце 6 лічбаў праверачнага кода, які быў адпраўлены на $EMAIL$.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -855,10 +855,10 @@
     "message": "Выкарыстоўваць іншы метад двухэтапнага ўваходу"
   },
   "insertYubiKey": {
-    "message": "Устаўце ваш YubiKey ў порт USB вашага камп'ютара, затым націсніце на кнопку."
+    "message": "Устаўце свой YubiKey у порт USB камп'ютара, а потым націсніце на кнопку."
   },
   "insertU2f": {
-    "message": "Устаўце ваш ключ бяспекі ў порт USB вашага камп'ютара. Калі на ім ёсць кнопка, націсніце на яе."
+    "message": "Устаўце ваш ключ бяспекі ў порт USB камп'ютара. Калі на ім ёсць кнопка, націсніце на яе."
   },
   "webAuthnNewTab": {
     "message": "Каб пачаць праверку WebAuthn 2FA, націсніце кнопку знізу для адкрыцця новай укладкі і прытрымлівайцеся інструкцый, якія паказаны ў новай укладцы."
@@ -882,13 +882,13 @@
     "message": "Параметры двухэтапнага ўваходу"
   },
   "recoveryCodeDesc": {
-    "message": "Згубілі доступ да ўсіх варыянтаў двухэтапнага ўваходу? Скарыстайцеся кодам аднаўлення, каб адключыць двухэтапны ўваход для вашага ўліковага запісу."
+    "message": "Згубілі доступ да ўсіх варыянтаў доступу пастаўшчыкоў двухэтапнай аўтэнтыфікацыі? Скарыстайцеся кодам аднаўлення, каб адключыць праверку пастаўшчыкоў двухэтапнай аўтэнтыфікацыі для вашага ўліковага запісу."
   },
   "recoveryCodeTitle": {
     "message": "Код аднаўлення"
   },
   "authenticatorAppTitle": {
-    "message": "Праграма праверкі сапраўднасці"
+    "message": "Праграма аўтэнтыфікацыі"
   },
   "authenticatorAppDesc": {
     "message": "Выкарыстоўвайце праграму для праверкі сапраўднасці (напрыклад, Authy або Google Authenticator) для стварэння кодаў праверкі на аснове часу.",
@@ -927,22 +927,22 @@
     "message": "Увядзіце асноўны URL-адрас на вашым серверы."
   },
   "customEnvironment": {
-    "message": "Налады асяроддзя"
+    "message": "Карыстальніцкае асяроддзе"
   },
   "customEnvironmentFooter": {
-    "message": "Для вопытных карыстальнікаў. Можна ўвесці URL-адрасы асобна для кжонай службы."
+    "message": "Для дасведчаных карыстальнікаў. Можна ўвесці URL-адрасы асобна для кожнай службы."
   },
   "baseUrl": {
     "message": "URL-адрас сервера"
   },
   "apiUrl": {
-    "message": "API URL-адраса сервера"
+    "message": "Сервер URL-адраса API"
   },
   "webVaultUrl": {
     "message": "URL-адрас сервера вэб-сховішча"
   },
   "identityUrl": {
-    "message": "URL-адрас сервера ідэнтыфікацыі"
+    "message": "URL-адрас сервера пасведчання"
   },
   "notificationsUrl": {
     "message": "URL-адрас сервера апавяшчэнняў"
@@ -954,22 +954,22 @@
     "message": "URL-адрас сервера асяроддзя захаваны."
   },
   "enableAutoFillOnPageLoad": {
-    "message": "Уключыць аўтазапаўненне пры загрузцы старонкі"
+    "message": "Аўтазапаўненне пры загрузцы старонкі"
   },
   "enableAutoFillOnPageLoadDesc": {
-    "message": "Пры выяўленні формы ўваходу выконваецца аўтазапаўненне падчас загрузкі вэб-старонкі."
+    "message": "Калі выяўлена форма ўваходу, то будзе выканана яе аўтазапаўненне падчас загрузкі вэб-старонкі."
   },
   "experimentalFeature": {
     "message": "Гэта эксперыментальная функцыя. Выкарыстоўвайце на свой страх і рызыку."
   },
   "defaultAutoFillOnPageLoad": {
-    "message": "Прадвызначана налада аўтазапаўнення для элементаў уваходу"
+    "message": "Прадвызначаная налада аўтазапаўнення для элементаў уваходу"
   },
   "defaultAutoFillOnPageLoadDesc": {
     "message": "Вы можаце выключыць аўтазапаўненне на старонцы загрузцы для асобных элементаў уваходу ў меню \"Рэдагаваць\"."
   },
   "itemAutoFillOnPageLoad": {
-    "message": "Аўтазапаўненне пры загрузцы (калі ўключана ў параметрах праграмы)"
+    "message": "Аўтазапаўненне пры загрузцы старонкі (калі ўключана ў параметрах праграмы)"
   },
   "autoFillOnPageLoadUseDefault": {
     "message": "Выкарыстоўваць прадвызначаныя налады"
@@ -987,10 +987,10 @@
     "message": "Адкрыць сховішча ў бакавой панэлі"
   },
   "commandAutofillDesc": {
-    "message": "Аўтазапаўненне апошніх скарыстаных уліковых даных для бягучага вэб-сайта."
+    "message": "Аўтазапаўненне апошняга скарыстанага лагіна для бягучага вэб-сайта"
   },
   "commandGeneratePasswordDesc": {
-    "message": "Стварыць і капіяваць новы выпадковы парольу буфер абмену."
+    "message": "Генерыраваць і скапіяваць новы выпадковы пароль у буфер абмену"
   },
   "commandLockVaultDesc": {
     "message": "Заблакіраваць сховішча"
@@ -1002,7 +1002,7 @@
     "message": "Карыстальніцкія палі"
   },
   "copyValue": {
-    "message": "Капіяваць значэнне"
+    "message": "Скапіяваць значэнне"
   },
   "value": {
     "message": "Значэнне"
@@ -1020,7 +1020,7 @@
     "message": "Схавана"
   },
   "cfTypeBoolean": {
-    "message": "Лагічнае"
+    "message": "Булева"
   },
   "cfTypeLinked": {
     "message": "Звязана",
@@ -1031,7 +1031,7 @@
     "description": "This describes a value that is 'linked' (tied) to another value."
   },
   "popup2faCloseMessage": {
-    "message": "Націск за межамі гэтага акна для прагляду кода праверкі з электроннай пошты прывядзе да яго закрыцця. Адкрыць bitwarden у новым акне?"
+    "message": "Націск за межамі ўсплывальнага акна для прагляду праверачнага кода прывядзе да яго закрыцця. Адкрыць гэта ўсплывальнае акно ў новым акне, якое не закрыецца?"
   },
   "popupU2fCloseMessage": {
     "message": "Гэты браўзар не можа апрацоўваць запыты U2F у гэтым усплывальным акне. Вы хочаце адкрыць гэта ўсплывальнае акно ў новым акне, каб мець магчымасць увайсці ў сістэму, выкарыстоўваючы U2F?"
@@ -1058,10 +1058,10 @@
     "message": "Тып карткі"
   },
   "expirationMonth": {
-    "message": "Месяц заканчэння"
+    "message": "Месяц завяршэння"
   },
   "expirationYear": {
-    "message": "Год заканчэння"
+    "message": "Год завяршэння"
   },
   "expiration": {
     "message": "Тэрмін дзеяння"
@@ -1079,7 +1079,7 @@
     "message": "Красавік"
   },
   "may": {
-    "message": "Май"
+    "message": "Травень"
   },
   "june": {
     "message": "Чэрвень"
@@ -1121,7 +1121,7 @@
     "message": "Пані"
   },
   "dr": {
-    "message": "Док."
+    "message": "Доктар"
   },
   "firstName": {
     "message": "Імя"
@@ -1136,7 +1136,7 @@
     "message": "Поўнае імя"
   },
   "identityName": {
-    "message": "Імя"
+    "message": "Імя пасведчання"
   },
   "company": {
     "message": "Кампанія"
@@ -1160,13 +1160,13 @@
     "message": "Адрас"
   },
   "address1": {
-    "message": "Радок адрасу 1"
+    "message": "Адрас 1"
   },
   "address2": {
-    "message": "Радок адрасу 2"
+    "message": "Адрас 2"
   },
   "address3": {
-    "message": "Радок адрасу 3"
+    "message": "Адрас 3"
   },
   "cityTown": {
     "message": "Горад / Пасёлак"
@@ -1184,7 +1184,7 @@
     "message": "Тып"
   },
   "typeLogin": {
-    "message": "Уліковыя даныя"
+    "message": "Лагін"
   },
   "typeLogins": {
     "message": "Уліковыя даныя"
@@ -1223,7 +1223,7 @@
     "message": "Пасведчанні"
   },
   "logins": {
-    "message": "Уліковыя даныя"
+    "message": "Лагіны"
   },
   "secureNotes": {
     "message": "Бяспечныя нататкі"
@@ -1256,7 +1256,7 @@
     "description": "Domain name. Ex. website.com"
   },
   "host": {
-    "message": "Хост",
+    "message": "Вузел",
     "description": "A URL's host value. For example, the host of https://sub.domain.com:443 is 'sub.domain.com:443'."
   },
   "exact": {
@@ -1274,7 +1274,7 @@
     "description": "URI match detection for auto-fill."
   },
   "defaultMatchDetection": {
-    "message": "Метад выяўлення па змаўчанні",
+    "message": "Прадвызначаны метад выяўлення",
     "description": "Default URI match detection for auto-fill."
   },
   "toggleOptions": {
@@ -1285,7 +1285,7 @@
     "description": "Toggle the display of the URIs of the currently open tabs in the browser."
   },
   "currentUri": {
-    "message": "Бягучы URI укладкі",
+    "message": "Бягучы URI",
     "description": "The URI of one of the current open tabs in the browser."
   },
   "organization": {
@@ -1305,7 +1305,7 @@
     "message": "Выдаліць"
   },
   "default": {
-    "message": "Па змаўчанні"
+    "message": "Прадвызначана"
   },
   "dateUpdated": {
     "message": "Абноўлена",
@@ -1316,7 +1316,7 @@
     "description": "ex. Date this password was updated"
   },
   "neverLockWarning": {
-    "message": "Вы ўпэўнены, што хочаце адключыць блакіроўку сховішча? У гэтым выпадку ключ шыфравання вашага сховішча будзе захаваны на вашай прыладзе. Адключаючы блакіроўку, вы павінны пераканацца, што ваша прылада надзейна абаронена."
+    "message": "Вы ўпэўнены, што хочаце адключыць блакіроўку сховішча? Прызначыўшы параметр блакіравання \"Ніколі\", ключ шыфравання будзе захоўвацца на вашай прыладзе. Калі вы выкарыстоўваеце гэты параметр, вы павінны быць упэўнены ў тым, што ваша прылада надзейна абаронена."
   },
   "noOrganizationsList": {
     "message": "Вы не з'яўляецеся членам якой-небудзь арганізацыі. Арганізацыі дазваляюць бяспечна абменьвацца элементамі з іншымі карыстальнікамі."
@@ -1331,7 +1331,7 @@
     "message": "Каму належыць гэты элемент?"
   },
   "strong": {
-    "message": "Моцны",
+    "message": "Надзейны",
     "description": "ex. A strong password. Scale: Weak -> Good -> Strong"
   },
   "good": {
@@ -1339,14 +1339,14 @@
     "description": "ex. A good password. Scale: Weak -> Good -> Strong"
   },
   "weak": {
-    "message": "Слабы",
+    "message": "Ненадзейны",
     "description": "ex. A weak password. Scale: Weak -> Good -> Strong"
   },
   "weakMasterPassword": {
     "message": "Слабы асноўны пароль"
   },
   "weakMasterPasswordDesc": {
-    "message": "Асноўны пароль, выбраны вамі, з'яўляецца слабым. Для належнай абароны ўліковага запісу Bitwarden, вы павінны выкарыстоўваць моцны асноўны пароль (або парольную фразу). Вы ўпэўнены, што хочаце выкарыстоўваць гэты асноўны пароль?"
+    "message": "Асноўны пароль, які вы выбралі з'яўляецца ненадзейным. Для належнай абароны ўліковага запісу Bitwarden, вы павінны выкарыстоўваць надзейны асноўны пароль (або парольную фразу). Вы ўпэўнены, што хочаце выкарыстоўваць гэты асноўны пароль?"
   },
   "pin": {
     "message": "PIN-код",
@@ -1374,7 +1374,7 @@
     "message": "Для ўключэння біяметрыі ў браўзеры, пацвердзіце гэта ў праграме Bitwarden на сваім камп'ютары."
   },
   "lockWithMasterPassOnRestart": {
-    "message": "Блакіраваць асноўным паролем пры перазапуску браўзера"
+    "message": "Заблакіраваць асноўным паролем пры перазапуску браўзера"
   },
   "selectOneCollection": {
     "message": "Вы павінны выбраць прынамсі адну калекцыю."
@@ -1386,7 +1386,7 @@
     "message": "Кланіраваць"
   },
   "passwordGeneratorPolicyInEffect": {
-    "message": "На налады генератара ўплываюць адна або некалькі палітык арганізацый."
+    "message": "Адна або больш палітык арганізацыі ўплывае на налады генератара."
   },
   "vaultTimeoutAction": {
     "message": "Дзеянне пры тайм-аўце"
@@ -1415,19 +1415,19 @@
     "message": "Аднавіць элемент"
   },
   "restoreItemConfirmation": {
-    "message": "Вы сапраўды жадаеце аднавіць гэты элемент?"
+    "message": "Вы ўпэўнены, што хочаце аднавіць гэты элемент?"
   },
   "restoredItem": {
     "message": "Элемент адноўлены"
   },
   "vaultTimeoutLogOutConfirmation": {
-    "message": "Выхад з сістэмы выдаліць доступ да сховішча і спатрабуе праверку сапраўднасці анлайн па заканчэнні перыяду чакання. Вы сапраўды жадаеце ўключыць гэтую наладу?"
+    "message": "Выхад з сістэмы скасуе ўсе магчымасці доступу да сховішча і запатрабуе аўтэнтыфікацыю праз інтэрнэт пасля завяршэння часу чакання. Вы ўпэўнены, што хочаце выкарыстоўваць гэты параметр?"
   },
   "vaultTimeoutLogOutConfirmationTitle": {
     "message": "Пацвярджэнне дзеяння для тайм-аута"
   },
   "autoFillAndSave": {
-    "message": "Запоўніць і захаваць"
+    "message": "Аўтазапоўніць і захаваць"
   },
   "autoFillSuccessAndSavedUri": {
     "message": "Аўтазапоўнены элемент і захаваны URI"
@@ -1439,7 +1439,7 @@
     "message": "Задаць асноўны пароль"
   },
   "masterPasswordPolicyInEffect": {
-    "message": "Згодна з адной або некалькімі палітыкамі арганізацыі неабходна, каб ваш асноўны пароль адказваў наступным патрабаванням:"
+    "message": "Адна або больш палітык арганізацыі патрабуе, каб ваш асноўны пароль адпавядаў наступным патрабаванням:"
   },
   "policyInEffectMinComplexity": {
     "message": "Мінімальны ўзровень складанасці $SCORE$",
@@ -1460,13 +1460,13 @@
     }
   },
   "policyInEffectUppercase": {
-    "message": "Уключыць адну ці больш прапісных літар"
+    "message": "Уключыць адну або некалькі вялікіх літар"
   },
   "policyInEffectLowercase": {
-    "message": "Уключыць адну ці больш малых літар"
+    "message": "Уключыць адну або некалькі малых літар"
   },
   "policyInEffectNumbers": {
-    "message": "Уключыць адну ці больш лічбаў"
+    "message": "Уключыць адну або некалькі лічбаў"
   },
   "policyInEffectSpecial": {
     "message": "Уключаць хаця б адзін з наступных спецыяльных сімвалаў $CHARS$",
@@ -1481,7 +1481,7 @@
     "message": "Ваш новы асноўны пароль не адпавядае патрабаванням палітыкі арганізацыі."
   },
   "acceptPolicies": {
-    "message": "Ставіўшы гэты сцяжок вы пагаджаецеся з наступным:"
+    "message": "Ставячы гэты сцяжок, вы пагаджаецеся з наступным:"
   },
   "acceptPoliciesRequired": {
     "message": "Умовы выкарыстання і Палітыка прыватнасці не былі пацверджаны."
@@ -1496,7 +1496,7 @@
     "message": "Падказка для пароля не можа супадаць з паролем."
   },
   "ok": {
-    "message": "ОК"
+    "message": "Добра"
   },
   "desktopSyncVerificationTitle": {
     "message": "Праверка сінхранізацыі на камп'ютары"
@@ -1538,7 +1538,7 @@
     "message": "Біяметрыя не ўключана"
   },
   "biometricsNotEnabledDesc": {
-    "message": "Для актывацыі біяметрыі ў браўзеры спачатку неабходна ўключыць біяметрыю ў праграме на камп'ютары."
+    "message": "Для актывацыі біяметрыі ў браўзеры неабходна спачатку ўключыць яе ў наладах праграмы для камп'ютара."
   },
   "biometricsNotSupportedTitle": {
     "message": "Біяметрыя не падтрымліваецца"
@@ -1559,7 +1559,7 @@
     "message": "Гэта дзеянне немагчыма выканаць у бакавой панэлі. Паспрабуйце паўтарыць гэта дзеянне ва ўсплывальным або асобным акне."
   },
   "personalOwnershipSubmitError": {
-    "message": "У адпаведнасці з карпаратыўнай палітыкай вам забаронена захоўваць элементы ў асабістым сховішчы. Змяніце параметры ўласнасці на арганізацыю і выберыце з даступных калекцый."
+    "message": "У адпаведнасці з палітыкай прадпрыемства вам забаронена захоўваць элементы ў асабістым сховішчы. Змяніце параметры ўласнасці на арганізацыю і выберыце з даступных калекцый."
   },
   "personalOwnershipPolicyInEffect": {
     "message": "Палітыка арганізацыі ўплывае на вашы параметры ўласнасці."
@@ -1615,7 +1615,7 @@
     "message": "Абаронена паролем"
   },
   "copySendLink": {
-    "message": "Капіяваць спасылку Send",
+    "message": "Скапіяваць спасылку на Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "removePassword": {
@@ -1628,7 +1628,7 @@
     "message": "Пароль выдалены"
   },
   "deletedSend": {
-    "message": "Выдалены Send",
+    "message": "Send выдалены",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendLink": {
@@ -1682,7 +1682,7 @@
     "message": "1 дзень"
   },
   "days": {
-    "message": "$DAYS$ дзён",
+    "message": "Дзён: $DAYS$",
     "placeholders": {
       "days": {
         "content": "$1",
@@ -1697,7 +1697,7 @@
     "message": "Максімальная колькасць доступаў"
   },
   "maximumAccessCountDesc": {
-    "message": "Калі зададзена, то карыстальнікі больш не змогуць атрымаць доступ да гэтага Send пасля таго, як будзе дасягнута максімальная колькасць зваротаў.",
+    "message": "Калі прызначана, то карыстальнікі больш не змогуць атрымаць доступ да гэтага Send пасля таго, як будзе дасягнута максімальная колькасць зваротаў.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendPasswordDesc": {
@@ -1738,7 +1738,7 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendDisabledWarning": {
-    "message": "У адпаведнасці з карпаратыўнай палітыкай, вы можаце выдаліць толькі бягучы Send.",
+    "message": "У адпаведнасці з палітыкай прадпрыемства, вы можаце выдаліць толькі бягучы Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "createdSend": {
@@ -1746,7 +1746,7 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "editedSend": {
-    "message": "Адрэдагаваны Send",
+    "message": "Send адрэдагаваны",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendLinuxChromiumFileWarning": {
@@ -1756,7 +1756,7 @@
     "message": "Для выбару файла з выкарыстаннем Firefox неабходна адкрыць пашырэнне на бакавой панэлі або перайсці ў новае акно, націснуўшы на гэты банэр."
   },
   "sendSafariFileWarning": {
-    "message": "Для выбару файла з выкарыстаннем Safari неабходна перайсці ў асобнае акно, націснуўшы на гэты банэр."
+    "message": "Для выбару файла з выкарыстаннем Safari неабходна перайсці ў новае акно, націснуўшы на гэты банэр."
   },
   "sendFileCalloutHeader": {
     "message": "Перад тым, як пачаць"
@@ -1795,7 +1795,7 @@
     "message": "Адна або больш палітык арганізацыі ўплываюць на параметры Send."
   },
   "passwordPrompt": {
-    "message": "Паўторны запыт галоўнага пароля"
+    "message": "Паўторны запыт асноўнага пароля"
   },
   "passwordConfirmation": {
     "message": "Пацвярджэнне асноўнага пароля"
@@ -1828,7 +1828,7 @@
     "message": "Выбраць папку..."
   },
   "ssoCompleteRegistration": {
-    "message": "Для завяршэння ўваходу праз SSO, задайце асноўны пароль для доступу і абароны вашаго сховішча."
+    "message": "Для завяршэння працэсу ўваходу з дапамогай SSO, прызначце асноўны пароль для доступу да вашага сховішча і яго абароны."
   },
   "hours": {
     "message": "Гадзіны"
@@ -1859,13 +1859,13 @@
     "message": "Адна або больш палітык арганізацыі не дазваляюць вам экспартаваць асабістае сховішча."
   },
   "copyCustomFieldNameInvalidElement": {
-    "message": "Не атрымалася ідэнтыфікаваць дзеючы элемент формы. Паспрабуйце замест гэтага праверыць HTML."
+    "message": "Немагчыма ідэнтыфікаваць дзеючы элемент формы. Паспрабуйце замест гэтага праверыць HTML."
   },
   "copyCustomFieldNameNotUnique": {
     "message": "Не знойдзены ўнікальны ідэнтыфікатар."
   },
   "convertOrganizationEncryptionDesc": {
-    "message": "$ORGANIZATION$ выкарыстоўвае SSO з уласным серверам ключоў. Для аўтарызацыі ўдзельнікам гэтай арганізацыі больш няма неабходнасці выкарыстоўваць асноўны пароль.",
+    "message": "$ORGANIZATION$ выкарыстоўвае SSO з уласным серверам ключоў. Асноўны пароль для ўдзельнікаў гэтай арганізацыі больш не патрабуецца.",
     "placeholders": {
       "organization": {
         "content": "$1",
@@ -1874,7 +1874,7 @@
     }
   },
   "leaveOrganization": {
-    "message": "Пакінуць арганізацыю"
+    "message": "Выйсці з арганізацыі"
   },
   "removeMasterPassword": {
     "message": "Выдаліць асноўны пароль"
@@ -1883,7 +1883,7 @@
     "message": "Асноўны пароль выдалены."
   },
   "leaveOrganizationConfirmation": {
-    "message": "Вы ўпэўнены, што хочаце пакінуць гэту арганізацыю?"
+    "message": "Вы ўпэўнены, што хочаце выйсці з гэтай арганізацыі?"
   },
   "leftOrganization": {
     "message": "Вы пакінулі арганізацыю."
@@ -1898,7 +1898,7 @@
     "message": "Экспартаванне асабістага сховішча"
   },
   "exportingPersonalVaultDescription": {
-    "message": "Толькі элементы асабістага сховішча, якія звязаны з $EMAIL$ будуць экспартаваныя. Элементы сховішча арганізацыі не будуць уключаны.",
+    "message": "Будуць экспартаваны толькі асабістыя элементы сховішча, якія звязаны з $EMAIL$. Элементы сховішча арганізацыі не будуць уключаны.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -1975,7 +1975,7 @@
     "message": "Арганізацыя адключана."
   },
   "disabledOrganizationFilterError": {
-    "message": "Элементы ў адключаных арганізацыя недаступны. Звяжыцеся з уладальнікам вашай арганізацыі для атрымання дапамогі."
+    "message": "Доступ да элементаў у адключаных арганізацыях немагчымы. Звяжыце з уладальнікам арганізацыі для атрымання дапамогі."
   },
   "cardBrandMir": {
     "message": "Mir"
@@ -1999,16 +1999,16 @@
     "message": "для скіду да прадвызначаных наладаў"
   },
   "serverVersion": {
-    "message": "Server Version"
+    "message": "Версія сервера"
   },
   "selfHosted": {
-    "message": "Self-Hosted"
+    "message": "Уласнае размяшчэнне"
   },
   "thirdParty": {
-    "message": "Third-Party"
+    "message": "Іншы пастаўшчык"
   },
   "thirdPartyServerMessage": {
-    "message": "Connected to third-party server implementation, $SERVERNAME$. Please verify bugs using the official server, or report them to the third-party server.",
+    "message": "Падлучэнне да сервера іншага пастаўшчыка $SERVERNAME$. Калі ласка, праверце памылкі з дапамогай афіцыйнага сервера або паведаміце пра іх пастаўшчыку сервера.",
     "placeholders": {
       "servername": {
         "content": "$1",
@@ -2017,7 +2017,7 @@
     }
   },
   "lastSeenOn": {
-    "message": "last seen on $DATE$",
+    "message": "апошні раз быў(-ла) $DATE$",
     "placeholders": {
       "date": {
         "content": "$1",
diff --git a/apps/browser/src/_locales/ca/messages.json b/apps/browser/src/_locales/ca/messages.json
index f4574ce9c6d4..fe9945100468 100644
--- a/apps/browser/src/_locales/ca/messages.json
+++ b/apps/browser/src/_locales/ca/messages.json
@@ -1999,16 +1999,16 @@
     "message": "per restablir els paràmetres preconfigurats"
   },
   "serverVersion": {
-    "message": "Server Version"
+    "message": "Versió del servidor"
   },
   "selfHosted": {
-    "message": "Self-Hosted"
+    "message": "Autoallotjat"
   },
   "thirdParty": {
-    "message": "Third-Party"
+    "message": "Tercers"
   },
   "thirdPartyServerMessage": {
-    "message": "Connected to third-party server implementation, $SERVERNAME$. Please verify bugs using the official server, or report them to the third-party server.",
+    "message": "Connectat a la implementació del servidor de tercers, $SERVERNAME$. Verifiqueu els errors utilitzant el servidor oficial o comuniqueu-los al servidor de tercers.",
     "placeholders": {
       "servername": {
         "content": "$1",
@@ -2017,7 +2017,7 @@
     }
   },
   "lastSeenOn": {
-    "message": "last seen on $DATE$",
+    "message": "vist per última vegada el $DATE$",
     "placeholders": {
       "date": {
         "content": "$1",
diff --git a/apps/browser/src/_locales/ko/messages.json b/apps/browser/src/_locales/ko/messages.json
index ea449c6cc97d..a85bcbf7e6d2 100644
--- a/apps/browser/src/_locales/ko/messages.json
+++ b/apps/browser/src/_locales/ko/messages.json
@@ -430,7 +430,7 @@
     "message": "마스터 비밀번호를 재입력해야 합니다."
   },
   "masterPasswordMinlength": {
-    "message": "Master password must be at least 8 characters long."
+    "message": "마스터 비밀번호는 최소 8자 이상이어야 합니다."
   },
   "masterPassDoesntMatch": {
     "message": "마스터 비밀번호 확인과 마스터 비밀번호가 일치하지 않습니다."
diff --git a/apps/browser/src/_locales/pl/messages.json b/apps/browser/src/_locales/pl/messages.json
index 9297eac5ae31..cc5e8dcff1c8 100644
--- a/apps/browser/src/_locales/pl/messages.json
+++ b/apps/browser/src/_locales/pl/messages.json
@@ -406,7 +406,7 @@
     "message": "Po zablokowaniu komputera"
   },
   "onRestart": {
-    "message": "Po uruchomieniu przeglądarki"
+    "message": "Po restarcie przeglądarki"
   },
   "never": {
     "message": "Nigdy"
@@ -577,16 +577,16 @@
     "message": "\"Dodaj powiadomienia logowania\" automatycznie wyświetla monit o zapisanie nowych danych logowania do sejfu przy każdym pierwszym logowaniu."
   },
   "showCardsCurrentTab": {
-    "message": "Pokaż karty na stronie Karta"
+    "message": "Pokaż karty na stronie głównej"
   },
   "showCardsCurrentTabDesc": {
-    "message": "Wyświetlaj elementy karty na stronie Karta, aby ułatwić autouzupełnianie."
+    "message": "Pokaż elementy karty na stronie głównej, aby ułatwić autouzupełnianie."
   },
   "showIdentitiesCurrentTab": {
-    "message": "Pokaż tożsamości na stronie Karta"
+    "message": "Pokaż tożsamości na stronie głównej"
   },
   "showIdentitiesCurrentTabDesc": {
-    "message": "Wyświetlaj elementy tożsamości na stronie Karta, aby ułatwić autouzupełnianie."
+    "message": "Pokaż elementy tożsamości na stronie głównej, aby ułatwić autouzupełnianie."
   },
   "clearClipboard": {
     "message": "Wyczyść schowek",
@@ -621,7 +621,7 @@
     "message": "Użyj drugiego kliknięcia, aby uzyskać dostęp do generowania haseł i pasujących danych logowania do witryny. "
   },
   "defaultUriMatchDetection": {
-    "message": "Domyślna metoda dopasowania adresu",
+    "message": "Domyślne wykrywanie dopasowania",
     "description": "Default URI match detection for auto-fill."
   },
   "defaultUriMatchDetectionDesc": {
diff --git a/apps/browser/src/_locales/tr/messages.json b/apps/browser/src/_locales/tr/messages.json
index 38d6a28475a6..3e79a9e586d7 100644
--- a/apps/browser/src/_locales/tr/messages.json
+++ b/apps/browser/src/_locales/tr/messages.json
@@ -146,10 +146,10 @@
     "message": "Hesap"
   },
   "changeMasterPassword": {
-    "message": "Ana Parolayı Değiştir"
+    "message": "Ana parolayı değiştir"
   },
   "fingerprintPhrase": {
-    "message": "Özgün Cümle",
+    "message": "Parmak izi ifadesi",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "yourAccountsFingerprint": {
@@ -157,10 +157,10 @@
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "twoStepLogin": {
-    "message": "İki Aşamalı Giriş"
+    "message": "İki aşamalı giriş"
   },
   "logOut": {
-    "message": "Çıkış Yap"
+    "message": "Çıkış yap"
   },
   "about": {
     "message": "Hakkında"
@@ -193,7 +193,7 @@
     "message": "Listelenecek klasör yok."
   },
   "helpFeedback": {
-    "message": "Yardım & Geribildirim"
+    "message": "Yardım ve geribildirim"
   },
   "sync": {
     "message": "Eşitle"
@@ -215,10 +215,10 @@
     "message": "Hesaplarınız için otomatik olarak güçlü, özgün parolalar oluşturun."
   },
   "bitWebVault": {
-    "message": "Bitwarden Web Kasası"
+    "message": "Bitwarden web kasası"
   },
   "importItems": {
-    "message": "Hesapları İçe Aktar"
+    "message": "Hesapları içe aktar"
   },
   "select": {
     "message": "Seç"
@@ -367,7 +367,7 @@
     "message": "Kasa zaman aşımı"
   },
   "lockNow": {
-    "message": "Şimdi Kilitle"
+    "message": "Şimdi kilitle"
   },
   "immediately": {
     "message": "Hemen"
@@ -403,10 +403,10 @@
     "message": "4 saat"
   },
   "onLocked": {
-    "message": "Sistem Kilitliyken"
+    "message": "Sistem kilitlenince"
   },
   "onRestart": {
-    "message": "Tarayıcı Yeniden Başlatıldığında"
+    "message": "Tarayıcı yeniden başlatılınca"
   },
   "never": {
     "message": "Asla"
@@ -574,7 +574,7 @@
     "message": "Hesap eklemeyi öner"
   },
   "addLoginNotificationDesc": {
-    "message": "\"Hesap Ekle Bildirimi\" otomatik olarak, ilk kez oturum açtığınız hesabınızı kasanıza kaydetmeniz için uyarı verir."
+    "message": "\"Hesap ekle\" bildirimi, ilk kez kullandığınız hesap bilgilerini kasanıza kaydetmek isteyip istemediğinizi otomatik olarak sorar."
   },
   "showCardsCurrentTab": {
     "message": "Sekme sayfasında kartları göster"
@@ -589,7 +589,7 @@
     "message": "Kolay otomatik doldurma için sekme sayfasında kimlik öğelerini listele"
   },
   "clearClipboard": {
-    "message": "Panoyu Temizle",
+    "message": "Panoyu temizle",
     "description": "Clipboard is the operating system thing where you copy/paste data to on your device."
   },
   "clearClipboardDesc": {
@@ -646,7 +646,7 @@
     "description": "'Solarized' is a noun and the name of a color scheme. It should not be translated."
   },
   "exportVault": {
-    "message": "Kasayı Dışa Aktar"
+    "message": "Kasayı dışa aktar"
   },
   "fileFormat": {
     "message": "Dosya biçimi"
@@ -750,7 +750,7 @@
     "message": "Şifreleme anahtarınızı güncellemeden bu özelliği kullanamazsınız."
   },
   "premiumMembership": {
-    "message": "Premium Üyelik"
+    "message": "Premium üyelik"
   },
   "premiumManage": {
     "message": "Üyeliğimi yönet"
@@ -966,7 +966,7 @@
     "message": "Hesaplar için varsayılan otomatik doldurma ayarı"
   },
   "defaultAutoFillOnPageLoadDesc": {
-    "message": "\"Sayfa yüklendiğinde otomatik doldur\"u açtıktan sonra her hesap için bu özelliği ayrı ayrı açıp kapatabilirsiniz. Bu ayar, özellikle ayarlama yapmadığınız hesaplarda kullanılacak varsayılan ayardır."
+    "message": "\"Sayfa yüklendiğinde otomatik doldur\"u her hesabın \"Düzenle\" görünümünden ayrı ayrı kapatabilirsiniz."
   },
   "itemAutoFillOnPageLoad": {
     "message": "Sayfa yüklendiğinde otomatik doldur (seçeneklerde etkinleştirilmişse)"
@@ -1898,7 +1898,7 @@
     "message": "Kişisel Kasayı Dışa Aktar"
   },
   "exportingPersonalVaultDescription": {
-    "message": "Yalnızca $EMAIL$ ile ilişkili kişisel kasa öğeleri dışa aktarılacaktır. Kuruluş kasası öğeleri dahil edilmeyecektir.",
+    "message": "Yalnızca $EMAIL$ ile ilişkili kişisel kasadaki kayıtlar dışa aktarılacaktır. Kuruluş kasasındaki kayıtlar dahil edilmeyecektir.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -2008,7 +2008,7 @@
     "message": "Üçüncü Taraf"
   },
   "thirdPartyServerMessage": {
-    "message": "Üçüncü taraf sunucu uygulamasına bağlandı, $SERVERNAME$. Lütfen resmi sunucuyu kullanarak hataları doğrulayın veya üçüncü taraf sunucuya bildirin.",
+    "message": "$SERVERNAME$ adresindeki üçüncü taraf sunucuya bağlandınız. Lütfen resmi sunucuyu kullanarak hataları doğrulayın veya üçüncü taraf sunucuya bildirin.",
     "placeholders": {
       "servername": {
         "content": "$1",
diff --git a/apps/browser/src/decorators/session-sync-observable/session-sync.decorator.spec.ts b/apps/browser/src/decorators/session-sync-observable/session-sync.decorator.spec.ts
index c82f2700213c..b177d118f824 100644
--- a/apps/browser/src/decorators/session-sync-observable/session-sync.decorator.spec.ts
+++ b/apps/browser/src/decorators/session-sync-observable/session-sync.decorator.spec.ts
@@ -19,6 +19,7 @@ describe("sessionSync decorator", () => {
         ctor: ctor,
         initializer: initializer,
       }),
+      testClass.testProperty.complete(),
     ]);
   });
 });
diff --git a/apps/browser/src/decorators/session-sync-observable/session-syncer.spec.ts b/apps/browser/src/decorators/session-sync-observable/session-syncer.spec.ts
index f2df60ad7a4b..5286cece1bb3 100644
--- a/apps/browser/src/decorators/session-sync-observable/session-syncer.spec.ts
+++ b/apps/browser/src/decorators/session-sync-observable/session-syncer.spec.ts
@@ -5,6 +5,7 @@ import { BrowserApi } from "../../browser/browserApi";
 import { StateService } from "../../services/abstractions/state.service";
 
 import { SessionSyncer } from "./session-syncer";
+import { SyncedItemMetadata } from "./sync-item-metadata";
 
 describe("session syncer", () => {
   const propertyKey = "behaviorSubject";
@@ -140,12 +141,14 @@ describe("session syncer", () => {
     });
 
     it("should update from message on emit from another instance", async () => {
+      const builder = jest.fn();
+      jest.spyOn(SyncedItemMetadata, "builder").mockReturnValue(builder);
       stateService.getFromSessionMemory.mockResolvedValue("test");
 
       await sut.updateFromMessage({ command: `${sessionKey}_update`, id: "different_id" });
 
       expect(stateService.getFromSessionMemory).toHaveBeenCalledTimes(1);
-      expect(stateService.getFromSessionMemory).toHaveBeenCalledWith(sessionKey);
+      expect(stateService.getFromSessionMemory).toHaveBeenCalledWith(sessionKey, builder);
 
       expect(nextSpy).toHaveBeenCalledTimes(1);
       expect(nextSpy).toHaveBeenCalledWith("test");
diff --git a/apps/browser/src/decorators/session-sync-observable/session-syncer.ts b/apps/browser/src/decorators/session-sync-observable/session-syncer.ts
index 0c97b983f75b..c757a44c7f2d 100644
--- a/apps/browser/src/decorators/session-sync-observable/session-syncer.ts
+++ b/apps/browser/src/decorators/session-sync-observable/session-syncer.ts
@@ -66,8 +66,8 @@ export class SessionSyncer {
     if (message.command != this.updateMessageCommand || message.id === this.id) {
       return;
     }
-    const keyValuePair = await this.stateService.getFromSessionMemory(this.metaData.sessionKey);
-    const value = SyncedItemMetadata.buildFromKeyValuePair(keyValuePair, this.metaData);
+    const builder = SyncedItemMetadata.builder(this.metaData);
+    const value = await this.stateService.getFromSessionMemory(this.metaData.sessionKey, builder);
     this.ignoreNextUpdate = true;
     this.behaviorSubject.next(value);
   }
diff --git a/apps/browser/src/decorators/session-sync-observable/sync-item-metadata.ts b/apps/browser/src/decorators/session-sync-observable/sync-item-metadata.ts
index e225db61967f..2b3f4715d460 100644
--- a/apps/browser/src/decorators/session-sync-observable/sync-item-metadata.ts
+++ b/apps/browser/src/decorators/session-sync-observable/sync-item-metadata.ts
@@ -5,19 +5,15 @@ export class SyncedItemMetadata {
   initializer?: (keyValuePair: any) => any;
   initializeAsArray?: boolean;
 
-  static buildFromKeyValuePair(keyValuePair: any, metadata: SyncedItemMetadata): any {
-    const builder = SyncedItemMetadata.getBuilder(metadata);
-
+  static builder(metadata: SyncedItemMetadata): (o: any) => any {
+    const itemBuilder =
+      metadata.initializer != null
+        ? metadata.initializer
+        : (o: any) => Object.assign(new metadata.ctor(), o);
     if (metadata.initializeAsArray) {
-      return keyValuePair.map((o: any) => builder(o));
+      return (keyValuePair: any) => keyValuePair.map((o: any) => itemBuilder(o));
     } else {
-      return builder(keyValuePair);
+      return (keyValuePair: any) => itemBuilder(keyValuePair);
     }
   }
-
-  private static getBuilder(metadata: SyncedItemMetadata): (o: any) => any {
-    return metadata.initializer != null
-      ? metadata.initializer
-      : (o: any) => Object.assign(new metadata.ctor(), o);
-  }
 }
diff --git a/apps/browser/src/decorators/session-sync-observable/synced-item-metadata.spec.ts b/apps/browser/src/decorators/session-sync-observable/synced-item-metadata.spec.ts
index da65be04903e..5cd869a5b679 100644
--- a/apps/browser/src/decorators/session-sync-observable/synced-item-metadata.spec.ts
+++ b/apps/browser/src/decorators/session-sync-observable/synced-item-metadata.spec.ts
@@ -1,59 +1,39 @@
 import { SyncedItemMetadata } from "./sync-item-metadata";
 
-describe("build from key value pair", () => {
+describe("builder", () => {
   const propertyKey = "propertyKey";
   const key = "key";
   const initializer = (s: any) => "used initializer";
   class TestClass {}
   const ctor = TestClass;
 
-  it("should call initializer if provided", () => {
-    const actual = SyncedItemMetadata.buildFromKeyValuePair(
-      {},
-      {
-        propertyKey,
-        sessionKey: "key",
-        initializer: initializer,
-      }
-    );
-
-    expect(actual).toEqual("used initializer");
+  it("should use initializer if provided", () => {
+    const metadata = { propertyKey, sessionKey: key, initializer };
+    const builder = SyncedItemMetadata.builder(metadata);
+    expect(builder({})).toBe("used initializer");
   });
 
-  it("should call ctor if provided", () => {
-    const expected = { provided: "value" };
-    const actual = SyncedItemMetadata.buildFromKeyValuePair(expected, {
-      propertyKey,
-      sessionKey: key,
-      ctor: ctor,
-    });
-
-    expect(actual).toBeInstanceOf(ctor);
-    expect(actual).toEqual(expect.objectContaining(expected));
+  it("should use ctor if initializer is not provided", () => {
+    const metadata = { propertyKey, sessionKey: key, ctor };
+    const builder = SyncedItemMetadata.builder(metadata);
+    expect(builder({})).toBeInstanceOf(TestClass);
   });
 
-  it("should prefer using initializer if both are provided", () => {
-    const actual = SyncedItemMetadata.buildFromKeyValuePair(
-      {},
-      {
-        propertyKey,
-        sessionKey: key,
-        initializer: initializer,
-        ctor: ctor,
-      }
-    );
-
-    expect(actual).toEqual("used initializer");
+  it("should prefer initializer over ctor", () => {
+    const metadata = { propertyKey, sessionKey: key, ctor, initializer };
+    const builder = SyncedItemMetadata.builder(metadata);
+    expect(builder({})).toBe("used initializer");
   });
 
   it("should honor initialize as array", () => {
-    const actual = SyncedItemMetadata.buildFromKeyValuePair([1, 2], {
+    const metadata = {
       propertyKey,
       sessionKey: key,
       initializer: initializer,
       initializeAsArray: true,
-    });
-
-    expect(actual).toEqual(["used initializer", "used initializer"]);
+    };
+    const builder = SyncedItemMetadata.builder(metadata);
+    expect(builder([{}])).toBeInstanceOf(Array);
+    expect(builder([{}])[0]).toBe("used initializer");
   });
 });
diff --git a/apps/browser/src/popup/accounts/login.component.html b/apps/browser/src/popup/accounts/login.component.html
index 4c18805f452a..1b32f63819a6 100644
--- a/apps/browser/src/popup/accounts/login.component.html
+++ b/apps/browser/src/popup/accounts/login.component.html
@@ -1,4 +1,4 @@
-<form #form (ngSubmit)="submit()" [appApiAction]="formPromise">
+<form #form (ngSubmit)="submit()" [appApiAction]="formPromise" [formGroup]="formGroup">
   <header>
     <div class="left">
       <button type="button" routerLink="/home">{{ "cancel" | i18n }}</button>
@@ -18,15 +18,7 @@ <h1 class="center">
       <div class="box-content">
         <div class="box-content-row" appBoxRow>
           <label for="email">{{ "emailAddress" | i18n }}</label>
-          <input
-            id="email"
-            type="text"
-            name="Email"
-            [(ngModel)]="email"
-            required
-            inputmode="email"
-            appInputVerbatim="false"
-          />
+          <input id="email" type="email" formControlName="email" appInputVerbatim="false" />
         </div>
         <div class="box-content-row box-content-row-flex" appBoxRow>
           <div class="row-main">
@@ -34,10 +26,8 @@ <h1 class="center">
             <input
               id="masterPassword"
               type="{{ showPassword ? 'text' : 'password' }}"
-              name="MasterPassword"
               class="monospaced"
-              [(ngModel)]="masterPassword"
-              required
+              formControlName="masterPassword"
               appInputVerbatim
             />
           </div>
diff --git a/apps/browser/src/popup/accounts/login.component.ts b/apps/browser/src/popup/accounts/login.component.ts
index 83c654d67372..5028af06bfb8 100644
--- a/apps/browser/src/popup/accounts/login.component.ts
+++ b/apps/browser/src/popup/accounts/login.component.ts
@@ -1,10 +1,12 @@
 import { Component, NgZone } from "@angular/core";
+import { FormBuilder } from "@angular/forms";
 import { Router } from "@angular/router";
 
 import { LoginComponent as BaseLoginComponent } from "@bitwarden/angular/components/login.component";
 import { AuthService } from "@bitwarden/common/abstractions/auth.service";
 import { CryptoFunctionService } from "@bitwarden/common/abstractions/cryptoFunction.service";
 import { EnvironmentService } from "@bitwarden/common/abstractions/environment.service";
+import { FormValidationErrorsService } from "@bitwarden/common/abstractions/formValidationErrors.service";
 import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/abstractions/log.service";
 import { PasswordGenerationService } from "@bitwarden/common/abstractions/passwordGeneration.service";
@@ -30,7 +32,9 @@ export class LoginComponent extends BaseLoginComponent {
     protected cryptoFunctionService: CryptoFunctionService,
     syncService: SyncService,
     logService: LogService,
-    ngZone: NgZone
+    ngZone: NgZone,
+    formBuilder: FormBuilder,
+    formValidationErrorService: FormValidationErrorsService
   ) {
     super(
       authService,
@@ -42,7 +46,9 @@ export class LoginComponent extends BaseLoginComponent {
       passwordGenerationService,
       cryptoFunctionService,
       logService,
-      ngZone
+      ngZone,
+      formBuilder,
+      formValidationErrorService
     );
     super.onSuccessfulLogin = async () => {
       await syncService.fullSync(true);
diff --git a/apps/browser/src/services/abstractions/state.service.ts b/apps/browser/src/services/abstractions/state.service.ts
index ca2a5ced7fa2..2f0112ff64f7 100644
--- a/apps/browser/src/services/abstractions/state.service.ts
+++ b/apps/browser/src/services/abstractions/state.service.ts
@@ -1,3 +1,5 @@
+import { Jsonify } from "type-fest";
+
 import { StateService as BaseStateServiceAbstraction } from "@bitwarden/common/abstractions/state.service";
 import { StorageOptions } from "@bitwarden/common/models/domain/storageOptions";
 
@@ -7,7 +9,7 @@ import { BrowserGroupingsComponentState } from "src/models/browserGroupingsCompo
 import { BrowserSendComponentState } from "src/models/browserSendComponentState";
 
 export abstract class StateService extends BaseStateServiceAbstraction<Account> {
-  abstract getFromSessionMemory<T>(key: string): Promise<T>;
+  abstract getFromSessionMemory<T>(key: string, deserializer?: (obj: Jsonify<T>) => T): Promise<T>;
   abstract setInSessionMemory(key: string, value: any): Promise<void>;
   getBrowserGroupingComponentState: (
     options?: StorageOptions
diff --git a/apps/browser/src/services/localBackedSessionStorage.service.spec.ts b/apps/browser/src/services/localBackedSessionStorage.service.spec.ts
index de88b6d8b2f0..f7101ddae2ed 100644
--- a/apps/browser/src/services/localBackedSessionStorage.service.spec.ts
+++ b/apps/browser/src/services/localBackedSessionStorage.service.spec.ts
@@ -96,6 +96,13 @@ describe("Browser Session Storage Service", () => {
           expect(cache.has("test")).toBe(true);
           expect(cache.get("test")).toEqual(session.test);
         });
+
+        it("should use a deserializer if provided", async () => {
+          const deserializer = jest.fn().mockReturnValue(testObj);
+          const result = await sut.get("test", { deserializer: deserializer });
+          expect(deserializer).toHaveBeenCalledWith(session.test);
+          expect(result).toEqual(testObj);
+        });
       });
     });
   });
diff --git a/apps/browser/src/services/localBackedSessionStorage.service.ts b/apps/browser/src/services/localBackedSessionStorage.service.ts
index cdc7d4cf154b..dea2e75a5edf 100644
--- a/apps/browser/src/services/localBackedSessionStorage.service.ts
+++ b/apps/browser/src/services/localBackedSessionStorage.service.ts
@@ -1,6 +1,12 @@
+import { Jsonify } from "type-fest";
+
 import { AbstractEncryptService } from "@bitwarden/common/abstractions/abstractEncrypt.service";
-import { AbstractCachedStorageService } from "@bitwarden/common/abstractions/storage.service";
+import {
+  AbstractCachedStorageService,
+  MemoryStorageServiceInterface,
+} from "@bitwarden/common/abstractions/storage.service";
 import { EncString } from "@bitwarden/common/models/domain/encString";
+import { MemoryStorageOptions } from "@bitwarden/common/models/domain/storageOptions";
 import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
 
 import { devFlag } from "../decorators/dev-flag.decorator";
@@ -15,7 +21,10 @@ const keys = {
   sessionKey: "session",
 };
 
-export class LocalBackedSessionStorageService extends AbstractCachedStorageService {
+export class LocalBackedSessionStorageService
+  extends AbstractCachedStorageService
+  implements MemoryStorageServiceInterface
+{
   private cache = new Map<string, unknown>();
   private localStorage = new BrowserLocalStorageService();
   private sessionStorage = new BrowserMemoryStorageService();
@@ -27,21 +36,26 @@ export class LocalBackedSessionStorageService extends AbstractCachedStorageServi
     super();
   }
 
-  async get<T>(key: string): Promise<T> {
+  async get<T>(key: string, options?: MemoryStorageOptions<T>): Promise<T> {
     if (this.cache.has(key)) {
       return this.cache.get(key) as T;
     }
 
-    return await this.getBypassCache(key);
+    return await this.getBypassCache(key, options);
   }
 
-  async getBypassCache<T>(key: string): Promise<T> {
+  async getBypassCache<T>(key: string, options?: MemoryStorageOptions<T>): Promise<T> {
     const session = await this.getLocalSession(await this.getSessionEncKey());
     if (session == null || !Object.keys(session).includes(key)) {
       return null;
     }
 
-    this.cache.set(key, session[key]);
+    let value = session[key];
+    if (options?.deserializer != null) {
+      value = options.deserializer(value as Jsonify<T>);
+    }
+
+    this.cache.set(key, value);
     return this.cache.get(key) as T;
   }
 
diff --git a/apps/browser/src/services/state.service.spec.ts b/apps/browser/src/services/state.service.spec.ts
index 60813c229316..f3b6c74a5e35 100644
--- a/apps/browser/src/services/state.service.spec.ts
+++ b/apps/browser/src/services/state.service.spec.ts
@@ -1,8 +1,8 @@
-import { Substitute, SubstituteOf } from "@fluffy-spoon/substitute";
+import { Arg, Substitute, SubstituteOf } from "@fluffy-spoon/substitute";
 
 import { LogService } from "@bitwarden/common/abstractions/log.service";
 import {
-  AbstractCachedStorageService,
+  MemoryStorageServiceInterface,
   AbstractStorageService,
 } from "@bitwarden/common/abstractions/storage.service";
 import { SendType } from "@bitwarden/common/enums/sendType";
@@ -49,7 +49,7 @@ describe("Browser State Service", () => {
   });
 
   describe("direct memory storage access", () => {
-    let memoryStorageService: AbstractCachedStorageService;
+    let memoryStorageService: LocalBackedSessionStorageService;
 
     beforeEach(() => {
       // We need `AbstractCachedStorageService` in the prototype chain to correctly test cache bypass.
@@ -79,12 +79,12 @@ describe("Browser State Service", () => {
   });
 
   describe("state methods", () => {
-    let memoryStorageService: SubstituteOf<AbstractStorageService>;
+    let memoryStorageService: SubstituteOf<AbstractStorageService & MemoryStorageServiceInterface>;
 
     beforeEach(() => {
       memoryStorageService = Substitute.for();
       const stateGetter = (key: string) => Promise.resolve(JSON.parse(JSON.stringify(state)));
-      memoryStorageService.get("state").mimicks(stateGetter);
+      memoryStorageService.get("state", Arg.any()).mimicks(stateGetter);
 
       sut = new StateService(
         diskStorageService,
diff --git a/apps/browser/src/services/state.service.ts b/apps/browser/src/services/state.service.ts
index 6685f495e065..78bc721031a0 100644
--- a/apps/browser/src/services/state.service.ts
+++ b/apps/browser/src/services/state.service.ts
@@ -1,3 +1,5 @@
+import { Jsonify } from "type-fest";
+
 import { AbstractCachedStorageService } from "@bitwarden/common/abstractions/storage.service";
 import { GlobalState } from "@bitwarden/common/models/domain/globalState";
 import { StorageOptions } from "@bitwarden/common/models/domain/storageOptions";
@@ -17,9 +19,9 @@ export class StateService
   extends BaseStateService<GlobalState, Account>
   implements StateServiceAbstraction
 {
-  async getFromSessionMemory<T>(key: string): Promise<T> {
+  async getFromSessionMemory<T>(key: string, deserializer?: (obj: Jsonify<T>) => T): Promise<T> {
     return this.memoryStorageService instanceof AbstractCachedStorageService
-      ? await this.memoryStorageService.getBypassCache<T>(key)
+      ? await this.memoryStorageService.getBypassCache<T>(key, { deserializer: deserializer })
       : await this.memoryStorageService.get<T>(key);
   }
 
diff --git a/apps/browser/store/locales/be/copy.resx b/apps/browser/store/locales/be/copy.resx
index 76c10a400e4a..f0f63d5394ae 100644
--- a/apps/browser/store/locales/be/copy.resx
+++ b/apps/browser/store/locales/be/copy.resx
@@ -141,7 +141,7 @@ Bitwarden — гэта праграмнае забеспячэнне з адкр
     <value>Сінхранізацыя і доступ да сховішча з некалькіх прылад</value>
   </data>
   <data name="ScreenshotVault" xml:space="preserve">
-    <value>Кіруйце ўсімі вашымі імёнамі карыстальніка і паролямі з бяспечнага сховішча</value>
+    <value>Кіруйце ўсімі вашымі лагінамі і паролямі з бяспечнага сховішча</value>
   </data>
   <data name="ScreenshotAutofill" xml:space="preserve">
     <value>Хутка і аўтаматычна запаўняйце свае ўліковыя даныя на любым вэб-сайце</value>
@@ -150,7 +150,7 @@ Bitwarden — гэта праграмнае забеспячэнне з адкр
     <value>У вас ёсць зручны доступ да сховішча з кантэкстнага меню</value>
   </data>
   <data name="ScreenshotPassword" xml:space="preserve">
-    <value>Аўтаматычна генерыруйце моцныя, выпадковыя і бяспечныя паролі</value>
+    <value>Аўтаматычна генерыруйце надзейныя, выпадковыя і бяспечныя паролі</value>
   </data>
   <data name="ScreenshotEdit" xml:space="preserve">
     <value>Вашыя звесткі надзейна захоўваюцца, дзякуючы шыфраванню AES-256</value>
diff --git a/apps/browser/store/locales/ca/copy.resx b/apps/browser/store/locales/ca/copy.resx
index aaabe81d590e..0bd454addb21 100644
--- a/apps/browser/store/locales/ca/copy.resx
+++ b/apps/browser/store/locales/ca/copy.resx
@@ -148,7 +148,8 @@ Traduccions globals
 Les traduccions de Bitwarden existeixen en 40 idiomes i creixen, gràcies a la nostra comunitat global.
 
 Aplicacions de plataforma creuada
-Assegureu-vos i compartiu dades sensibles a la vostra caixa forta de Bitwarden des de qualsevol navegador, dispositiu mòbil o S.O. d'escriptori, i molt més.</value>
+Assegureu-vos i compartiu dades sensibles a la vostra caixa forta de Bitwarden des de qualsevol navegador, dispositiu mòbil o S.O. d'escriptori, i molt més.
+</value>
   </data>
   <data name="AssetTitle" xml:space="preserve">
     <value>Administrador de contrasenyes segur i gratuït per a tots els vostres dispositius</value>
diff --git a/apps/browser/store/locales/tr/copy.resx b/apps/browser/store/locales/tr/copy.resx
index 2763c3ec91b3..1fc3e2a34b30 100644
--- a/apps/browser/store/locales/tr/copy.resx
+++ b/apps/browser/store/locales/tr/copy.resx
@@ -139,7 +139,7 @@ Bitwarden, parolaları iş arkadaşlarınızla güvenli bir şekilde paylaşabil
 Neden Bitwarden?
 
 Üst düzey şifreleme
-Parolalarınız gelişmiş uçtan uca şifreleme (AES-256 bit, salted hashtag ve PBKDF2 SHA-256) ile korunuyor, böylece verileriniz güvende ve gizli kalıyor.
+Parolalarınız gelişmiş uçtan uca şifreleme (AES-256 bit, salted hashing ve PBKDF2 SHA-256) ile korunuyor, böylece verileriniz güvende ve gizli kalıyor.
 
 Dahili parola oluşturucu
 Sık kullandığınız web siteleri için güvenlik gereksinimlerinize uygun, güçlü, benzersiz ve rastgele parolalar oluşturabilirsiniz.
@@ -148,7 +148,8 @@ Sık kullandığınız web siteleri için güvenlik gereksinimlerinize uygun, g
 Bitwarden 40 dilde kullanılabiliyor ve gönüllü topluluğumuz sayesinde çeviri sayısı giderek artıyor.
 
 Her platformla uyumlu uygulamalar
-Bitwarden kasanızdaki hassas verilere her tarayıcıdan, mobil cihazdan veya masaüstü işletim sisteminden ulaşabilir ve onları paylaşabilirsiniz.</value>
+Bitwarden kasanızdaki hassas verilere her tarayıcıdan, mobil cihazdan veya masaüstü işletim sisteminden ulaşabilir ve onları paylaşabilirsiniz.
+</value>
   </data>
   <data name="AssetTitle" xml:space="preserve">
     <value>Tüm cihazarınız için güvenli ve ücretsiz bir parola yöneticisi</value>
diff --git a/apps/cli/stores/snap/snapcraft.yaml b/apps/cli/stores/snap/snapcraft.yaml
index d76e30ef1043..19e6897faa3f 100644
--- a/apps/cli/stores/snap/snapcraft.yaml
+++ b/apps/cli/stores/snap/snapcraft.yaml
@@ -32,7 +32,9 @@ base: core18
 apps:
   bw:
     command: bw
-    plugs: [network, home, network-bind]
+    environment:
+      XDG_CONFIG_HOME: $SNAP_USER_DATA
+    plugs: [network, network-bind]
 parts:
   bw:
     plugin: dump
diff --git a/apps/desktop/config/development.json b/apps/desktop/config/development.json
index 3c93018e65f5..b587e9ecfb92 100644
--- a/apps/desktop/config/development.json
+++ b/apps/desktop/config/development.json
@@ -1,4 +1,6 @@
 {
   "devFlags": {},
-  "flags": {}
+  "flags": {
+    "showDDGSetting": true
+  }
 }
diff --git a/apps/desktop/config/production.json b/apps/desktop/config/production.json
index b04d1531a2f4..56f193413049 100644
--- a/apps/desktop/config/production.json
+++ b/apps/desktop/config/production.json
@@ -1,3 +1,5 @@
 {
-  "flags": {}
+  "flags": {
+    "showDDGSetting": true
+  }
 }
diff --git a/apps/desktop/native-messaging-test-runner/.eslintrc.json b/apps/desktop/native-messaging-test-runner/.eslintrc.json
new file mode 100644
index 000000000000..d5ba8f9d9ca8
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/.eslintrc.json
@@ -0,0 +1,5 @@
+{
+  "rules": {
+    "no-console": "off"
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/package-lock.json b/apps/desktop/native-messaging-test-runner/package-lock.json
new file mode 100644
index 000000000000..34b1bb540680
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/package-lock.json
@@ -0,0 +1,681 @@
+{
+  "name": "native-messaging-test-runner",
+  "version": "1.0.0",
+  "lockfileVersion": 2,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "native-messaging-test-runner",
+      "version": "1.0.0",
+      "license": "GPL-3.0",
+      "dependencies": {
+        "@bitwarden/common": "file:../../../libs/common",
+        "@bitwarden/node": "file:../../../libs/node",
+        "module-alias": "^2.2.2",
+        "node-ipc": "9.2.1",
+        "ts-node": "^10.9.1",
+        "uuid": "^8.3.2",
+        "yargs": "^17.5.1"
+      },
+      "devDependencies": {
+        "@tsconfig/node16": "^1.0.3",
+        "@types/node": "^18.6.5",
+        "@types/node-ipc": "9.2.0",
+        "typescript": "^4.7.4"
+      }
+    },
+    "../../../libs/common": {
+      "name": "@bitwarden/common",
+      "version": "0.0.0",
+      "license": "GPL-3.0"
+    },
+    "../../../libs/node": {
+      "name": "@bitwarden/node",
+      "version": "0.0.0",
+      "license": "GPL-3.0",
+      "dependencies": {
+        "@bitwarden/common": "file:../common"
+      }
+    },
+    "node_modules/@bitwarden/common": {
+      "resolved": "../../../libs/common",
+      "link": true
+    },
+    "node_modules/@bitwarden/node": {
+      "resolved": "../../../libs/node",
+      "link": true
+    },
+    "node_modules/@cspotcode/source-map-support": {
+      "version": "0.8.1",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/trace-mapping": "0.3.9"
+      },
+      "engines": {
+        "node": ">=12"
+      }
+    },
+    "node_modules/@jridgewell/resolve-uri": {
+      "version": "3.1.0",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.4.14",
+      "license": "MIT"
+    },
+    "node_modules/@jridgewell/trace-mapping": {
+      "version": "0.3.9",
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/resolve-uri": "^3.0.3",
+        "@jridgewell/sourcemap-codec": "^1.4.10"
+      }
+    },
+    "node_modules/@tsconfig/node10": {
+      "version": "1.0.9",
+      "license": "MIT"
+    },
+    "node_modules/@tsconfig/node12": {
+      "version": "1.0.11",
+      "license": "MIT"
+    },
+    "node_modules/@tsconfig/node14": {
+      "version": "1.0.3",
+      "license": "MIT"
+    },
+    "node_modules/@tsconfig/node16": {
+      "version": "1.0.3",
+      "license": "MIT"
+    },
+    "node_modules/@types/node": {
+      "version": "18.6.5",
+      "license": "MIT"
+    },
+    "node_modules/@types/node-ipc": {
+      "version": "9.2.0",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@types/node": "*"
+      }
+    },
+    "node_modules/acorn": {
+      "version": "8.8.0",
+      "license": "MIT",
+      "bin": {
+        "acorn": "bin/acorn"
+      },
+      "engines": {
+        "node": ">=0.4.0"
+      }
+    },
+    "node_modules/acorn-walk": {
+      "version": "8.2.0",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.4.0"
+      }
+    },
+    "node_modules/ansi-regex": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
+      "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/ansi-styles": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
+      "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
+      "dependencies": {
+        "color-convert": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/ansi-styles?sponsor=1"
+      }
+    },
+    "node_modules/arg": {
+      "version": "4.1.3",
+      "license": "MIT"
+    },
+    "node_modules/cliui": {
+      "version": "7.0.4",
+      "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz",
+      "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==",
+      "dependencies": {
+        "string-width": "^4.2.0",
+        "strip-ansi": "^6.0.0",
+        "wrap-ansi": "^7.0.0"
+      }
+    },
+    "node_modules/color-convert": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
+      "dependencies": {
+        "color-name": "~1.1.4"
+      },
+      "engines": {
+        "node": ">=7.0.0"
+      }
+    },
+    "node_modules/color-name": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
+    },
+    "node_modules/create-require": {
+      "version": "1.1.1",
+      "license": "MIT"
+    },
+    "node_modules/diff": {
+      "version": "4.0.2",
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=0.3.1"
+      }
+    },
+    "node_modules/easy-stack": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/easy-stack/-/easy-stack-1.0.1.tgz",
+      "integrity": "sha512-wK2sCs4feiiJeFXn3zvY0p41mdU5VUgbgs1rNsc/y5ngFUijdWd+iIN8eoyuZHKB8xN6BL4PdWmzqFmxNg6V2w==",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/emoji-regex": {
+      "version": "8.0.0",
+      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
+      "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
+    },
+    "node_modules/escalade": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz",
+      "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/event-pubsub": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/event-pubsub/-/event-pubsub-4.3.0.tgz",
+      "integrity": "sha512-z7IyloorXvKbFx9Bpie2+vMJKKx1fH1EN5yiTfp8CiLOTptSYy1g8H4yDpGlEdshL1PBiFtBHepF2cNsqeEeFQ==",
+      "engines": {
+        "node": ">=4.0.0"
+      }
+    },
+    "node_modules/get-caller-file": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz",
+      "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==",
+      "engines": {
+        "node": "6.* || 8.* || >= 10.*"
+      }
+    },
+    "node_modules/is-fullwidth-code-point": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
+      "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/js-message": {
+      "version": "1.0.7",
+      "resolved": "https://registry.npmjs.org/js-message/-/js-message-1.0.7.tgz",
+      "integrity": "sha512-efJLHhLjIyKRewNS9EGZ4UpI8NguuL6fKkhRxVuMmrGV2xN/0APGdQYwLFky5w9naebSZ0OwAGp0G6/2Cg90rA==",
+      "engines": {
+        "node": ">=0.6.0"
+      }
+    },
+    "node_modules/js-queue": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/js-queue/-/js-queue-2.0.2.tgz",
+      "integrity": "sha512-pbKLsbCfi7kriM3s1J4DDCo7jQkI58zPLHi0heXPzPlj0hjUsm+FesPUbE0DSbIVIK503A36aUBoCN7eMFedkA==",
+      "dependencies": {
+        "easy-stack": "^1.0.1"
+      },
+      "engines": {
+        "node": ">=1.0.0"
+      }
+    },
+    "node_modules/make-error": {
+      "version": "1.3.6",
+      "license": "ISC"
+    },
+    "node_modules/module-alias": {
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/module-alias/-/module-alias-2.2.2.tgz",
+      "integrity": "sha512-A/78XjoX2EmNvppVWEhM2oGk3x4lLxnkEA4jTbaK97QKSDjkIoOsKQlfylt/d3kKKi596Qy3NP5XrXJ6fZIC9Q=="
+    },
+    "node_modules/node-ipc": {
+      "version": "9.2.1",
+      "resolved": "https://registry.npmjs.org/node-ipc/-/node-ipc-9.2.1.tgz",
+      "integrity": "sha512-mJzaM6O3xHf9VT8BULvJSbdVbmHUKRNOH7zDDkCrA1/T+CVjq2WVIDfLt0azZRXpgArJtl3rtmEozrbXPZ9GaQ==",
+      "dependencies": {
+        "event-pubsub": "4.3.0",
+        "js-message": "1.0.7",
+        "js-queue": "2.0.2"
+      },
+      "engines": {
+        "node": ">=8.0.0"
+      }
+    },
+    "node_modules/require-directory": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
+      "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/string-width": {
+      "version": "4.2.3",
+      "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
+      "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
+      "dependencies": {
+        "emoji-regex": "^8.0.0",
+        "is-fullwidth-code-point": "^3.0.0",
+        "strip-ansi": "^6.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/strip-ansi": {
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
+      "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
+      "dependencies": {
+        "ansi-regex": "^5.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/ts-node": {
+      "version": "10.9.1",
+      "license": "MIT",
+      "dependencies": {
+        "@cspotcode/source-map-support": "^0.8.0",
+        "@tsconfig/node10": "^1.0.7",
+        "@tsconfig/node12": "^1.0.7",
+        "@tsconfig/node14": "^1.0.0",
+        "@tsconfig/node16": "^1.0.2",
+        "acorn": "^8.4.1",
+        "acorn-walk": "^8.1.1",
+        "arg": "^4.1.0",
+        "create-require": "^1.1.0",
+        "diff": "^4.0.1",
+        "make-error": "^1.1.1",
+        "v8-compile-cache-lib": "^3.0.1",
+        "yn": "3.1.1"
+      },
+      "bin": {
+        "ts-node": "dist/bin.js",
+        "ts-node-cwd": "dist/bin-cwd.js",
+        "ts-node-esm": "dist/bin-esm.js",
+        "ts-node-script": "dist/bin-script.js",
+        "ts-node-transpile-only": "dist/bin-transpile.js",
+        "ts-script": "dist/bin-script-deprecated.js"
+      },
+      "peerDependencies": {
+        "@swc/core": ">=1.2.50",
+        "@swc/wasm": ">=1.2.50",
+        "@types/node": "*",
+        "typescript": ">=2.7"
+      },
+      "peerDependenciesMeta": {
+        "@swc/core": {
+          "optional": true
+        },
+        "@swc/wasm": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/typescript": {
+      "version": "4.7.4",
+      "license": "Apache-2.0",
+      "bin": {
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
+      },
+      "engines": {
+        "node": ">=4.2.0"
+      }
+    },
+    "node_modules/uuid": {
+      "version": "8.3.2",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
+      "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==",
+      "bin": {
+        "uuid": "dist/bin/uuid"
+      }
+    },
+    "node_modules/v8-compile-cache-lib": {
+      "version": "3.0.1",
+      "license": "MIT"
+    },
+    "node_modules/wrap-ansi": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
+      "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
+      "dependencies": {
+        "ansi-styles": "^4.0.0",
+        "string-width": "^4.1.0",
+        "strip-ansi": "^6.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
+      }
+    },
+    "node_modules/y18n": {
+      "version": "5.0.8",
+      "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",
+      "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==",
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/yargs": {
+      "version": "17.5.1",
+      "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.5.1.tgz",
+      "integrity": "sha512-t6YAJcxDkNX7NFYiVtKvWUz8l+PaKTLiL63mJYWR2GnHq2gjEWISzsLp9wg3aY36dY1j+gfIEL3pIF+XlJJfbA==",
+      "dependencies": {
+        "cliui": "^7.0.2",
+        "escalade": "^3.1.1",
+        "get-caller-file": "^2.0.5",
+        "require-directory": "^2.1.1",
+        "string-width": "^4.2.3",
+        "y18n": "^5.0.5",
+        "yargs-parser": "^21.0.0"
+      },
+      "engines": {
+        "node": ">=12"
+      }
+    },
+    "node_modules/yargs-parser": {
+      "version": "21.1.1",
+      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz",
+      "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==",
+      "engines": {
+        "node": ">=12"
+      }
+    },
+    "node_modules/yn": {
+      "version": "3.1.1",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    }
+  },
+  "dependencies": {
+    "@bitwarden/common": {
+      "version": "file:../../../libs/common"
+    },
+    "@bitwarden/node": {
+      "version": "file:../../../libs/node",
+      "requires": {
+        "@bitwarden/common": "file:../common"
+      }
+    },
+    "@cspotcode/source-map-support": {
+      "version": "0.8.1",
+      "requires": {
+        "@jridgewell/trace-mapping": "0.3.9"
+      }
+    },
+    "@jridgewell/resolve-uri": {
+      "version": "3.1.0"
+    },
+    "@jridgewell/sourcemap-codec": {
+      "version": "1.4.14"
+    },
+    "@jridgewell/trace-mapping": {
+      "version": "0.3.9",
+      "requires": {
+        "@jridgewell/resolve-uri": "^3.0.3",
+        "@jridgewell/sourcemap-codec": "^1.4.10"
+      }
+    },
+    "@tsconfig/node10": {
+      "version": "1.0.9"
+    },
+    "@tsconfig/node12": {
+      "version": "1.0.11"
+    },
+    "@tsconfig/node14": {
+      "version": "1.0.3"
+    },
+    "@tsconfig/node16": {
+      "version": "1.0.3"
+    },
+    "@types/node": {
+      "version": "18.6.5"
+    },
+    "@types/node-ipc": {
+      "version": "9.2.0",
+      "dev": true,
+      "requires": {
+        "@types/node": "*"
+      }
+    },
+    "acorn": {
+      "version": "8.8.0"
+    },
+    "acorn-walk": {
+      "version": "8.2.0"
+    },
+    "ansi-regex": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
+      "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ=="
+    },
+    "ansi-styles": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
+      "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
+      "requires": {
+        "color-convert": "^2.0.1"
+      }
+    },
+    "arg": {
+      "version": "4.1.3"
+    },
+    "cliui": {
+      "version": "7.0.4",
+      "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz",
+      "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==",
+      "requires": {
+        "string-width": "^4.2.0",
+        "strip-ansi": "^6.0.0",
+        "wrap-ansi": "^7.0.0"
+      }
+    },
+    "color-convert": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
+      "requires": {
+        "color-name": "~1.1.4"
+      }
+    },
+    "color-name": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
+    },
+    "create-require": {
+      "version": "1.1.1"
+    },
+    "diff": {
+      "version": "4.0.2"
+    },
+    "easy-stack": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/easy-stack/-/easy-stack-1.0.1.tgz",
+      "integrity": "sha512-wK2sCs4feiiJeFXn3zvY0p41mdU5VUgbgs1rNsc/y5ngFUijdWd+iIN8eoyuZHKB8xN6BL4PdWmzqFmxNg6V2w=="
+    },
+    "emoji-regex": {
+      "version": "8.0.0",
+      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
+      "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
+    },
+    "escalade": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz",
+      "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw=="
+    },
+    "event-pubsub": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/event-pubsub/-/event-pubsub-4.3.0.tgz",
+      "integrity": "sha512-z7IyloorXvKbFx9Bpie2+vMJKKx1fH1EN5yiTfp8CiLOTptSYy1g8H4yDpGlEdshL1PBiFtBHepF2cNsqeEeFQ=="
+    },
+    "get-caller-file": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz",
+      "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg=="
+    },
+    "is-fullwidth-code-point": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
+      "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg=="
+    },
+    "js-message": {
+      "version": "1.0.7",
+      "resolved": "https://registry.npmjs.org/js-message/-/js-message-1.0.7.tgz",
+      "integrity": "sha512-efJLHhLjIyKRewNS9EGZ4UpI8NguuL6fKkhRxVuMmrGV2xN/0APGdQYwLFky5w9naebSZ0OwAGp0G6/2Cg90rA==",
+      "resolved": "https://registry.npmjs.org/js-message/-/js-message-1.0.7.tgz",
+      "integrity": "sha512-efJLHhLjIyKRewNS9EGZ4UpI8NguuL6fKkhRxVuMmrGV2xN/0APGdQYwLFky5w9naebSZ0OwAGp0G6/2Cg90rA=="
+    },
+    "js-queue": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/js-queue/-/js-queue-2.0.2.tgz",
+      "integrity": "sha512-pbKLsbCfi7kriM3s1J4DDCo7jQkI58zPLHi0heXPzPlj0hjUsm+FesPUbE0DSbIVIK503A36aUBoCN7eMFedkA==",
+      "resolved": "https://registry.npmjs.org/js-queue/-/js-queue-2.0.2.tgz",
+      "integrity": "sha512-pbKLsbCfi7kriM3s1J4DDCo7jQkI58zPLHi0heXPzPlj0hjUsm+FesPUbE0DSbIVIK503A36aUBoCN7eMFedkA==",
+      "requires": {
+        "easy-stack": "^1.0.1"
+      }
+    },
+    "make-error": {
+      "version": "1.3.6"
+    },
+    "module-alias": {
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/module-alias/-/module-alias-2.2.2.tgz",
+      "integrity": "sha512-A/78XjoX2EmNvppVWEhM2oGk3x4lLxnkEA4jTbaK97QKSDjkIoOsKQlfylt/d3kKKi596Qy3NP5XrXJ6fZIC9Q=="
+    },
+    "node-ipc": {
+      "version": "9.2.1",
+      "resolved": "https://registry.npmjs.org/node-ipc/-/node-ipc-9.2.1.tgz",
+      "integrity": "sha512-mJzaM6O3xHf9VT8BULvJSbdVbmHUKRNOH7zDDkCrA1/T+CVjq2WVIDfLt0azZRXpgArJtl3rtmEozrbXPZ9GaQ==",
+      "requires": {
+        "event-pubsub": "4.3.0",
+        "js-message": "1.0.7",
+        "js-queue": "2.0.2"
+      }
+    },
+    "require-directory": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
+      "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q=="
+    },
+    "string-width": {
+      "version": "4.2.3",
+      "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
+      "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
+      "requires": {
+        "emoji-regex": "^8.0.0",
+        "is-fullwidth-code-point": "^3.0.0",
+        "strip-ansi": "^6.0.1"
+      }
+    },
+    "strip-ansi": {
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
+      "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
+      "requires": {
+        "ansi-regex": "^5.0.1"
+      }
+    },
+    "ts-node": {
+      "version": "10.9.1",
+      "requires": {
+        "@cspotcode/source-map-support": "^0.8.0",
+        "@tsconfig/node10": "^1.0.7",
+        "@tsconfig/node12": "^1.0.7",
+        "@tsconfig/node14": "^1.0.0",
+        "@tsconfig/node16": "^1.0.2",
+        "acorn": "^8.4.1",
+        "acorn-walk": "^8.1.1",
+        "arg": "^4.1.0",
+        "create-require": "^1.1.0",
+        "diff": "^4.0.1",
+        "make-error": "^1.1.1",
+        "v8-compile-cache-lib": "^3.0.1",
+        "yn": "3.1.1"
+      }
+    },
+    "typescript": {
+      "version": "4.7.4"
+    },
+    "uuid": {
+      "version": "8.3.2",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
+      "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg=="
+    },
+    "v8-compile-cache-lib": {
+      "version": "3.0.1"
+    },
+    "wrap-ansi": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
+      "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
+      "requires": {
+        "ansi-styles": "^4.0.0",
+        "string-width": "^4.1.0",
+        "strip-ansi": "^6.0.0"
+      }
+    },
+    "y18n": {
+      "version": "5.0.8",
+      "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",
+      "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA=="
+    },
+    "yargs": {
+      "version": "17.5.1",
+      "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.5.1.tgz",
+      "integrity": "sha512-t6YAJcxDkNX7NFYiVtKvWUz8l+PaKTLiL63mJYWR2GnHq2gjEWISzsLp9wg3aY36dY1j+gfIEL3pIF+XlJJfbA==",
+      "requires": {
+        "cliui": "^7.0.2",
+        "escalade": "^3.1.1",
+        "get-caller-file": "^2.0.5",
+        "require-directory": "^2.1.1",
+        "string-width": "^4.2.3",
+        "y18n": "^5.0.5",
+        "yargs-parser": "^21.0.0"
+      }
+    },
+    "yargs-parser": {
+      "version": "21.1.1",
+      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz",
+      "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw=="
+    },
+    "yn": {
+      "version": "3.1.1"
+    }
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/package.json b/apps/desktop/native-messaging-test-runner/package.json
new file mode 100644
index 000000000000..85d4a1ab6a63
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/package.json
@@ -0,0 +1,35 @@
+{
+  "name": "native-messaging-test-runner",
+  "version": "1.0.0",
+  "description": "Test runner for Desktop native messaging",
+  "main": "dist/bw-handshake.ts",
+  "scripts": {
+    "handshake": "tsc && node dist/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.js",
+    "status": "tsc && node dist/apps/desktop/native-messaging-test-runner/src/commands/bw-status.js",
+    "retrieve": "tsc && node dist/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.js",
+    "create": "tsc && node dist/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.js",
+    "update": "tsc && node dist/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.js",
+    "generate": "tsc && node dist/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.js"
+  },
+  "author": "Bitwarden Inc. <hello@bitwarden.com> (https://bitwarden.com)",
+  "license": "GPL-3.0",
+  "dependencies": {
+    "@bitwarden/common": "file:../../../libs/common",
+    "@bitwarden/node": "file:../../../libs/node",
+    "module-alias": "^2.2.2",
+    "node-ipc": "9.2.1",
+    "ts-node": "^10.9.1",
+    "uuid": "^8.3.2",
+    "yargs": "^17.5.1"
+  },
+  "devDependencies": {
+    "@tsconfig/node16": "^1.0.3",
+    "@types/node": "^18.6.5",
+    "@types/node-ipc": "9.2.0",
+    "typescript": "^4.7.4"
+  },
+  "_moduleAliases": {
+    "@bitwarden/common": "dist/libs/common/src",
+    "@bitwarden/node/services/nodeCryptoFunction.service": "dist/libs/node/src/services/nodeCryptoFunction.service"
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.ts
new file mode 100644
index 000000000000..a017b4c72cbf
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.ts
@@ -0,0 +1,66 @@
+import "module-alias/register";
+
+import yargs from "yargs";
+import { hideBin } from "yargs/helpers";
+
+import { NativeMessagingVersion } from "@bitwarden/common/enums/nativeMessagingVersion";
+
+import { CredentialCreatePayload } from "../../../src/models/nativeMessaging/encryptedMessagePayloads/credentialCreatePayload";
+import { LogUtils } from "../logUtils";
+import NativeMessageService from "../nativeMessageService";
+import * as config from "../variables";
+
+const argv: any = yargs(hideBin(process.argv)).option("name", {
+  alias: "n",
+  demand: true,
+  describe: "Name that the created login will be given",
+  type: "string",
+}).argv;
+
+const { name } = argv;
+
+(async () => {
+  const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
+  // Handshake
+  LogUtils.logInfo("Sending Handshake");
+  const handshakeResponse = await nativeMessageService.sendHandshake(
+    config.testRsaPublicKey,
+    config.applicationName
+  );
+
+  if (!handshakeResponse.status) {
+    LogUtils.logError(" Handshake failed. Error was: " + handshakeResponse.error);
+    nativeMessageService.disconnect();
+    return;
+  }
+
+  // Get active account userId
+  const status = await nativeMessageService.checkStatus(handshakeResponse.sharedKey);
+
+  const activeUser = status.payload.filter((a) => a.active === true && a.status === "unlocked")[0];
+  if (activeUser === undefined) {
+    LogUtils.logError("No active or unlocked user");
+  }
+  LogUtils.logInfo("Active userId: " + activeUser.id);
+
+  LogUtils.logSuccess("Handshake success response");
+  const response = await nativeMessageService.credentialCreation(handshakeResponse.sharedKey, {
+    name: name,
+    userName: "SuperAwesomeUser",
+    password: "dolhpin",
+    uri: "google.com",
+    userId: activeUser.id,
+  } as CredentialCreatePayload);
+
+  if (response.payload.status === "failure") {
+    LogUtils.logError("Failure response returned ");
+  } else if (response.payload.status === "success") {
+    LogUtils.logSuccess("Success response returned ");
+  } else if (response.payload.error === "locked") {
+    LogUtils.logError("Error: vault is locked");
+  } else {
+    LogUtils.logWarning("Other response: ", response);
+  }
+
+  nativeMessageService.disconnect();
+})();
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.ts
new file mode 100644
index 000000000000..17244623b55c
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.ts
@@ -0,0 +1,46 @@
+import "module-alias/register";
+
+import yargs from "yargs";
+import { hideBin } from "yargs/helpers";
+
+import { NativeMessagingVersion } from "@bitwarden/common/enums/nativeMessagingVersion";
+
+import { LogUtils } from "../logUtils";
+import NativeMessageService from "../nativeMessageService";
+import * as config from "../variables";
+
+const argv: any = yargs(hideBin(process.argv)).option("uri", {
+  alias: "u",
+  demand: true,
+  describe: "The uri to retrieve logins for",
+  type: "string",
+}).argv;
+
+const { uri } = argv;
+
+(async () => {
+  const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
+  // Handshake
+  LogUtils.logInfo("Sending Handshake");
+  const handshakeResponse = await nativeMessageService.sendHandshake(
+    config.testRsaPublicKey,
+    config.applicationName
+  );
+
+  if (!handshakeResponse.status) {
+    LogUtils.logError(" Handshake failed. Error was: " + handshakeResponse.error);
+    nativeMessageService.disconnect();
+    return;
+  }
+
+  LogUtils.logSuccess("Handshake success response");
+  const response = await nativeMessageService.credentialRetrieval(handshakeResponse.sharedKey, uri);
+
+  if (response.payload.error != null) {
+    LogUtils.logError("Error response returned: ", response.payload.error);
+  } else {
+    LogUtils.logSuccess("Credentials returned ", response);
+  }
+
+  nativeMessageService.disconnect();
+})();
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.ts
new file mode 100644
index 000000000000..ecfbd3f5bb8c
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.ts
@@ -0,0 +1,89 @@
+import "module-alias/register";
+
+import yargs from "yargs";
+import { hideBin } from "yargs/helpers";
+
+import { NativeMessagingVersion } from "@bitwarden/common/enums/nativeMessagingVersion";
+
+import { CredentialUpdatePayload } from "../../../src/models/nativeMessaging/encryptedMessagePayloads/credentialUpdatePayload";
+import { LogUtils } from "../logUtils";
+import NativeMessageService from "../nativeMessageService";
+import * as config from "../variables";
+
+// Command line arguments
+const argv: any = yargs(hideBin(process.argv))
+  .option("name", {
+    alias: "n",
+    demand: true,
+    describe: "Name that the updated login will be given",
+    type: "string",
+  })
+  .option("username", {
+    alias: "u",
+    demand: true,
+    describe: "Username that the login will be given",
+    type: "string",
+  })
+  .option("password", {
+    alias: "p",
+    demand: true,
+    describe: "Password that the login will be given",
+    type: "string",
+  })
+  .option("uri", {
+    demand: true,
+    describe: "Uri that the login will be given",
+    type: "string",
+  })
+  .option("credentialId", {
+    demand: true,
+    describe: "GUID of the credential to update",
+    type: "string",
+  }).argv;
+
+const { name, username, password, uri, credentialId } = argv;
+
+(async () => {
+  const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
+  // Handshake
+  LogUtils.logInfo("Sending Handshake");
+  const handshakeResponse = await nativeMessageService.sendHandshake(
+    config.testRsaPublicKey,
+    config.applicationName
+  );
+
+  if (!handshakeResponse.status) {
+    LogUtils.logError(" Handshake failed. Error was: " + handshakeResponse.error);
+    nativeMessageService.disconnect();
+    return;
+  }
+  LogUtils.logSuccess("Handshake success response");
+
+  // Get active account userId
+  const status = await nativeMessageService.checkStatus(handshakeResponse.sharedKey);
+
+  const activeUser = status.payload.filter((a) => a.active === true && a.status === "unlocked")[0];
+  if (activeUser === undefined) {
+    LogUtils.logError("No active or unlocked user");
+  }
+  LogUtils.logInfo("Active userId: " + activeUser.id);
+
+  const response = await nativeMessageService.credentialUpdate(handshakeResponse.sharedKey, {
+    name: name,
+    password: password,
+    userName: username,
+    uri: uri,
+    userId: activeUser.id,
+    credentialId: credentialId,
+  } as CredentialUpdatePayload);
+
+  if (response.payload.status === "failure") {
+    LogUtils.logError("Failure response returned ");
+  } else if (response.payload.status === "success") {
+    LogUtils.logSuccess("Success response returned ");
+  } else {
+    LogUtils.logWarning("Other response: ", response);
+  }
+
+  nativeMessageService.disconnect();
+})();
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.ts
new file mode 100644
index 000000000000..34bb41abb95e
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.ts
@@ -0,0 +1,46 @@
+import "module-alias/register";
+
+import yargs from "yargs";
+import { hideBin } from "yargs/helpers";
+
+import { NativeMessagingVersion } from "@bitwarden/common/enums/nativeMessagingVersion";
+
+import { LogUtils } from "../logUtils";
+import NativeMessageService from "../nativeMessageService";
+import * as config from "../variables";
+
+const argv: any = yargs(hideBin(process.argv)).option("userId", {
+  alias: "u",
+  demand: true,
+  describe: "UserId to generate password for",
+  type: "string",
+}).argv;
+
+const { userId } = argv;
+
+(async () => {
+  const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
+  // Handshake
+  LogUtils.logInfo("Sending Handshake");
+  const handshakeResponse = await nativeMessageService.sendHandshake(
+    config.testRsaPublicKey,
+    config.applicationName
+  );
+
+  if (!handshakeResponse.status) {
+    LogUtils.logError(" Handshake failed. Error was: " + handshakeResponse.error);
+    nativeMessageService.disconnect();
+    return;
+  }
+
+  LogUtils.logSuccess("Handshake success response");
+  const response = await nativeMessageService.generatePassword(handshakeResponse.sharedKey, userId);
+
+  if (response.payload.error != null) {
+    LogUtils.logError("Error response returned: ", response.payload.error);
+  } else {
+    LogUtils.logSuccess("Response: ", response);
+  }
+
+  nativeMessageService.disconnect();
+})();
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.ts
new file mode 100644
index 000000000000..f3098062c461
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.ts
@@ -0,0 +1,25 @@
+import "module-alias/register";
+
+import { NativeMessagingVersion } from "@bitwarden/common/enums/nativeMessagingVersion";
+
+import { LogUtils } from "../logUtils";
+import NativeMessageService from "../nativeMessageService";
+import * as config from "../variables";
+
+(async () => {
+  const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
+
+  const response = await nativeMessageService.sendHandshake(
+    config.testRsaPublicKey,
+    config.applicationName
+  );
+  LogUtils.logSuccess("Received response to handshake request");
+  if (response.status) {
+    LogUtils.logSuccess("Handshake success response");
+  } else if (response.error === "canceled") {
+    LogUtils.logWarning("Handshake canceled by user");
+  } else {
+    LogUtils.logError("Handshake failure response");
+  }
+  nativeMessageService.disconnect();
+})();
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-status.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-status.ts
new file mode 100644
index 000000000000..7782e203cb89
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-status.ts
@@ -0,0 +1,29 @@
+import "module-alias/register";
+
+import { NativeMessagingVersion } from "@bitwarden/common/enums/nativeMessagingVersion";
+
+import { LogUtils } from "../logUtils";
+import NativeMessageService from "../nativeMessageService";
+import * as config from "../variables";
+
+(async () => {
+  const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
+
+  LogUtils.logInfo("Sending Handshake");
+  const handshakeResponse = await nativeMessageService.sendHandshake(
+    config.testRsaPublicKey,
+    config.applicationName
+  );
+  LogUtils.logSuccess("Received response to handshake request");
+
+  if (!handshakeResponse.status) {
+    LogUtils.logError(" Handshake failed. Error was: " + handshakeResponse.error);
+    nativeMessageService.disconnect();
+    return;
+  }
+  LogUtils.logSuccess("Handshake success response");
+  const status = await nativeMessageService.checkStatus(handshakeResponse.sharedKey);
+
+  LogUtils.logSuccess("Status output is: ", status);
+  nativeMessageService.disconnect();
+})();
diff --git a/apps/desktop/native-messaging-test-runner/src/deferred.ts b/apps/desktop/native-messaging-test-runner/src/deferred.ts
new file mode 100644
index 000000000000..b6478bcf2689
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/deferred.ts
@@ -0,0 +1,26 @@
+// Wrapper for a promise that we can await the promise in one case
+// while allowing an unrelated event to fulfill it elsewhere.
+export default class Deferred<T> {
+  private promise: Promise<T>;
+  private resolver: (T?) => void;
+  private rejecter: (Error?) => void;
+
+  constructor() {
+    this.promise = new Promise<T>((resolve, reject) => {
+      this.resolver = resolve;
+      this.rejecter = reject;
+    });
+  }
+
+  resolve(value?: T) {
+    this.resolver(value);
+  }
+
+  reject(error?: Error) {
+    this.rejecter(error);
+  }
+
+  getPromise(): Promise<T> {
+    return this.promise;
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/src/ipcService.ts b/apps/desktop/native-messaging-test-runner/src/ipcService.ts
new file mode 100644
index 000000000000..eadc69a35136
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/ipcService.ts
@@ -0,0 +1,166 @@
+import { homedir } from "os";
+
+import * as NodeIPC from "node-ipc";
+
+import { MessageCommon } from "../../src/models/nativeMessaging/messageCommon";
+import { UnencryptedMessageResponse } from "../../src/models/nativeMessaging/unencryptedMessageResponse";
+
+import Deferred from "./deferred";
+import { race } from "./race";
+
+NodeIPC.config.id = "native-messaging-test-runner";
+NodeIPC.config.maxRetries = 0;
+NodeIPC.config.silent = true;
+
+const DESKTOP_APP_PATH = `${homedir}/tmp/app.bitwarden`;
+const DEFAULT_MESSAGE_TIMEOUT = 10 * 1000; // 10 seconds
+
+export type MessageHandler = (MessageCommon) => void;
+
+export enum IPCConnectionState {
+  Disconnected = "disconnected",
+  Connecting = "connecting",
+  Connected = "connected",
+}
+
+export type IPCOptions = {
+  overrideTimeout?: number;
+};
+
+export default class IPCService {
+  // The current connection state of the socket.
+  private connectionState: IPCConnectionState = IPCConnectionState.Disconnected;
+
+  // Messages that have been sent, but have not yet received responses
+  private pendingMessages = new Map<string, Deferred<UnencryptedMessageResponse>>();
+
+  // A set of deferred promises that are awaiting socket connection
+  private awaitingConnection = new Set<Deferred<void>>();
+
+  constructor(private socketName: string, private messageHandler: MessageHandler) {}
+
+  async connect(): Promise<void> {
+    console.log("[IPCService] connecting...");
+    if (this.connectionState === IPCConnectionState.Connected) {
+      // Socket is already connected. Don't throw, just allow the callsite to proceed
+      return;
+    }
+
+    const deferredConnections = new Deferred<void>();
+
+    this.awaitingConnection.add(deferredConnections);
+
+    // If the current connection state is disconnected, we should start trying to connect.
+    // The only other possible connection state at this point is "connecting" and if this
+    // is the case, we just want to add a deferred promise to the awaitingConnection collection
+    // and not try to initiate the connection again.
+    if (this.connectionState === IPCConnectionState.Disconnected) {
+      this._connect();
+    }
+
+    return deferredConnections.getPromise();
+  }
+
+  private _connect() {
+    this.connectionState = IPCConnectionState.Connecting;
+
+    NodeIPC.connectTo(this.socketName, DESKTOP_APP_PATH, () => {
+      // Process incoming message
+      this.getSocket().on("message", (message: any) => {
+        this.processMessage(message);
+      });
+
+      this.getSocket().on("error", (error: Error) => {
+        // Only makes sense as long as config.maxRetries stays set to 0. Otherwise this will be
+        // invoked multiple times each time a connection error happens
+        console.log("[IPCService] errored");
+        console.log(
+          "\x1b[33m Please make sure the desktop app is running locally and 'Allow DuckDuckGo browser integration' setting is enabled \x1b[0m"
+        );
+        this.awaitingConnection.forEach((deferred) => {
+          console.log(`rejecting: ${deferred}`);
+          deferred.reject(error);
+        });
+        this.awaitingConnection.clear();
+      });
+
+      this.getSocket().on("connect", () => {
+        console.log("[IPCService] connected");
+        this.connectionState = IPCConnectionState.Connected;
+
+        this.awaitingConnection.forEach((deferred) => {
+          deferred.resolve(null);
+        });
+        this.awaitingConnection.clear();
+      });
+
+      this.getSocket().on("disconnect", () => {
+        console.log("[IPCService] disconnected");
+        this.connectionState = IPCConnectionState.Disconnected;
+      });
+    });
+  }
+
+  disconnect() {
+    console.log("[IPCService] disconnecting...");
+    if (this.connectionState !== IPCConnectionState.Disconnected) {
+      NodeIPC.disconnect(this.socketName);
+    }
+  }
+
+  async sendMessage(
+    message: MessageCommon,
+    options: IPCOptions = {}
+  ): Promise<UnencryptedMessageResponse> {
+    console.log("[IPCService] sendMessage");
+    if (this.pendingMessages.has(message.messageId)) {
+      throw new Error(`A message with the id: ${message.messageId} has already been sent.`);
+    }
+
+    // Creates a new deferred promise that allows us to convert a message received over the IPC socket
+    // into a response for a message that we previously sent. This mechanism relies on the fact that we
+    // create a unique message id and attach it with each message. Response messages are expected to
+    // include the message id of the message they are responding to.
+    const deferred = new Deferred<UnencryptedMessageResponse>();
+
+    this.pendingMessages.set(message.messageId, deferred);
+
+    this.getSocket().emit("message", message);
+
+    try {
+      // Since we can not guarentee that a response message will ever be sent, we put a timeout
+      // on messages
+      return race({
+        promise: deferred.getPromise(),
+        timeout: options?.overrideTimeout ?? DEFAULT_MESSAGE_TIMEOUT,
+        error: new Error(`Message: ${message.messageId} timed out`),
+      });
+    } catch (error) {
+      // If there is a timeout, remove the message from the pending messages set
+      // before triggering error handling elsewhere.
+      this.pendingMessages.delete(message.messageId);
+      throw error;
+    }
+  }
+
+  private getSocket() {
+    return NodeIPC.of[this.socketName];
+  }
+
+  private processMessage(message: any) {
+    // If the message is a response to a previous message, resolve the deferred promise that
+    // is awaiting that response. Otherwise, assume this was a new message that wasn't sent as a
+    // response and invoke the message handler.
+    if (message.messageId && this.pendingMessages.has(message.messageId)) {
+      const deferred = this.pendingMessages.get(message.messageId);
+
+      // In the future, this could be improved to add ability to reject, but most messages coming in are
+      // encrypted at this point so we're unable to determine if they contain error info.
+      deferred.resolve(message);
+
+      this.pendingMessages.delete(message.messageId);
+    } else {
+      this.messageHandler(message);
+    }
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/src/logUtils.ts b/apps/desktop/native-messaging-test-runner/src/logUtils.ts
new file mode 100644
index 000000000000..0e7c39742e30
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/logUtils.ts
@@ -0,0 +1,29 @@
+/* eslint-disable no-console */
+
+// Class for logging messages with colors for ease of reading important info
+// Reference: https://stackoverflow.com/a/41407246
+export class LogUtils {
+  static logSuccess(message: string, payload?: any): void {
+    this.logFormat(message, "32", payload);
+  }
+
+  static logWarning(message: string, payload?: any): void {
+    this.logFormat(message, "33", payload);
+  }
+
+  static logError(message: string, payload?: any): void {
+    this.logFormat(message, "31", payload);
+  }
+
+  static logInfo(message: string, payload?: any): void {
+    this.logFormat(message, "36", payload);
+  }
+
+  private static logFormat(message: string, color: string, payload?: any) {
+    if (payload) {
+      console.log(`\x1b[${color}m ${message} \x1b[0m`, payload);
+    } else {
+      console.log(`\x1b[${color}m ${message} \x1b[0m`);
+    }
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/src/nativeMessageService.ts b/apps/desktop/native-messaging-test-runner/src/nativeMessageService.ts
new file mode 100644
index 000000000000..ada09064e3c3
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/nativeMessageService.ts
@@ -0,0 +1,235 @@
+import "module-alias/register";
+
+import { v4 as uuidv4 } from "uuid";
+
+import { Utils } from "@bitwarden/common/misc/utils";
+import { EncString } from "@bitwarden/common/models/domain/encString";
+import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
+import { ConsoleLogService } from "@bitwarden/common/services/consoleLog.service";
+import { EncryptService } from "@bitwarden/common/services/encrypt.service";
+import { NodeCryptoFunctionService } from "@bitwarden/node/services/nodeCryptoFunction.service";
+
+import { DecryptedCommandData } from "../../src/models/nativeMessaging/decryptedCommandData";
+import { EncryptedMessage } from "../../src/models/nativeMessaging/encryptedMessage";
+import { CredentialCreatePayload } from "../../src/models/nativeMessaging/encryptedMessagePayloads/credentialCreatePayload";
+import { CredentialUpdatePayload } from "../../src/models/nativeMessaging/encryptedMessagePayloads/credentialUpdatePayload";
+import { EncryptedMessageResponse } from "../../src/models/nativeMessaging/encryptedMessageResponse";
+import { MessageCommon } from "../../src/models/nativeMessaging/messageCommon";
+import { UnencryptedMessage } from "../../src/models/nativeMessaging/unencryptedMessage";
+import { UnencryptedMessageResponse } from "../../src/models/nativeMessaging/unencryptedMessageResponse";
+
+import IPCService, { IPCOptions } from "./ipcService";
+import * as config from "./variables";
+
+type HandshakeResponse = {
+  status: boolean;
+  sharedKey: string;
+  error?: "canceled" | "cannot-decrypt";
+};
+
+const CONFIRMATION_MESSAGE_TIMEOUT = 100 * 1000; // 100 seconds
+
+export default class NativeMessageService {
+  private ipcService: IPCService;
+  private nodeCryptoFunctionService: NodeCryptoFunctionService;
+  private encryptService: EncryptService;
+
+  constructor(private apiVersion: number) {
+    console.log("Starting native messaging service");
+    this.ipcService = new IPCService(`bitwarden`, (rawMessage) => {
+      console.log(`Received unexpected: `, rawMessage);
+    });
+
+    this.nodeCryptoFunctionService = new NodeCryptoFunctionService();
+    this.encryptService = new EncryptService(
+      this.nodeCryptoFunctionService,
+      new ConsoleLogService(false),
+      false
+    );
+  }
+
+  // Commands
+
+  async sendHandshake(publicKey: string, applicationName: string): Promise<HandshakeResponse> {
+    const rawResponse = await this.sendUnencryptedMessage(
+      {
+        command: "bw-handshake",
+        payload: {
+          publicKey,
+          applicationName: applicationName,
+        },
+      },
+      {
+        overrideTimeout: CONFIRMATION_MESSAGE_TIMEOUT,
+      }
+    );
+    return rawResponse.payload as HandshakeResponse;
+  }
+
+  async checkStatus(key: string): Promise<DecryptedCommandData> {
+    const encryptedCommand = await this.encryptCommandData(
+      {
+        command: "bw-status",
+      },
+      key
+    );
+
+    const response = await this.sendEncryptedMessage({
+      encryptedCommand,
+    });
+
+    return this.decryptResponsePayload(response.encryptedPayload, key);
+  }
+
+  async credentialRetrieval(key: string, uri: string): Promise<DecryptedCommandData> {
+    const encryptedCommand = await this.encryptCommandData(
+      {
+        command: "bw-credential-retrieval",
+        payload: {
+          uri: uri,
+        },
+      },
+      key
+    );
+    const response = await this.sendEncryptedMessage({
+      encryptedCommand,
+    });
+
+    return this.decryptResponsePayload(response.encryptedPayload, key);
+  }
+
+  async credentialCreation(
+    key: string,
+    credentialData: CredentialCreatePayload
+  ): Promise<DecryptedCommandData> {
+    const encryptedCommand = await this.encryptCommandData(
+      {
+        command: "bw-credential-create",
+        payload: credentialData,
+      },
+      key
+    );
+    const response = await this.sendEncryptedMessage({
+      encryptedCommand,
+    });
+
+    return this.decryptResponsePayload(response.encryptedPayload, key);
+  }
+
+  async credentialUpdate(
+    key: string,
+    credentialData: CredentialUpdatePayload
+  ): Promise<DecryptedCommandData> {
+    const encryptedCommand = await this.encryptCommandData(
+      {
+        command: "bw-credential-update",
+        payload: credentialData,
+      },
+      key
+    );
+    const response = await this.sendEncryptedMessage({
+      encryptedCommand,
+    });
+
+    return this.decryptResponsePayload(response.encryptedPayload, key);
+  }
+
+  async generatePassword(key: string, userId: string): Promise<DecryptedCommandData> {
+    const encryptedCommand = await this.encryptCommandData(
+      {
+        command: "bw-generate-password",
+        payload: {
+          userId: userId,
+        },
+      },
+      key
+    );
+    const response = await this.sendEncryptedMessage({
+      encryptedCommand,
+    });
+
+    return this.decryptResponsePayload(response.encryptedPayload, key);
+  }
+
+  // Private message sending
+
+  private async sendEncryptedMessage(
+    message: Omit<EncryptedMessage, keyof MessageCommon>,
+    options: IPCOptions = {}
+  ): Promise<EncryptedMessageResponse> {
+    const result = await this.sendMessage(message, options);
+    return result as EncryptedMessageResponse;
+  }
+
+  private async sendUnencryptedMessage(
+    message: Omit<UnencryptedMessage, keyof MessageCommon>,
+    options: IPCOptions = {}
+  ): Promise<UnencryptedMessageResponse> {
+    const result = await this.sendMessage(message, options);
+    return result as UnencryptedMessageResponse;
+  }
+
+  private async sendMessage(
+    message:
+      | Omit<UnencryptedMessage, keyof MessageCommon>
+      | Omit<EncryptedMessage, keyof MessageCommon>,
+    options: IPCOptions
+  ): Promise<EncryptedMessageResponse | UnencryptedMessageResponse> {
+    // Attempt to connect before sending any messages. If the connection has already
+    // been made, this is a NOOP within the IPCService.
+    await this.ipcService.connect();
+
+    const commonFields: MessageCommon = {
+      // Create a messageId that can be used as a lookup when we get a response
+      messageId: uuidv4(),
+      version: this.apiVersion,
+    };
+    const fullMessage: UnencryptedMessage | EncryptedMessage = {
+      ...message,
+      ...commonFields,
+    };
+
+    console.log(`[NativeMessageService] sendMessage with id: ${fullMessage.messageId}`);
+
+    const response = await this.ipcService.sendMessage(fullMessage, options);
+
+    console.log(`[NativeMessageService] received response for message: ${fullMessage.messageId}`);
+
+    return response;
+  }
+
+  disconnect() {
+    this.ipcService.disconnect();
+  }
+
+  // Data Encryption
+  private async encryptCommandData(
+    commandData: DecryptedCommandData,
+    key: string
+  ): Promise<EncString> {
+    const commandDataString = JSON.stringify(commandData);
+
+    const sharedKey = await this.getSharedKeyForKey(key);
+
+    return this.encryptService.encrypt(commandDataString, sharedKey);
+  }
+
+  private async decryptResponsePayload(
+    payload: EncString,
+    key: string
+  ): Promise<DecryptedCommandData> {
+    const sharedKey = await this.getSharedKeyForKey(key);
+    const decrypted = await this.encryptService.decryptToUtf8(payload, sharedKey);
+
+    return JSON.parse(decrypted);
+  }
+
+  private async getSharedKeyForKey(key: string): Promise<SymmetricCryptoKey> {
+    const dataBuffer = Utils.fromB64ToArray(key).buffer;
+    const privKey = Utils.fromB64ToArray(config.testRsaPrivateKey).buffer;
+
+    return new SymmetricCryptoKey(
+      await this.nodeCryptoFunctionService.rsaDecrypt(dataBuffer, privKey, "sha1")
+    );
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/src/race.ts b/apps/desktop/native-messaging-test-runner/src/race.ts
new file mode 100644
index 000000000000..7aba3aa41f99
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/race.ts
@@ -0,0 +1,25 @@
+export const race = <T>({
+  promise,
+  timeout,
+  error,
+}: {
+  promise: Promise<T>;
+  timeout: number;
+  error?: Error;
+}) => {
+  let timer = null;
+
+  // Similar to Promise.all, but instead of waiting for all, it resolves once one promise finishes.
+  // Using this so we can reject if the timeout threshold is hit
+  return Promise.race([
+    new Promise<T>((_, reject) => {
+      timer = setTimeout(reject, timeout, error);
+      return timer;
+    }),
+
+    promise.then((value) => {
+      clearTimeout(timer);
+      return value;
+    }),
+  ]);
+};
diff --git a/apps/desktop/native-messaging-test-runner/src/variables.ts b/apps/desktop/native-messaging-test-runner/src/variables.ts
new file mode 100644
index 000000000000..973da2c224b9
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/variables.ts
@@ -0,0 +1,27 @@
+export const applicationName = "Native Messaging Test Runner";
+export const encryptionAlogrithm = "sha1";
+export const testRsaPublicKey =
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0Vawl/toXzkEvB82FEtqHP" +
+  "4xlU2ab/v0crqIfXfIoWF/XXdHGIdrZeilnRXPPJT1B9dTsasttEZNnua/0Rek/cjNDHtzT52irfoZYS7X6HNIfOi54Q+egP" +
+  "RQ1H7iNHVZz3K8Db9GCSKPeC8MbW6gVCzb15esCe1gGzg6wkMuWYDFYPoh/oBqcIqrGah7firqB1nDedzEjw32heP2DAffVN" +
+  "084iTDjiWrJNUxBJ2pDD5Z9dT3MzQ2s09ew1yMWK2z37rT3YerC7OgEDmo3WYo3xL3qYJznu3EO2nmrYjiRa40wKSjxsTlUc" +
+  "xDF+F0uMW8oR9EMUHgepdepfAtLsSAQIDAQAB";
+export const testRsaPrivateKey =
+  "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCXRVrCX+2hfOQS8Hz" +
+  "YUS2oc/jGVTZpv+/Ryuoh9d8ihYX9dd0cYh2tl6KWdFc88lPUH11Oxqy20Rk2e5r/RF6T9yM0Me3NPnaKt+hlhLtfoc0h86L" +
+  "nhD56A9FDUfuI0dVnPcrwNv0YJIo94LwxtbqBULNvXl6wJ7WAbODrCQy5ZgMVg+iH+gGpwiqsZqHt+KuoHWcN53MSPDfaF4/" +
+  "YMB99U3TziJMOOJask1TEEnakMPln11PczNDazT17DXIxYrbPfutPdh6sLs6AQOajdZijfEvepgnOe7cQ7aeatiOJFrjTApK" +
+  "PGxOVRzEMX4XS4xbyhH0QxQeB6l16l8C0uxIBAgMBAAECggEASaWfeVDA3cVzOPFSpvJm20OTE+R6uGOU+7vh36TX/POq92q" +
+  "Buwbd0h0oMD32FxsXywd2IxtBDUSiFM9699qufTVuM0Q3tZw6lHDTOVG08+tPdr8qSbMtw7PGFxN79fHLBxejjO4IrM9lapj" +
+  "WpxEF+11x7r+wM+0xRZQ8sNFYG46aPfIaty4BGbL0I2DQ2y8I57iBCAy69eht59NLMm27fRWGJIWCuBIjlpfzET1j2HLXUIh" +
+  "5bTBNzqaN039WH49HczGE3mQKVEJZc/efk3HaVd0a1Sjzyn0QY+N1jtZN3jTRbuDWA1AknkX1LX/0tUhuS3/7C3ejHxjw4Dk" +
+  "1ZLo5/QKBgQDIWvqFn0+IKRSu6Ua2hDsufIHHUNLelbfLUMmFthxabcUn4zlvIscJO00Tq/ezopSRRvbGiqnxjv/mYxucvOU" +
+  "BeZtlus0Q9RTACBtw9TGoNTmQbEunJ2FOSlqbQxkBBAjgGEppRPt30iGj/VjAhCATq2MYOa/X4dVR51BqQAFIEwKBgQDBSIf" +
+  "TFKC/hDk6FKZlgwvupWYJyU9RkyfstPErZFmzoKhPkQ3YORo2oeAYmVUbS9I2iIYpYpYQJHX8jMuCbCz4ONxTCuSIXYQYUcU" +
+  "q4PglCKp31xBAE6TN8SvhfME9/MvuDssnQinAHuF0GDAhF646T3LLS1not6Vszv7brwSoGwKBgQC88v/8cGfi80ssQZeMnVv" +
+  "q1UTXIeQcQnoY5lGHJl3K8mbS3TnXE6c9j417Fdz+rj8KWzBzwWXQB5pSPflWcdZO886Xu/mVGmy9RWgLuVFhXwCwsVEPjNX" +
+  "5ramRb0/vY0yzenUCninBsIxFSbIfrPtLUYCc4hpxr+sr2Mg/y6jpvQKBgBezMRRs3xkcuXepuI2R+BCXL1/b02IJTUf1F+1" +
+  "eLLGd7YV0H+J3fgNc7gGWK51hOrF9JBZHBGeOUPlaukmPwiPdtQZpu4QNE3l37VlIpKTF30E6mb+BqR+nht3rUjarnMXgAoE" +
+  "Z18y6/KIjpSMpqC92Nnk/EBM9EYe6Cf4eA9ApAoGAeqEUg46UTlJySkBKURGpIs3v1kkf5I0X8DnOhwb+HPxNaiEdmO7ckm8" +
+  "+tPVgppLcG0+tMdLjigFQiDUQk2y3WjyxP5ZvXu7U96jaJRI8PFMoE06WeVYcdIzrID2HvqH+w0UQJFrLJ/0Mn4stFAEzXKZ" +
+  "BokBGnjFnTnKcs7nv/O8=";
diff --git a/apps/desktop/native-messaging-test-runner/tsconfig.json b/apps/desktop/native-messaging-test-runner/tsconfig.json
new file mode 100644
index 000000000000..a34554a264fc
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/tsconfig.json
@@ -0,0 +1,17 @@
+{
+  "compilerOptions": {
+    "baseUrl": "./",
+    "outDir": "dist",
+    "target": "es6",
+    "module": "CommonJS",
+    "moduleResolution": "node",
+    "sourceMap": false,
+    "declaration": false,
+    "paths": {
+      "@src/*": ["src/*"],
+      "@bitwarden/node/*": ["../../../libs/node/src/*"],
+      "@bitwarden/common/*": ["../../../libs/common/src/*"]
+    }
+  },
+  "exclude": ["node_modules"]
+}
diff --git a/apps/desktop/src/app/accounts/login.component.html b/apps/desktop/src/app/accounts/login.component.html
index 314b05506219..c11ed881b000 100644
--- a/apps/desktop/src/app/accounts/login.component.html
+++ b/apps/desktop/src/app/accounts/login.component.html
@@ -16,6 +16,7 @@
     #form
     (ngSubmit)="submit()"
     [appApiAction]="formPromise"
+    [formGroup]="formGroup"
     attr.aria-hidden="{{ showingModal }}"
   >
     <div id="content" class="content">
@@ -25,14 +26,7 @@
         <div class="box-content">
           <div class="box-content-row" appBoxRow>
             <label for="email">{{ "emailAddress" | i18n }}</label>
-            <input
-              id="email"
-              type="text"
-              name="Email"
-              [(ngModel)]="email"
-              required
-              appInputVerbatim="false"
-            />
+            <input id="email" type="email" formControlName="email" appInputVerbatim="false" />
           </div>
           <div class="box-content-row box-content-row-flex" appBoxRow>
             <div class="row-main">
@@ -40,10 +34,8 @@
               <input
                 id="masterPassword"
                 type="{{ showPassword ? 'text' : 'password' }}"
-                name="MasterPassword"
                 class="monospaced"
-                [(ngModel)]="masterPassword"
-                required
+                formControlName="masterPassword"
                 appInputVerbatim
               />
             </div>
diff --git a/apps/desktop/src/app/accounts/login.component.ts b/apps/desktop/src/app/accounts/login.component.ts
index 959c8a45650b..33eefbd57ec4 100644
--- a/apps/desktop/src/app/accounts/login.component.ts
+++ b/apps/desktop/src/app/accounts/login.component.ts
@@ -1,4 +1,5 @@
 import { Component, NgZone, OnDestroy, ViewChild, ViewContainerRef } from "@angular/core";
+import { FormBuilder } from "@angular/forms";
 import { Router } from "@angular/router";
 
 import { LoginComponent as BaseLoginComponent } from "@bitwarden/angular/components/login.component";
@@ -7,6 +8,7 @@ import { AuthService } from "@bitwarden/common/abstractions/auth.service";
 import { BroadcasterService } from "@bitwarden/common/abstractions/broadcaster.service";
 import { CryptoFunctionService } from "@bitwarden/common/abstractions/cryptoFunction.service";
 import { EnvironmentService } from "@bitwarden/common/abstractions/environment.service";
+import { FormValidationErrorsService } from "@bitwarden/common/abstractions/formValidationErrors.service";
 import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/abstractions/log.service";
 import { MessagingService } from "@bitwarden/common/abstractions/messaging.service";
@@ -47,7 +49,9 @@ export class LoginComponent extends BaseLoginComponent implements OnDestroy {
     private broadcasterService: BroadcasterService,
     ngZone: NgZone,
     private messagingService: MessagingService,
-    logService: LogService
+    logService: LogService,
+    formBuilder: FormBuilder,
+    formValidationErrorService: FormValidationErrorsService
   ) {
     super(
       authService,
@@ -59,7 +63,9 @@ export class LoginComponent extends BaseLoginComponent implements OnDestroy {
       passwordGenerationService,
       cryptoFunctionService,
       logService,
-      ngZone
+      ngZone,
+      formBuilder,
+      formValidationErrorService
     );
     super.onSuccessfulLogin = () => {
       return syncService.fullSync(true);
diff --git a/apps/desktop/src/app/accounts/settings.component.html b/apps/desktop/src/app/accounts/settings.component.html
index 420ee20a39e6..a1ecc0732f95 100644
--- a/apps/desktop/src/app/accounts/settings.component.html
+++ b/apps/desktop/src/app/accounts/settings.component.html
@@ -309,6 +309,23 @@ <h2>
                 </div>
                 <small class="help-block">{{ "enableBrowserIntegrationDesc" | i18n }}</small>
               </div>
+              <div class="form-group" *ngIf="showDuckDuckGoIntegrationOption">
+                <div class="checkbox">
+                  <label for="enableDuckDuckGoBrowserIntegration">
+                    <input
+                      id="enableDuckDuckGoBrowserIntegration"
+                      type="checkbox"
+                      name="enableDuckDuckGoBrowserIntegration"
+                      [(ngModel)]="enableDuckDuckGoBrowserIntegration"
+                      (change)="saveDdgBrowserIntegration()"
+                    />
+                    {{ "enableDuckDuckGoBrowserIntegration" | i18n }}
+                  </label>
+                </div>
+                <small class="help-block">{{
+                  "enableDuckDuckGoBrowserIntegrationDesc" | i18n
+                }}</small>
+              </div>
               <div class="form-group">
                 <div class="checkbox">
                   <label for="enableBrowserIntegrationFingerprint">
diff --git a/apps/desktop/src/app/accounts/settings.component.ts b/apps/desktop/src/app/accounts/settings.component.ts
index ec9744f654b4..c5407932df84 100644
--- a/apps/desktop/src/app/accounts/settings.component.ts
+++ b/apps/desktop/src/app/accounts/settings.component.ts
@@ -16,6 +16,7 @@ import { ThemeType } from "@bitwarden/common/enums/themeType";
 import { Utils } from "@bitwarden/common/misc/utils";
 import { isWindowsStore } from "@bitwarden/electron/utils";
 
+import { flagEnabled } from "../../flags";
 import { SetPinComponent } from "../components/set-pin.component";
 
 @Component({
@@ -28,6 +29,7 @@ export class SettingsComponent implements OnInit {
   pin: boolean = null;
   enableFavicons = false;
   enableBrowserIntegration = false;
+  enableDuckDuckGoBrowserIntegration = false;
   enableBrowserIntegrationFingerprint = false;
   enableMinToTray = false;
   enableCloseToTray = false;
@@ -51,6 +53,7 @@ export class SettingsComponent implements OnInit {
   showAlwaysShowDock = false;
   openAtLogin: boolean;
   requireEnableTray = false;
+  showDuckDuckGoIntegrationOption = false;
 
   enableTrayText: string;
   enableTrayDescText: string;
@@ -102,6 +105,9 @@ export class SettingsComponent implements OnInit {
     this.startToTrayText = this.i18nService.t(startToTrayKey);
     this.startToTrayDescText = this.i18nService.t(startToTrayKey + "Desc");
 
+    // DuckDuckGo browser is only for macos initially
+    this.showDuckDuckGoIntegrationOption = flagEnabled("showDDGSetting") && isMac;
+
     this.vaultTimeouts = [
       // { name: i18nService.t('immediately'), value: 0 },
       { name: i18nService.t("oneMinute"), value: 1 },
@@ -188,6 +194,8 @@ export class SettingsComponent implements OnInit {
     // Account preferences
     this.enableFavicons = !(await this.stateService.getDisableFavicon());
     this.enableBrowserIntegration = await this.stateService.getEnableBrowserIntegration();
+    this.enableDuckDuckGoBrowserIntegration =
+      await this.stateService.getEnableDuckDuckGoBrowserIntegration();
     this.enableBrowserIntegrationFingerprint =
       await this.stateService.getEnableBrowserIntegrationFingerprint();
     this.clearClipboard = await this.stateService.getClearClipboard();
@@ -432,6 +440,22 @@ export class SettingsComponent implements OnInit {
     }
   }
 
+  async saveDdgBrowserIntegration() {
+    await this.stateService.setEnableDuckDuckGoBrowserIntegration(
+      this.enableDuckDuckGoBrowserIntegration
+    );
+
+    if (!this.enableBrowserIntegration) {
+      await this.stateService.setDuckDuckGoSharedKey(null);
+    }
+
+    this.messagingService.send(
+      this.enableDuckDuckGoBrowserIntegration
+        ? "enableDuckDuckGoBrowserIntegration"
+        : "disableDuckDuckGoBrowserIntegration"
+    );
+  }
+
   async saveBrowserIntegrationFingerprint() {
     await this.stateService.setEnableBrowserIntegrationFingerprint(
       this.enableBrowserIntegrationFingerprint
diff --git a/apps/desktop/src/app/services/services.module.ts b/apps/desktop/src/app/services/services.module.ts
index d49872987cbc..44087b518a81 100644
--- a/apps/desktop/src/app/services/services.module.ts
+++ b/apps/desktop/src/app/services/services.module.ts
@@ -12,7 +12,9 @@ import {
 import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.module";
 import { AbstractThemingService } from "@bitwarden/angular/services/theming/theming.service.abstraction";
 import { AbstractEncryptService } from "@bitwarden/common/abstractions/abstractEncrypt.service";
+import { AuthService as AuthServiceAbstraction } from "@bitwarden/common/abstractions/auth.service";
 import { BroadcasterService as BroadcasterServiceAbstraction } from "@bitwarden/common/abstractions/broadcaster.service";
+import { CipherService as CipherServiceAbstraction } from "@bitwarden/common/abstractions/cipher.service";
 import { CryptoService as CryptoServiceAbstraction } from "@bitwarden/common/abstractions/crypto.service";
 import { CryptoFunctionService as CryptoFunctionServiceAbstraction } from "@bitwarden/common/abstractions/cryptoFunction.service";
 import { FileDownloadService } from "@bitwarden/common/abstractions/fileDownload/fileDownload.service";
@@ -22,8 +24,10 @@ import {
   LogService as LogServiceAbstraction,
 } from "@bitwarden/common/abstractions/log.service";
 import { MessagingService as MessagingServiceAbstraction } from "@bitwarden/common/abstractions/messaging.service";
+import { PasswordGenerationService as PasswordGenerationServiceAbstraction } from "@bitwarden/common/abstractions/passwordGeneration.service";
 import { PasswordRepromptService as PasswordRepromptServiceAbstraction } from "@bitwarden/common/abstractions/passwordReprompt.service";
 import { PlatformUtilsService as PlatformUtilsServiceAbstraction } from "@bitwarden/common/abstractions/platformUtils.service";
+import { PolicyService as PolicyServiceAbstraction } from "@bitwarden/common/abstractions/policy/policy.service.abstraction";
 import { StateService as StateServiceAbstraction } from "@bitwarden/common/abstractions/state.service";
 import { StateMigrationService as StateMigrationServiceAbstraction } from "@bitwarden/common/abstractions/stateMigration.service";
 import { AbstractStorageService } from "@bitwarden/common/abstractions/storage.service";
@@ -41,7 +45,9 @@ import { ElectronRendererSecureStorageService } from "@bitwarden/electron/servic
 import { ElectronRendererStorageService } from "@bitwarden/electron/services/electronRendererStorage.service";
 
 import { Account } from "../../models/account";
+import { EncryptedMessageHandlerService } from "../../services/encryptedMessageHandlerService";
 import { I18nService } from "../../services/i18n.service";
+import { NativeMessageHandlerService } from "../../services/nativeMessageHandler.service";
 import { NativeMessagingService } from "../../services/nativeMessaging.service";
 import { PasswordRepromptService } from "../../services/passwordReprompt.service";
 import { StateService } from "../../services/state.service";
@@ -147,6 +153,28 @@ const RELOAD_CALLBACK = new InjectionToken<() => any>("RELOAD_CALLBACK");
       provide: AbstractThemingService,
       useClass: DesktopThemingService,
     },
+    {
+      provide: EncryptedMessageHandlerService,
+      deps: [
+        StateServiceAbstraction,
+        AuthServiceAbstraction,
+        CipherServiceAbstraction,
+        PolicyServiceAbstraction,
+        MessagingServiceAbstraction,
+        PasswordGenerationServiceAbstraction,
+      ],
+    },
+    {
+      provide: NativeMessageHandlerService,
+      deps: [
+        StateServiceAbstraction,
+        CryptoServiceAbstraction,
+        CryptoFunctionServiceAbstraction,
+        MessagingServiceAbstraction,
+        I18nServiceAbstraction,
+        EncryptedMessageHandlerService,
+      ],
+    },
   ],
 })
 export class ServicesModule {}
diff --git a/apps/desktop/src/flags.ts b/apps/desktop/src/flags.ts
index d8692db08716..8306e3c87952 100644
--- a/apps/desktop/src/flags.ts
+++ b/apps/desktop/src/flags.ts
@@ -8,7 +8,9 @@ import {
 
 // required to avoid linting errors when there are no flags
 /* eslint-disable-next-line @typescript-eslint/ban-types */
-export type Flags = {} & SharedFlags;
+export type Flags = {
+  showDDGSetting?: boolean;
+} & SharedFlags;
 
 // required to avoid linting errors when there are no flags
 /* eslint-disable-next-line @typescript-eslint/ban-types */
diff --git a/apps/desktop/src/locales/af/messages.json b/apps/desktop/src/locales/af/messages.json
index 637ab553bd19..d9d58ee07323 100644
--- a/apps/desktop/src/locales/af/messages.json
+++ b/apps/desktop/src/locales/af/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Blaaierintegrasie word gebruik vir biometrie in blaaier."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Blaaierintegrasie word nie ondersteun nie"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Maak seker dat die getoonde vingerafdruk identies is aan dié wat in die blaaieruitbreiding vertoon word."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrie is geaktiveer"
   },
diff --git a/apps/desktop/src/locales/ar/messages.json b/apps/desktop/src/locales/ar/messages.json
index 1531fad6b515..305af3d4e906 100644
--- a/apps/desktop/src/locales/ar/messages.json
+++ b/apps/desktop/src/locales/ar/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "يتم استخدام تكامل المتصفح للقياسات الحيوية في المتصفح."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "تكامل المتصفح غير مدعوم"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "الرجاء التأكد من أن البصمة المعروضة متطابقة مع البصمة المعروضة في ملحق المتصفح."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "القياسات الحيوية غير مفعلة"
   },
diff --git a/apps/desktop/src/locales/az/messages.json b/apps/desktop/src/locales/az/messages.json
index acc41c106ceb..93585928533f 100644
--- a/apps/desktop/src/locales/az/messages.json
+++ b/apps/desktop/src/locales/az/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Brauzer inteqrasiyası, brauzerdə biometrik təsdiqləmə üçün istifadə olunur."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "DuckDuckGo brauzer inteqrasiyasına icazə ver"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "DuckDuckGo ilə gəzinərkən Bitwarden anbarınızı istifadə edin."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Brauzer inteqrasiyası dəstəklənmir"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Zəhmət olmasa göstərilən barmaq izinin brauzer genişləndirməsində göstərilən barmaq izi ilə eyni olduğuna əmin olun."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$, Bitwarden ilə bağlantı qurmaq istəyir",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Bu tələbi təsdiqləmək istəyirsiniz?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Bu tələbi siz etməmisinizsə, təsdiqləməyin."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometriklə fəal deyil"
   },
diff --git a/apps/desktop/src/locales/be/messages.json b/apps/desktop/src/locales/be/messages.json
index 0679ceeca073..55c5d94a709d 100644
--- a/apps/desktop/src/locales/be/messages.json
+++ b/apps/desktop/src/locales/be/messages.json
@@ -15,7 +15,7 @@
     "message": "Тыпы"
   },
   "typeLogin": {
-    "message": "Уваход"
+    "message": "Лагін"
   },
   "typeCard": {
     "message": "Картка"
@@ -98,13 +98,13 @@
     "message": "Парольная фраза"
   },
   "editItem": {
-    "message": "Рэдагаванне элемента"
+    "message": "Рэдагаваць элемент"
   },
   "emailAddress": {
     "message": "Адрас электроннай пошты"
   },
   "verificationCodeTotp": {
-    "message": "Код праверкі (TOTP)"
+    "message": "Праверачны код (TOTP)"
   },
   "website": {
     "message": "Вэб-сайт"
@@ -119,14 +119,14 @@
     "message": "Запусціць"
   },
   "copyValue": {
-    "message": "Капіяваць значэнне",
+    "message": "Скапіяваць значэнне",
     "description": "Copy value to clipboard"
   },
   "minimizeOnCopyToClipboard": {
     "message": "Згарнуць пасля капіявання ў буфер абмену"
   },
   "minimizeOnCopyToClipboardDesc": {
-    "message": "Згортваць пасля капіявання даных з элемента ў буфер абмену."
+    "message": "Згарнуць праграму пасля капіявання даных элемента ў буферу абмену."
   },
   "toggleVisibility": {
     "message": "Пераключыць бачнасць"
@@ -151,7 +151,7 @@
     "message": "Код бяспекі"
   },
   "identityName": {
-    "message": "Імя"
+    "message": "Імя пасведчання"
   },
   "company": {
     "message": "Кампанія"
@@ -242,10 +242,10 @@
     "message": "Доктар"
   },
   "expirationMonth": {
-    "message": "Месяц заканчэння"
+    "message": "Месяц завяршэння"
   },
   "expirationYear": {
-    "message": "Год заканчэння"
+    "message": "Год завяршэння"
   },
   "select": {
     "message": "Выбраць"
@@ -254,7 +254,7 @@
     "message": "Iншае"
   },
   "generatePassword": {
-    "message": "Згенерыраваць пароль"
+    "message": "Генерыраваць пароль"
   },
   "type": {
     "message": "Тып"
@@ -302,7 +302,7 @@
     "message": "Выдаліць"
   },
   "favorite": {
-    "message": "Абраны"
+    "message": "Абранае"
   },
   "edit": {
     "message": "Рэдагаваць"
@@ -329,7 +329,7 @@
     "message": "Схавана"
   },
   "cfTypeBoolean": {
-    "message": "Лагічнае"
+    "message": "Булева"
   },
   "cfTypeLinked": {
     "message": "Звязана",
@@ -361,7 +361,7 @@
     "message": "Выдаліць далучэнне"
   },
   "deleteItemConfirmation": {
-    "message": "Вы сапраўды хочаце адправіць элемент у сметніцу?"
+    "message": "Вы ўпэўнены, што хочаце адправіць гэты элемент у сметніцу?"
   },
   "deletedItem": {
     "message": "Элемент адпраўлены ў сметніцу"
@@ -386,16 +386,16 @@
     "message": "Рэдагаваць папку"
   },
   "regeneratePassword": {
-    "message": "Згенерыраваць новы пароль"
+    "message": "Паўторна генерыраваць пароль"
   },
   "copyPassword": {
-    "message": "Капіяваць пароль"
+    "message": "Скапіяваць пароль"
   },
   "copyUri": {
-    "message": "Капіяваць URI"
+    "message": "Скапіяваць URI"
   },
   "copyVerificationCodeTotp": {
-    "message": "Капіяваць код праверкі (TOTP)"
+    "message": "Скапіяваць праверачны код (TOTP)"
   },
   "length": {
     "message": "Даўжыня"
@@ -432,7 +432,7 @@
     "message": "Мінімум лічбаў"
   },
   "minSpecial": {
-    "message": "Мінімум сімвалаў",
+    "message": "Мінімум спецыяльных сімвалаў",
     "description": "Minimum Special Characters"
   },
   "ambiguous": {
@@ -503,10 +503,10 @@
     "message": "Асноўны пароль"
   },
   "masterPassDesc": {
-    "message": "Асноўны пароль — ключ да вашага бяспечнага сховішча. Ён вельмі важны, таму не забывайце яго. Аднавіць асноўны пароль немагчыма."
+    "message": "Асноўны пароль — гэта ключ, які выкарыстоўваецца для доступу да вашага сховішча. Ён вельмі важны, таму не забывайце яго. Аднавіць асноўны пароль немагчыма ў выпадку, калі вы яго забылі."
   },
   "masterPassHintDesc": {
-    "message": "Падказка да асноўнага пароля можа дапамагчы вам яго ўспомніць."
+    "message": "Падказка да асноўнага пароля можа дапамагчы вам успомніць яго, калі вы яго забылі."
   },
   "reTypeMasterPass": {
     "message": "Увядзіце асноўны пароль паўторна"
@@ -521,10 +521,10 @@
     "message": "Падказка да пароля"
   },
   "enterEmailToGetHint": {
-    "message": "Увядзіце адрас электроннай пошты ўліковага запісу для атрымання падказкі для асноўнага пароля."
+    "message": "Увядзіце адрас электроннай пошты ўліковага запісу для атрымання падказкі да асноўнага пароля."
   },
   "getMasterPasswordHint": {
-    "message": "Атрымаць падказку для асноўнага пароля"
+    "message": "Атрымаць падказку да асноўнага пароля"
   },
   "emailRequired": {
     "message": "Патрабуецца адрас электроннай пошты."
@@ -539,16 +539,16 @@
     "message": "Неабходна паўторна ўвесці асноўны пароль."
   },
   "masterPasswordMinlength": {
-    "message": "Асноўны пароль павінен быць даўжынёй не менш за 8 сімвалаў."
+    "message": "Асноўны пароль павінен змяшчаць прынамсі 8 сімвалаў."
   },
   "masterPassDoesntMatch": {
-    "message": "Асноўныя паролі не супадаюць."
+    "message": "Пацвярджэнне асноўнага пароля не супадае."
   },
   "newAccountCreated": {
-    "message": "Ваш уліковы запіс створаны! Вы можаце ўвайсці."
+    "message": "Ваш уліковы запіс створаны! Цяпер вы можаце ўвайсці ў яго."
   },
   "masterPassSent": {
-    "message": "Мы адправілі вам на электронную пошту падказку для асноўнага пароля."
+    "message": "Мы адправілі вам на электронную пошту падказку да асноўнага пароля."
   },
   "unexpectedError": {
     "message": "Адбылася нечаканая памылка."
@@ -557,7 +557,7 @@
     "message": "Звесткі аб элеменце"
   },
   "noItemsInList": {
-    "message": "Няма элементаў для паказу."
+    "message": "У спісе адсутнічаюць элементы."
   },
   "sendVerificationCode": {
     "message": "Адправіць праверачны код на вашу электронную пошту"
@@ -569,25 +569,25 @@
     "message": "Код адпраўлены"
   },
   "verificationCode": {
-    "message": "Код праверкі"
+    "message": "Праверачны код"
   },
   "confirmIdentity": {
-    "message": "Пацвердзіце сваю асобу, каб працягнуць."
+    "message": "Пацвердзіце сваю асобу для працягу."
   },
   "verificationCodeRequired": {
-    "message": "Патрабуецца код праверкі."
+    "message": "Патрабуецца праверачны код."
   },
   "invalidVerificationCode": {
-    "message": "Памылковы код праверкі"
+    "message": "Памылковы праверачны код"
   },
   "continue": {
     "message": "Працягнуць"
   },
   "enterVerificationCodeApp": {
-    "message": "Увядзіце 6 лічбаў кода праверкі з вашай праграмы праверкі сапраўднасці."
+    "message": "Увядзіце 6 лічбаў праверачнага кода з вашай праграмы аўтэнтыфікацыі."
   },
   "enterVerificationCodeEmail": {
-    "message": "Увядзіце 6 лічбаў кода праверкі, які быў адпраўлены на $EMAIL$.",
+    "message": "Увядзіце 6 лічбаў праверачнага кода, які быў адпраўлены на $EMAIL$.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -596,7 +596,7 @@
     }
   },
   "verificationCodeEmailSent": {
-    "message": "Адпраўлены ліст для пацвярджэння $EMAIL$.",
+    "message": "Праверачны ліст адпраўлены на $EMAIL$.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -614,58 +614,58 @@
     "message": "Выкарыстоўваць іншы метад двухэтапнага ўваходу"
   },
   "insertYubiKey": {
-    "message": "Устаўце ваш YubiKey ў порт USB вашага камп'ютара, затым націсніце на кнопку."
+    "message": "Устаўце свой YubiKey у порт USB камп'ютара, а потым націсніце на кнопку."
   },
   "insertU2f": {
-    "message": "Устаўце ваш ключ бяспекі ў порт USB вашага камп'ютара. Калі на ім ёсць кнопка, націсніце на яе."
+    "message": "Устаўце ваш ключ бяспекі ў порт USB камп'ютара. Калі на ім ёсць кнопка, націсніце на яе."
   },
   "recoveryCodeDesc": {
-    "message": "Згубілі доступ да ўсіх варыянтаў двухэтапнага ўваходу? Скарыстайцеся кодам аднаўлення, каб адключыць двухэтапны ўваход для вашага ўліковага запісу."
+    "message": "Згубілі доступ да ўсіх варыянтаў доступу пастаўшчыкоў двухэтапнай аўтэнтыфікацыі? Скарыстайцеся кодам аднаўлення, каб адключыць праверку пастаўшчыкоў двухэтапнай аўтэнтыфікацыі для вашага ўліковага запісу."
   },
   "recoveryCodeTitle": {
     "message": "Код аднаўлення"
   },
   "authenticatorAppTitle": {
-    "message": "Праграма праверкі сапраўднасці"
+    "message": "Праграма аўтэнтыфікацыі"
   },
   "authenticatorAppDesc": {
-    "message": "Выкарыстоўвайце праграму для праверкі сапраўднасці (напрыклад, Authy або Google Authenticator) для стварэння кодаў праверкі на аснове часу.",
+    "message": "Выкарыстоўвайце праграму праграму аўтэнтыфікацыі (напрыклад, Authy або Google Authenticator) для генерацыі праверачных кодаў на падставе часу.",
     "description": "'Authy' and 'Google Authenticator' are product names and should not be translated."
   },
   "yubiKeyTitle": {
     "message": "Ключ бяспекі YubiKey OTP"
   },
   "yubiKeyDesc": {
-    "message": "Выкарыстоўвайце YubiKey для доступу да вашага ўліковага запісу. Працуе з прыладамі YubiKey серый 4, 5 і NEO."
+    "message": "Выкарыстоўвайце YubiKey для доступу да вашага ўліковага запісу. Працуе з ключамі бяспекі YubiKey 4, 4 Nano, 4C і NEO."
   },
   "duoDesc": {
-    "message": "Пацвярдзіце з дапамогай Duo Security, выкарыстоўваючы праграму Duo Mobile, SMS, тэлефонны выклік або ключ бяспекі.",
+    "message": "Праверка з дапамогай Duo Security, выкарыстоўваючы праграму Duo Mobile, SMS, тэлефонны выклік або ключ бяспекі U2F.",
     "description": "'Duo Security' and 'Duo Mobile' are product names and should not be translated."
   },
   "duoOrganizationDesc": {
-    "message": "Пацвярдзіце з дапамогай Duo Security для вашай арганізацыі, выкарыстоўваючы праграму Duo Mobile, SMS, тэлефонны выклік або ключ бяспекі.",
+    "message": "Праверка з дапамогай Duo Security для вашай арганізацыі, выкарыстоўваючы праграму Duo Mobile, SMS, тэлефонны выклік або ключ бяспекі U2F.",
     "description": "'Duo Security' and 'Duo Mobile' are product names and should not be translated."
   },
   "webAuthnTitle": {
     "message": "FIDO2 WebAuthn"
   },
   "webAuthnDesc": {
-    "message": "Выкарыстоўвайце любы ключ бяспекі WebAuthn для доступу да вашага ўліковага запісу."
+    "message": "Выкарыстоўвайце любы ключ бяспекі WebAuthn, каб атрымаць доступ да вашага ўліковага запісу."
   },
   "emailTitle": {
     "message": "Электронная пошта"
   },
   "emailDesc": {
-    "message": "Коды пацвярджэння будуць адпраўлены вам па электроннай пошце."
+    "message": "Праверачныя коды будуць адпраўляцца вам па электронную пошту."
   },
   "loginUnavailable": {
     "message": "Уваход недаступны"
   },
   "noTwoStepProviders": {
-    "message": "У гэтага ўліковага запісу ўключаны двухэтапны ўваход, аднак ні адзін з наладжаных варыянтаў не падтрымліваецца гэтай прыладай."
+    "message": "У гэтага ўліковага запісу ўключаны двухэтапны ўваход, аднак ніводны з наладжаных пастаўшчыкоў двухэтапнай праверкі не падтрымліваецца гэтым браўзерам."
   },
   "noTwoStepProviders2": {
-    "message": "Дадайце дадатковыя варыянты двухэтапнага ўваходу, якія падтрымліваюцца большасцю прылад (напрыклад, праграма праверкі сапраўднасці)."
+    "message": "Дадайце іншых пастаўшчыкоў, якія маюць лепшую падтрымку разнастайных прылад (напрыклад, праграма аўтэнтыфікацыі)."
   },
   "twoStepOptions": {
     "message": "Параметры двухэтапнага ўваходу"
@@ -674,25 +674,25 @@
     "message": "Асяроддзе ўласнага хостынгу"
   },
   "selfHostedEnvironmentFooter": {
-    "message": "Увядзіце асноўны URL-адрас на вашым серверы."
+    "message": "Увядзіце асноўны URL-адрас вашага лакальнага размяшчэння ўсталяванага Bitwarden."
   },
   "customEnvironment": {
-    "message": "Налады асяроддзя"
+    "message": "Карыстальніцкае асяроддзе"
   },
   "customEnvironmentFooter": {
-    "message": "Для вопытных карыстальнікаў. Можна ўвесці URL-адрасы асобна для кожнай службы."
+    "message": "Для дасведчаных карыстальнікаў. Можна ўвесці URL-адрасы асобна для кожнай службы."
   },
   "baseUrl": {
     "message": "URL-адрас сервера"
   },
   "apiUrl": {
-    "message": "API URL-адраса сервера"
+    "message": "Сервер URL-адраса API"
   },
   "webVaultUrl": {
     "message": "URL-адрас сервера вэб-сховішча"
   },
   "identityUrl": {
-    "message": "URL-адрас сервера ідэнтыфікацыі"
+    "message": "URL-адрас сервера пасведчання"
   },
   "notificationsUrl": {
     "message": "URL-адрас сервера апавяшчэнняў"
@@ -704,7 +704,7 @@
     "message": "URL-адрас сервера асяроддзя захаваны."
   },
   "ok": {
-    "message": "ОК"
+    "message": "Добра"
   },
   "yes": {
     "message": "Так"
@@ -722,10 +722,10 @@
     "message": "Функцыя недаступна"
   },
   "loggedOut": {
-    "message": "Вы выйшлі са сховішча"
+    "message": "Вы выйшлі"
   },
   "loginExpired": {
-    "message": "Скончыўся тэрмін дзеяння вашага сеансу."
+    "message": "Тэрмін дзеяння вашага сеансу завяршыўся."
   },
   "logOutConfirmation": {
     "message": "Вы ўпэўнены, што хочаце выйсці?"
@@ -734,7 +734,7 @@
     "message": "Выйсці"
   },
   "addNewLogin": {
-    "message": "Дадаць новыя ўліковыя даныя"
+    "message": "Дадаць новы лагін"
   },
   "addNewItem": {
     "message": "Дадаць новы элемент"
@@ -743,7 +743,7 @@
     "message": "Дадаць новую папку"
   },
   "view": {
-    "message": "Выгляд"
+    "message": "Прагляд"
   },
   "account": {
     "message": "Уліковы запіс"
@@ -764,13 +764,13 @@
     "message": "Атрымаць даведку"
   },
   "fileBugReport": {
-    "message": "Паведаміць аб памылцы"
+    "message": "Паведаміць пра памылку"
   },
   "blog": {
     "message": "Блог"
   },
   "followUs": {
-    "message": "Падпісвайцеся"
+    "message": "Сачыце за намі"
   },
   "syncVault": {
     "message": "Сінхранізаваць сховішча"
@@ -779,7 +779,7 @@
     "message": "Змяніць асноўны пароль"
   },
   "changeMasterPasswordConfirmation": {
-    "message": "Вы можаце змяніць свой асноўны пароль на bitwarden.com. Перайсці на сайт зараз?"
+    "message": "Вы можаце змяніць свой асноўны пароль у вэб-сховішчы на bitwarden.com. Перайсці на вэб-сайт зараз?"
   },
   "fingerprintPhrase": {
     "message": "Фраза адбітка пальца",
@@ -805,13 +805,13 @@
     "message": "Памылка сінхранізацыі"
   },
   "yourVaultIsLocked": {
-    "message": "Ваша сховішча заблакіравана. Каб працягнуць, увядзіце асноўны пароль."
+    "message": "Ваша сховішча заблакіравана. Каб працягнуць, пацвердзіце сваю асобу."
   },
   "unlock": {
     "message": "Разблакіраваць"
   },
   "loggedInAsOn": {
-    "message": "Выкананы ўваход на $HOSTNAME$ як $EMAIL$.",
+    "message": "Вы ўвайшлі як $EMAIL$ у $HOSTNAME$.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -827,13 +827,13 @@
     "message": "Памылковы асноўны пароль"
   },
   "twoStepLoginConfirmation": {
-    "message": "Двухэтапны ўваход робіць ваш уліковы запіс больш бяспечным, патрабуючы пацвярджэння ўваходу на іншай прыладзе, напрыклад, ключом бяспекі, праграмай для праверкі бяспекі, SMS, тэлефонным выклікам або электроннай поштай. Двухэтапны ўваход уключаецца на bitwarden.com. Перайсці на сайт зараз?"
+    "message": "Двухэтапны ўваход робіць ваш уліковы запіс больш бяспечным, патрабуючы пацвярджэнне ўваходу на іншай прыладзе з выкарыстаннем ключа бяспекі, праграмы аўтэнтыфікацыі, SMS, тэлефоннага званка або электроннай пошты. Двухэтапны ўваход уключаецца на bitwarden.com. Перайсці на вэб-сайт, каб зрабіць гэта?"
   },
   "twoStepLogin": {
     "message": "Двухэтапны ўваход"
   },
   "vaultTimeout": {
-    "message": "Тайм-аўт сховішча"
+    "message": "Час чакання сховішча"
   },
   "vaultTimeoutDesc": {
     "message": "Выберыце тайм-аўт для сховішча і дзеянне, якое неабходна зрабіць."
@@ -875,10 +875,10 @@
     "message": "Пры бяздзейнасці"
   },
   "onSleep": {
-    "message": "У рэжыме сну"
+    "message": "Пры пераходзе сістэмы ў сон"
   },
   "onLocked": {
-    "message": "Разам з камп'ютарам"
+    "message": "Пры блакіраванні сістэмы"
   },
   "onRestart": {
     "message": "Пры перазапуску"
@@ -890,7 +890,7 @@
     "message": "Бяспека"
   },
   "clearClipboard": {
-    "message": "Ачыстка буфера абмену",
+    "message": "Ачысціць буфер абмену",
     "description": "Clipboard is the operating system thing where you copy/paste data to on your device."
   },
   "clearClipboardDesc": {
@@ -901,49 +901,49 @@
     "message": "Паказваць значкі вэб-сайтаў"
   },
   "faviconDesc": {
-    "message": "Паказваць распазнавальны відарыс побач з кожным з кожным лагінам."
+    "message": "Паказваць распазнавальны відарыс побач з кожным лагінам."
   },
   "enableMinToTray": {
-    "message": "Згарунць у вобласць апавяшчэнняў"
+    "message": "Згарнуць у вобласць апавяшчэнняў"
   },
   "enableMinToTrayDesc": {
-    "message": "Пры згортванні акна, будзе паказвацца значок у вообласці апавяшчэнняў."
+    "message": "Пры згортванні акна, будзе паказвацца значок на панэлі заданняў."
   },
   "enableMinToMenuBar": {
-    "message": "Згарнуць у панэль меню"
+    "message": "Згарнуць у радку меню"
   },
   "enableMinToMenuBarDesc": {
-    "message": "Пры згортванні акна, паказваць значок у панэлі меню."
+    "message": "Пры згортванні акна, будзе паказвацца значок у радку меню."
   },
   "enableCloseToTray": {
-    "message": "Закрываць у вобласць апавяшчэнняў"
+    "message": "Закрываць у вобласці апавяшчэнняў"
   },
   "enableCloseToTrayDesc": {
-    "message": "Пры закрыцці акна, будзе паказвацца значок у вообласці апавяшчэнняў."
+    "message": "Пры закрыцці акна, будзе паказвацца значок на панэлі заданняў."
   },
   "enableCloseToMenuBar": {
-    "message": "Закрыць у панэлі меню"
+    "message": "Закрыць у радку меню"
   },
   "enableCloseToMenuBarDesc": {
-    "message": "Пры закрыцці акна, паказваць значок у панэлі меню."
+    "message": "Пры закрыцці акна, паказваць значок у радку меню."
   },
   "enableTray": {
     "message": "Уключыць значок у вобласці апавяшчэнняў"
   },
   "enableTrayDesc": {
-    "message": "Заўсёды паказваць значок у вобласці апавяшчэнняў."
+    "message": "Заўсёды паказваць значок на панэлі заданняў."
   },
   "startToTray": {
     "message": "Запускаць у згорнутым выглядзе"
   },
   "startToTrayDesc": {
-    "message": "Пры першым запуску праграмы, будзе паказвацца значок у вобласці апавяшчэнняў."
+    "message": "Пры першым запуску праграмы, будзе паказвацца значок на панэлі заданняў."
   },
   "startToMenuBar": {
-    "message": "Запускаць у панэлі меню"
+    "message": "Запускаць у радку меню"
   },
   "startToMenuBarDesc": {
-    "message": "Пры першым запуску праграмы паказваць толькі значок у панэлі меню."
+    "message": "Пры першым запуску праграмы паказваць толькі значок у радку меню."
   },
   "openAtLogin": {
     "message": "Запускаць аўтаматычна пры ўваходзе"
@@ -955,7 +955,7 @@
     "message": "Заўсёды паказваць на панэлі Dock"
   },
   "alwaysShowDockDesc": {
-    "message": "Паказваць значок Bitwarden на панэлі Dock нават пры згортванні ў панэль меню."
+    "message": "Паказваць значок Bitwarden на панэлі Dock нават пры згортванні ў радку меню."
   },
   "confirmTrayTitle": {
     "message": "Пацвердзіць адключэнне ў вобласці апавяшчэнняў"
@@ -967,13 +967,13 @@
     "message": "Мова"
   },
   "languageDesc": {
-    "message": "Змена мовы, якая выкарыстоўваецца праграмай. Патрабуецца перазапуск."
+    "message": "Змена мовы праграмы. Патрабуецца перазапуск."
   },
   "theme": {
     "message": "Тэма"
   },
   "themeDesc": {
-    "message": "Змена колеравай тэмы праграмы."
+    "message": "Змена каляровай тэмы праграмы."
   },
   "dark": {
     "message": "Цёмная",
@@ -984,7 +984,7 @@
     "description": "Light color"
   },
   "copy": {
-    "message": "Капіяваць",
+    "message": "Скапіяваць",
     "description": "Copy to clipboard"
   },
   "checkForUpdates": {
@@ -1003,7 +1003,7 @@
     "message": "Перазапуск для абнаўлення"
   },
   "restartToUpdateDesc": {
-    "message": "Версія $VERSION_NUM$ гатовая да ўсталявання. Вы павінны перазапусціць праграму, каб завершыць усталяванне. Вы хочаце перазапусціць і абнавіць зараз?",
+    "message": "Версія $VERSION_NUM$ гатова да ўсталявання. Вы павінны перазапусціць праграму, каб завяршыць працэс усталявання. Зрабіць гэта зараз?",
     "placeholders": {
       "version_num": {
         "content": "$1",
@@ -1024,7 +1024,7 @@
     "message": "Пазней"
   },
   "noUpdatesAvailable": {
-    "message": "Абнаўленняў няма. Вы выкарыстоўваеце апошнюю версію."
+    "message": "Зараз абнаўленняў няма. Вы выкарыстоўваеце апошнюю версію."
   },
   "updateError": {
     "message": "Памылка абнаўлення"
@@ -1033,27 +1033,27 @@
     "message": "Невядома"
   },
   "copyUsername": {
-    "message": "Капіяваць імя карыстальніка"
+    "message": "Скапіяваць імя карыстальніка"
   },
   "copyNumber": {
-    "message": "Капіяваць нумар",
+    "message": "Скапіяваць нумар",
     "description": "Copy credit card number"
   },
   "copySecurityCode": {
-    "message": "Капіяваць код бяспекі",
+    "message": "Скапіяваць код бяспекі",
     "description": "Copy credit card security code (CVV)"
   },
   "premiumMembership": {
     "message": "Прэміяльны статус"
   },
   "premiumManage": {
-    "message": "Кіраванне статусам"
+    "message": "Кіраваць статусам"
   },
   "premiumManageAlert": {
-    "message": "Вы можаце кіраваць сваім статусам на bitwarden.com. Перайсці на сайт зараз?"
+    "message": "Вы можаце кіраваць сваім статусам на bitwarden.com. Перайсці на вэб-сайт зараз зараз?"
   },
   "premiumRefresh": {
-    "message": "Абнавіць статус"
+    "message": "Абнавіць статус удзельніка"
   },
   "premiumNotCurrentMember": {
     "message": "На дадзены момант у вас не прэміяльны статус."
@@ -1071,7 +1071,7 @@
     "message": "Гігіена пароляў, здароўе ўліковага запісу і справаздачы аб уцечках даных для забеспячэння бяспекі вашага сховішча."
   },
   "premiumSignUpTotp": {
-    "message": "TOTP-генератар кодаў (2ФА) для ўліковых даных вашага сховішча."
+    "message": "Генератар праверачных кодаў TOTP (2ФА) для ўваходу ў ваша сховішча."
   },
   "premiumSignUpSupport": {
     "message": "Прыярытэтная падтрымка."
@@ -1080,16 +1080,16 @@
     "message": "Усе будучыя функцыі прэміяльнага статусу. Іх будзе больш!"
   },
   "premiumPurchase": {
-    "message": "Купіць прэміяльны статус"
+    "message": "Купіць прэміум"
   },
   "premiumPurchaseAlert": {
-    "message": "Вы можаце купіць прэміяльны статус на bitwarden.com. Перайсці на сайт зараз?"
+    "message": "Вы можаце купіць прэміяльны статус на bitwarden.com. Перайсці на вэб-сайт зараз?"
   },
   "premiumCurrentMember": {
     "message": "У вас прэміяльны статус!"
   },
   "premiumCurrentMemberThanks": {
-    "message": "Дзякуем вам за падтрымку Bitwarden."
+    "message": "Дзякуй за падтрымку Bitwarden."
   },
   "premiumPrice": {
     "message": "Усяго толькі за $PRICE$ на год!",
@@ -1111,7 +1111,7 @@
     "description": "To clear something out. example: To clear browser history."
   },
   "noPasswordsInList": {
-    "message": "Няма пароляў для паказу."
+    "message": "У спісе адсутнічаюць паролі."
   },
   "undo": {
     "message": "Адрабіць"
@@ -1140,13 +1140,13 @@
     "message": "Скінуць маштаб"
   },
   "toggleFullScreen": {
-    "message": "Пераключыць поўнаэкранны рэжым"
+    "message": "Пераключыцца ў поўнаэкранны рэжым"
   },
   "reload": {
     "message": "Перазагрузка"
   },
   "toggleDevTools": {
-    "message": "Пераключыць інструменты для распрацоўшчыкаў"
+    "message": "Пераключыць інструменты распрацоўшчыка"
   },
   "minimize": {
     "message": "Згарнуць",
@@ -1156,14 +1156,14 @@
     "message": "Маштаб"
   },
   "bringAllToFront": {
-    "message": "На пярэдні план",
+    "message": "Змясціць усё на пярэднім плане",
     "description": "Bring all windows to front (foreground)"
   },
   "aboutBitwarden": {
     "message": "Пра Bitwarden"
   },
   "services": {
-    "message": "Службы"
+    "message": "Сэрвісы"
   },
   "hideBitwarden": {
     "message": "Схаваць Bitwarden"
@@ -1178,7 +1178,7 @@
     "message": "Выйсці з Bitwarden"
   },
   "valueCopied": {
-    "message": "$VALUE$ скапіяваны(-а)",
+    "message": "$VALUE$ скапіяваны",
     "description": "Value has been copied to the clipboard.",
     "placeholders": {
       "value": {
@@ -1197,7 +1197,7 @@
     "message": "Праверце, ці не скампраметаваны пароль."
   },
   "passwordExposed": {
-    "message": "Гэты пароль быў скампраметаваны $VALUE$ раз(-ы/-оў). Вы павінны змяніць яго.",
+    "message": "Гэты пароль быў скампраметаваны наступную колькасць разоў: $VALUE$. Вы павінны змяніць яго.",
     "placeholders": {
       "value": {
         "content": "$1",
@@ -1217,7 +1217,7 @@
     "description": "Domain name. Ex. website.com"
   },
   "host": {
-    "message": "Хост",
+    "message": "Вузел",
     "description": "A URL's host value. For example, the host of https://sub.domain.com:443 is 'sub.domain.com:443'."
   },
   "exact": {
@@ -1235,7 +1235,7 @@
     "description": "URI match detection for auto-fill."
   },
   "defaultMatchDetection": {
-    "message": "Метад выяўлення па змаўчанні",
+    "message": "Прадвызначаны метад выяўлення",
     "description": "Default URI match detection for auto-fill."
   },
   "toggleOptions": {
@@ -1246,7 +1246,7 @@
     "description": "An entity of multiple related people (ex. a team or business organization)."
   },
   "default": {
-    "message": "Па змаўчанні"
+    "message": "Прадвызначана"
   },
   "exit": {
     "message": "Выхад"
@@ -1271,7 +1271,7 @@
     "description": "ex. Date this password was updated"
   },
   "exportVault": {
-    "message": "Экспарт сховішча"
+    "message": "Экспартаваць сховішча"
   },
   "fileFormat": {
     "message": "Фармат файла"
@@ -1281,7 +1281,7 @@
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "loadAccessibilityCookie": {
-    "message": "Загрузіць cookie спецыяльных магчымасцяў"
+    "message": "Загрузіць cookie спецыяльных магчымасцей"
   },
   "registerAccessibilityUser": {
     "message": "Зарэгістравацца ў якасці карыстальніка са спецыяльнымі магчымасцямі на",
@@ -1291,7 +1291,7 @@
     "message": "Скапіюйце і ўстаўце адпраўленую спасылку на вашу электронную пошту"
   },
   "enterhCaptchaUrl": {
-    "message": "Увядзіце URL-адрас для загрузкі cookie спецыяльных магчымасцяў для hCaptcha",
+    "message": "Увядзіце URL-адрас для загрузкі cookie спецыяльных магчымасцей для hCaptcha",
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "hCaptchaUrlRequired": {
@@ -1311,26 +1311,26 @@
     "message": "Адсутнічаюць захаваныя cookie са спецыяльнымі магчымасцямі"
   },
   "warning": {
-    "message": "УВАГА",
+    "message": "ПАПЯРЭДЖАННЕ",
     "description": "WARNING (should stay in capitalized letters if the language permits)"
   },
   "confirmVaultExport": {
     "message": "Пацвердзіць экспартаванне сховішча"
   },
   "exportWarningDesc": {
-    "message": "Экспартуемы файл утрымлівае даныя вашага сховішча ў незашыфраваным фармаце. Яго не варта захоўваць ці адпраўляць па небяспечным каналам (напрыклад, па электроннай пошце). Выдаліце яго адразу пасля выкарыстання."
+    "message": "Пры экспартаванні файл утрымлівае даныя вашага сховішча ў незашыфраваным фармаце. Яго не варта захоўваць або адпраўляць па неабароненых каналах (напрыклад, па электроннай пошце). Выдаліце яго адразу пасля выкарыстання."
   },
   "encExportKeyWarningDesc": {
-    "message": "Падчас экспартавання даныя шыфруюцца з дапамогай ключа шыфравання ўліковага запісу. Калі вы калі-небудзь зменіце ключ шыфравання ўліковага запісу, вам неабходна будзе экспартаваць даныя паўторна, паколькі вы не зможаце расшыфраваць гэты файл экспартавання."
+    "message": "Пры экспартаванні даныя шыфруюцца з дапамогай ключа шыфравання ўліковага запісу. Калі вы калі-небудзь зменіце ключ шыфравання ўліковага запісу, вам неабходна будзе экспартаваць даныя паўторна, паколькі вы не зможаце расшыфраваць гэты файл экспартавання."
   },
   "encExportAccountWarningDesc": {
     "message": "Ключы шыфравання з'яўляюцца ўнікальнымі для кожнага ўліковага запісу Bitwarden, таму нельга імпартаваць зашыфраванае сховішча ў іншы ўліковы запіс."
   },
   "noOrganizationsList": {
-    "message": "Вы не з'яўляецеся членам якой-небудзь арганізацыі. Арганізацыі дазваляюць бяспечна абменьвацца элементамі з іншымі карыстальнікамі."
+    "message": "Вы не належыце да ніводнай арганізацыі. Арганізацыі дазваляюць бяспечна абменьвацца элементамі з іншымі карыстальнікамі."
   },
   "noCollectionsInList": {
-    "message": "Няма калекцый для паказу."
+    "message": "У спісе адсутнічаюць калекцыі."
   },
   "ownership": {
     "message": "Уладальнік"
@@ -1339,7 +1339,7 @@
     "message": "Каму належыць гэты элемент?"
   },
   "strong": {
-    "message": "Моцны",
+    "message": "Надзейны",
     "description": "ex. A strong password. Scale: Weak -> Good -> Strong"
   },
   "good": {
@@ -1347,24 +1347,24 @@
     "description": "ex. A good password. Scale: Weak -> Good -> Strong"
   },
   "weak": {
-    "message": "Слабы",
+    "message": "Ненадзейны",
     "description": "ex. A weak password. Scale: Weak -> Good -> Strong"
   },
   "weakMasterPassword": {
-    "message": "Слабы асноўны пароль"
+    "message": "Ненадзейны асноўны пароль"
   },
   "weakMasterPasswordDesc": {
-    "message": "Асноўны пароль, выбраны вамі, з'яўляецца слабым. Для належнай абароны ўліковага запісу Bitwarden, вы павінны выкарыстоўваць моцны асноўны пароль (або парольную фразу). Вы ўпэўнены, што хочаце выкарыстоўваць гэты асноўны пароль?"
+    "message": "Асноўны пароль, які вы выбралі з'яўляецца ненадзейным. Для належнай абароны ўліковага запісу Bitwarden, вы павінны выкарыстоўваць надзейны асноўны пароль (або парольную фразу). Вы ўпэўнены, што хочаце выкарыстоўваць гэты асноўны пароль?"
   },
   "pin": {
-    "message": "PIN-код",
+    "message": "PIN",
     "description": "PIN code. Ex. The short code (often numeric) that you use to unlock a device."
   },
   "unlockWithPin": {
     "message": "Разблакіраваць PIN-кодам"
   },
   "setYourPinCode": {
-    "message": "Задайце PIN-код для разблакіроўкі Bitwarden. Налады PIN-кода будуць скінуты, калі вы калі-небудзь цалкам выйдзеце з праграмы."
+    "message": "Прызначце PIN-код для разблакіроўкі Bitwarden. Налады PIN-кода будуць скінуты, калі вы калі-небудзь цалкам выйдзеце з праграмы."
   },
   "pinRequired": {
     "message": "Патрабуецца PIN-код."
@@ -1382,13 +1382,13 @@
     "message": "Разблакіраваць з Touch ID"
   },
   "touchIdConsentMessage": {
-    "message": "Праверыць на Bitwarden."
+    "message": "разблакіраваць ваша сховішча"
   },
   "autoPromptWindowsHello": {
-    "message": "Запытваць Windows Hello пры запуску"
+    "message": "Пытацца пра Windows Hello пры запуску"
   },
   "autoPromptTouchId": {
-    "message": "Запытваць Touch ID пры запуску"
+    "message": "Пытацца пра Touch ID пры запуску"
   },
   "lockWithMasterPassOnRestart": {
     "message": "Блакіраваць асноўным паролем пры перазапуску"
@@ -1409,10 +1409,10 @@
     "message": "Ваш уліковы запіс быў закрыты і ўсе звязаныя даныя былі выдалены."
   },
   "preferences": {
-    "message": "Налады"
+    "message": "Параметры"
   },
   "enableMenuBar": {
-    "message": "Уключыць значок у панэлі меню"
+    "message": "Паказваць значок у радку меню"
   },
   "enableMenuBarDesc": {
     "message": "Заўсёды паказваць значок у радку меню."
@@ -1424,16 +1424,16 @@
     "message": "Вы павінны выбраць прынамсі адну калекцыю."
   },
   "premiumUpdated": {
-    "message": "Вы абнавіліся да прэміяльнага статусу."
+    "message": "Вы абнавіліся да прэміяльнай версіі."
   },
   "restore": {
     "message": "Аднавіць"
   },
   "premiumManageAlertAppStore": {
-    "message": "Вы можаце кіраваць сваёй падпіскай з App Store. Вы хочаце наведаць App Store?"
+    "message": "Вы можаце кіраваць сваёй падпіскай з App Store. Наведаць App Store зараз?"
   },
   "legal": {
-    "message": "Правы",
+    "message": "Прававая інфармацыя",
     "description": "Noun. As in 'legal documents', like our terms of service and privacy policy."
   },
   "termsOfService": {
@@ -1452,16 +1452,16 @@
     "message": "Кланіраваць"
   },
   "passwordGeneratorPolicyInEffect": {
-    "message": "На налады генератара ўплываюць адна або некалькі палітык арганізацый."
+    "message": "Адна або больш палітык арганізацыі ўплывае на налады генератара."
   },
   "vaultTimeoutAction": {
-    "message": "Дзеянне пры тайм-аўце"
+    "message": "Дзеянне пасля заканчэння часу чакання сховішча"
   },
   "vaultTimeoutActionLockDesc": {
-    "message": "Для разблакіроўкі сховішча патрабуецца паўторна ўвесці асноўны пароль."
+    "message": "Для атрымання доступу да заблакіраванага сховішча, вам неабходна ўвесці асноўны пароль або скарыстацца іншым метадам разблакіроўкі."
   },
   "vaultTimeoutActionLogOutDesc": {
-    "message": "Выхад са сховішча спатрабуе паўторную праверку сапраўднасці для атрымання доступу да яго."
+    "message": "Для таго, каб аднавіць доступ да сховішча, патрабуецца паўторная аўтарызацыя."
   },
   "lock": {
     "message": "Заблакіраваць",
@@ -1475,19 +1475,19 @@
     "message": "Пошук у сметніцы"
   },
   "permanentlyDeleteItem": {
-    "message": "Выдаліць назаўсёды"
+    "message": "Назаўсёды выдаліць элемент"
   },
   "permanentlyDeleteItemConfirmation": {
     "message": "Вы ўпэўнены, што хочаце назаўсёды выдаліць гэты элемент?"
   },
   "permanentlyDeletedItem": {
-    "message": "Выдаленны назаўсёды элемент"
+    "message": "Элемент выдалены назаўсёды"
   },
   "restoreItem": {
     "message": "Аднавіць элемент"
   },
   "restoreItemConfirmation": {
-    "message": "Вы сапраўды жадаеце аднавіць гэты элемент?"
+    "message": "Вы ўпэўнены, што хочаце аднавіць гэты элемент?"
   },
   "restoredItem": {
     "message": "Элемент адноўлены"
@@ -1496,19 +1496,19 @@
     "message": "Выдаліць назаўсёды"
   },
   "vaultTimeoutLogOutConfirmation": {
-    "message": "Выхад з сістэмы выдаліць доступ да сховішча і спатрабуе праверку сапраўднасці анлайн па заканчэнні перыяду чакання. Вы сапраўды жадаеце ўключыць гэтую наладу?"
+    "message": "Выхад з сістэмы скасуе ўсе магчымасці доступу да сховішча і запатрабуе аўтэнтыфікацыю праз інтэрнэт пасля завяршэння часу чакання. Вы ўпэўнены, што хочаце выкарыстоўваць гэты параметр?"
   },
   "vaultTimeoutLogOutConfirmationTitle": {
-    "message": "Пацвярджэнне дзеяння для тайм-аута"
+    "message": "Пацвярджэнне дзеяння часу чакання"
   },
   "enterpriseSingleSignOn": {
-    "message": "Адзіны ўваход у карпаратыўную сістэму (SSO)"
+    "message": "Адзіны ўваход прадпрыемства (SSO)"
   },
   "setMasterPassword": {
-    "message": "Задаць асноўны пароль"
+    "message": "Прызначыць асноўны пароль"
   },
   "ssoCompleteRegistration": {
-    "message": "Для завяршэння ўваходу праз SSO, задайце асноўны пароль для доступу і абароны вашаго сховішча."
+    "message": "Для завяршэння працэсу ўваходу з дапамогай SSO, прызначце асноўны пароль для доступу да вашага сховішча і яго абароны."
   },
   "newMasterPass": {
     "message": "Новы асноўны пароль"
@@ -1517,7 +1517,7 @@
     "message": "Пацвердзіць новы асноўны пароль"
   },
   "masterPasswordPolicyInEffect": {
-    "message": "Згодна з адной або некалькімі палітыкамі арганізацыі неабходна, каб ваш асноўны пароль адказваў наступным патрабаванням:"
+    "message": "Адна або больш палітык арганізацыі патрабуе, каб ваш асноўны пароль адпавядаў наступным патрабаванням:"
   },
   "policyInEffectMinComplexity": {
     "message": "Мінімальны ўзровень складанасці $SCORE$",
@@ -1538,13 +1538,13 @@
     }
   },
   "policyInEffectUppercase": {
-    "message": "Уключыць адну ці больш прапісных літар"
+    "message": "Уключыць адну або некалькі вялікіх літар"
   },
   "policyInEffectLowercase": {
-    "message": "Уключыць адну ці больш малых літар"
+    "message": "Уключыць адну або некалькі малых літар"
   },
   "policyInEffectNumbers": {
-    "message": "Уключыць адну ці больш лічбаў"
+    "message": "Уключыць адну або некалькі лічбаў"
   },
   "policyInEffectSpecial": {
     "message": "Уключаць хаця б адзін з наступных спецыяльных сімвалаў $CHARS$",
@@ -1556,7 +1556,7 @@
     }
   },
   "masterPasswordPolicyRequirementsNotMet": {
-    "message": "Ваш новы асноўны пароль не адпавядае патрабаванням палітыкі арганізацыі."
+    "message": "Ваш новы асноўны пароль не адпавядае патрабаванням палітыкі."
   },
   "acceptPolicies": {
     "message": "Ставячы гэты сцяжок вы пагаджаецеся з наступным:"
@@ -1570,17 +1570,23 @@
   "enableBrowserIntegrationDesc": {
     "message": "Выкарыстоўваецца для біяметрыі ў браўзеры."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Дазволіць інтэграцыю браўзера з DuckDuckGo"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Выкарыстоўвайце сховішча Bitwarden падчас прагляду старонак з DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Інтэграцыя з браўзерам не падтрымліваецца"
   },
   "browserIntegrationMasOnlyDesc": {
-    "message": "На жаль, інтэграцыя з браўзерам зараз падтрымліваецца толькі ў версіі Mac App Store."
+    "message": "На жаль, інтэграцыя з браўзерам зараз падтрымліваецца толькі ў версіі для Mac App Store."
   },
   "browserIntegrationWindowsStoreDesc": {
-    "message": "На жаль, інтэграцыя з браўзерам у цяперашні час не падтрымліваецца ў версіі Windows Store."
+    "message": "На жаль, інтэграцыя з браўзерам у цяперашні час не падтрымліваецца ў версіі для Microsoft Store."
   },
   "browserIntegrationLinuxDesc": {
-    "message": "На жаль, інтэграцыя з браўзерам у цяперашні час не падтрымліваецца ў версіі Linux."
+    "message": "На жаль, інтэграцыя з браўзерам у цяперашні час не падтрымліваецца ў версіі для Linux."
   },
   "enableBrowserIntegrationFingerprint": {
     "message": "Патрабаваць праверку для інтэграцыі з браўзерам"
@@ -1595,7 +1601,22 @@
     "message": "Праверка злучэння з браўзерам"
   },
   "verifyBrowserDesc": {
-    "message": "Пераканайцеся, што паказаны адбітак супадае з адбіткам, які паказаны ў пашырэнні браўзера."
+    "message": "Пераканайцеся, што паказаны адбітак пальца супадае з адбіткам, які паказаны ў пашырэнні браўзера."
+  },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ хоча падлучыцца да Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Вы сапраўды хочаце ўхваліць гэты запыт?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Не ўхваляйце гэты запыт, калі вы не ініцыявалі яго."
   },
   "biometricsNotEnabledTitle": {
     "message": "Біяметрыя не ўключана"
@@ -1604,7 +1625,7 @@
     "message": "Для актывацыі біяметрыі ў браўзеры неабходна спачатку ўключыць яе ў наладах праграмы для камп'ютара."
   },
   "personalOwnershipSubmitError": {
-    "message": "У адпаведнасці з карпаратыўнай палітыкай вам забаронена захоўваць элементы ў асабістым сховішчы. Змяніце параметры ўласнасці на арганізацыю і выберыце з даступных калекцый."
+    "message": "У адпаведнасці з палітыкай прадпрыемства вам забаронена захоўваць элементы ў асабістым сховішчы. Змяніце параметры ўласнасці на арганізацыю і выберыце з даступных калекцый."
   },
   "hintEqualsPassword": {
     "message": "Падказка для пароля не можа супадаць з паролем."
@@ -1623,7 +1644,7 @@
     "message": "Тэкст"
   },
   "searchSends": {
-    "message": "Пошук Send'аў",
+    "message": "Пошук у Send'ах",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "editSend": {
@@ -1647,7 +1668,7 @@
     "message": "Дата завяршэння"
   },
   "expirationDateDesc": {
-    "message": "Калі зададзена, то доступ да гэтага Send міне ў азначаную дату і час.",
+    "message": "Калі прызначана, то доступ да гэтага Send міне ў азначаную дату і час.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "maxAccessCount": {
@@ -1655,7 +1676,7 @@
     "description": "This text will be displayed after a Send has been accessed the maximum amount of times."
   },
   "maxAccessCountDesc": {
-    "message": "Калі зададзена, то карыстальнікі больш не змогуць атрымаць доступ да гэтага Send пасля таго, як будзе дасягнута максімальная колькасць зваротаў.",
+    "message": "Калі прызначана, то карыстальнікі больш не змогуць атрымаць доступ да гэтага Send пасля таго, як будзе дасягнута максімальная колькасць зваротаў.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "currentAccessCount": {
@@ -1674,15 +1695,15 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendLink": {
-    "message": "Адправіць спасылку",
+    "message": "Спасылка на Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendLinkLabel": {
-    "message": "Адправіць спасылку",
+    "message": "Спасылка на Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "textHiddenByDefault": {
-    "message": "Прадвызначана хаваць тэкст, калі адбываецца доступ да Send",
+    "message": "Пры доступе да Send прадвызначана хаваць тэкст",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "createdSend": {
@@ -1694,14 +1715,14 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "deletedSend": {
-    "message": "Выдалены Send",
+    "message": "Send выдалены",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "newPassword": {
     "message": "Новы пароль"
   },
   "whatTypeOfSend": {
-    "message": "Які гэта тып Send?",
+    "message": "Які гэта тып Send'a?",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "createSend": {
@@ -1715,7 +1736,7 @@
     "message": "Файл, які вы хочаце адправіць."
   },
   "days": {
-    "message": "$DAYS$ дзён",
+    "message": "Дзён: $DAYS$",
     "placeholders": {
       "days": {
         "content": "$1",
@@ -1727,14 +1748,14 @@
     "message": "1 дзень"
   },
   "custom": {
-    "message": "Адвольны"
+    "message": "Карыстальніцкі"
   },
   "deleteSendConfirmation": {
     "message": "Вы ўпэўнены, што хочаце выдаліць гэты Send?",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "copySendLinkToClipboard": {
-    "message": "Капіяваць спасылку на Send у буфер абмену",
+    "message": "Скапіяваць спасылку на Send у буфер абмену",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "copySendLinkOnSave": {
@@ -1745,17 +1766,17 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendDisabledWarning": {
-    "message": "У адпаведнасці з карпаратыўнай палітыкай, вы можаце выдаліць толькі бягучы Send.",
+    "message": "У адпаведнасці з палітыкай прадпрыемства, вы можаце выдаліць толькі бягучы Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "copyLink": {
-    "message": "Капіяваць спасылку"
+    "message": "Скапіяваць спасылку"
   },
   "disabled": {
     "message": "Адключана"
   },
   "maxAccessCountReached": {
-    "message": "Дасягнута максімальная колькасць зваротаў"
+    "message": "Дасягнута максімальная колькасць доступаў"
   },
   "expired": {
     "message": "Пратэрмінавана"
@@ -1779,22 +1800,22 @@
     "message": "Для выкарыстання гэтай функцыі патрабуецца праверыць электронную пошту."
   },
   "passwordPrompt": {
-    "message": "Паўторны запыт галоўнага пароля"
+    "message": "Паўторны запыт асноўнага пароля"
   },
   "passwordConfirmation": {
     "message": "Пацвярджэнне асноўнага пароля"
   },
   "passwordConfirmationDesc": {
-    "message": "Гэта дзеянне абаронена. Для працягу, калі ласка, паўторная ўвядзіце свой пароль, каб пацвердзіць вашу асобу."
+    "message": "Гэта дзеянне абаронена. Для працягу, калі ласка, паўторна ўвядзіце свой асноўны пароль, каб пацвердзіць вашу асобу."
   },
   "updatedMasterPassword": {
-    "message": "Галоўны пароль абноўлены"
+    "message": "Асноўны пароль абноўлены"
   },
   "updateMasterPassword": {
-    "message": "Абнавіць галоўны пароль"
+    "message": "Абнавіць асноўны пароль"
   },
   "updateMasterPasswordWarning": {
-    "message": "Ваш галоўны пароль не так даўно быў зменены адміністратарам вашай арганізацыі. Для таго, каб атрымаць доступ да вашага сховішча, вы павінны абнавіць яго зараз. У выніку бягучы сеанс будзе завершаны і вам неабходна будзе паўторна ўвайсці. Сеансы на іншых прыладах могуць заставацца актыўнымі на працягу адной гадзіны."
+    "message": "Ваш асноўны пароль нядаўна быў зменены адміністратарам арганізацыі. Для таго, каб атрымаць доступ да вашага сховішча, вы павінны абнавіць яго зараз. Гэта прывядзе да завяршэння бягучага сеанса і вам неабходна будзе ўвайсці паўторна. Сеансы на іншых прыладах могуць заставацца актыўнымі на працягу адной гадзіны."
   },
   "hours": {
     "message": "Гадзіны"
@@ -1803,7 +1824,7 @@
     "message": "Хвіліны"
   },
   "vaultTimeoutPolicyInEffect": {
-    "message": "Палітыка вашай арганізацыі ўплывае на час чакання сховішча. Максімальны дазволены час чакання сховішча $HOURS$ гадз. і $MINUTES$ хв.",
+    "message": "Палітыка вашай арганізацыі ўплывае на час чакання сховішча. Максімальны дазволены час чакання сховішча складае $HOURS$ гадз. і $MINUTES$ хв.",
     "placeholders": {
       "hours": {
         "content": "$1",
@@ -1822,7 +1843,7 @@
     "message": "Аўтаматычная рэгістрацыя"
   },
   "resetPasswordAutoEnrollInviteWarning": {
-    "message": "Гэта арганізацыя мае карпаратыўную палітыку, якая будзе аўтаматычна зарэгіструе ваша скіданне пароля. Рэгістрацыя дазволіць адміністратарам арганізацыі змяняць ваш асноўны пароль."
+    "message": "Гэта арганізацыя мае палітыку прадпрыемства, якая аўтаматычна зарэгіструе ваша скіданне пароля. Рэгістрацыя дазволіць адміністратарам арганізацыі змяняць ваш асноўны пароль."
   },
   "vaultExportDisabled": {
     "message": "Экспартаванне сховішча адключана"
@@ -1840,7 +1861,7 @@
     "message": "Асноўны пароль выдалены."
   },
   "convertOrganizationEncryptionDesc": {
-    "message": "$ORGANIZATION$ выкарыстоўвае SSO з уласным серверам ключоў. Для аўтарызацыі ўдзельнікам гэтай арганізацыі больш няма неабходнасці выкарыстоўваць асноўны пароль.",
+    "message": "$ORGANIZATION$ выкарыстоўвае SSO з уласным серверам ключоў. Асноўны пароль для ўдзельнікаў гэтай арганізацыі больш не патрабуецца.",
     "placeholders": {
       "organization": {
         "content": "$1",
@@ -1849,7 +1870,7 @@
     }
   },
   "leaveOrganization": {
-    "message": "Пакінуць арганізацыю"
+    "message": "Выйсці з арганізацыі"
   },
   "leaveOrganizationConfirmation": {
     "message": "Вы сапраўды хочаце пакінуць гэту арганізацыю?"
@@ -1888,16 +1909,16 @@
     "message": "Пераключыць уліковы запіс"
   },
   "options": {
-    "message": "Опцыі"
+    "message": "Параметры"
   },
   "sessionTimeout": {
-    "message": "Час вашай сесіі выйшаў. Калі ласка, увайдзіце паўторна."
+    "message": "Час чакання вашага сеанса завяршыўся. Калі ласка, увайдзіце паўторна."
   },
   "exportingPersonalVaultTitle": {
     "message": "Экспартаванне асабістага сховішча"
   },
   "exportingPersonalVaultDescription": {
-    "message": "Толькі элементы асабістага сховішча, якія звязаны з $EMAIL$ будуць экспартаваныя. Элементы сховішча арганізацыі не будуць уключаны.",
+    "message": "Будуць экспартаваны толькі асабістыя элементы сховішча, якія звязаны з $EMAIL$. Элементы сховішча арганізацыі не будуць уключаны.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -1921,7 +1942,7 @@
     "message": "Тып пароля"
   },
   "regenerateUsername": {
-    "message": "Паўторна згенерыраваць імя карыстастальніка"
+    "message": "Паўторна генерыраваць імя карыстальніка"
   },
   "generateUsername": {
     "message": "Генерыраваць імя карыстальніка"
@@ -1934,7 +1955,7 @@
     "description": "Username generator option that appends a random sub-address to the username. For example: address+subaddress@email.com"
   },
   "plusAddressedEmailDesc": {
-    "message": "Выкарыстоўваць магчымасці пададрасацыі вашага пастаўшчыка паслуг электроннай пошты."
+    "message": "Выкарыстоўвайце магчымасці пададрасацыі вашага пастаўшчыка паслуг электроннай пошты."
   },
   "catchallEmail": {
     "message": "Адрас для ўсёй пошты дамена"
@@ -1958,7 +1979,7 @@
     "message": "Усе сховішчы"
   },
   "searchOrganization": {
-    "message": "Пошук арганізацыі"
+    "message": "Пошук у арганізацыі"
   },
   "searchMyVault": {
     "message": "Пошук у маім сховішчы"
@@ -1986,7 +2007,7 @@
     "message": "Арганізацыя адключана."
   },
   "disabledOrganizationFilterError": {
-    "message": "Элементы ў адключаных арганізацыя недаступны. Звяжыцеся з уладальнікам вашай арганізацыі для атрымання дапамогі."
+    "message": "Доступ да элементаў у адключаных арганізацыях немагчымы. Звяжыце з уладальнікам арганізацыі для атрымання дапамогі."
   },
   "neverLockWarning": {
     "message": "Вы ўпэўнены, што хочаце адключыць блакіроўку сховішча? Прызначыўшы параметр блакіравання \"Ніколі\", ключ шыфравання будзе захоўвацца на вашай прыладзе. Калі вы выкарыстоўваеце гэты параметр, вы павінны быць упэўнены ў тым, што ваша прылада надзейна абаронена."
diff --git a/apps/desktop/src/locales/bg/messages.json b/apps/desktop/src/locales/bg/messages.json
index 03c198fc4223..72ee6e08e32d 100644
--- a/apps/desktop/src/locales/bg/messages.json
+++ b/apps/desktop/src/locales/bg/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "За потвърждаване с биометрични данни е необходима интеграция с браузъра."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Разрешаване на интеграцията на DuckDuckGo в браузъра"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Използвайте трезора си в Битуорден, когато навигирате в мрежата с DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Интеграцията с браузър не се поддържа"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Уверете се, че идентификаторът в разширението съвпада с показания."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ иска де се свърже с Битуорден",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Одобрявате ли тази заявка?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Ако не Вие сте предизвикали тази заявка, не я одобрявайте."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Потвърждаването с биометрични данни не е включено"
   },
diff --git a/apps/desktop/src/locales/bn/messages.json b/apps/desktop/src/locales/bn/messages.json
index 664e38d155cc..47c7b64a8e1a 100644
--- a/apps/desktop/src/locales/bn/messages.json
+++ b/apps/desktop/src/locales/bn/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "বায়োমেট্রিকস সক্ষম নেই"
   },
diff --git a/apps/desktop/src/locales/bs/messages.json b/apps/desktop/src/locales/bs/messages.json
index f2c1faad6a5a..2b20273114ea 100644
--- a/apps/desktop/src/locales/bs/messages.json
+++ b/apps/desktop/src/locales/bs/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Provjeri da je prikazana jedinstvena fraza identična onoj prikazanoj u proširenju preglednika."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrija nije omogućena"
   },
diff --git a/apps/desktop/src/locales/ca/messages.json b/apps/desktop/src/locales/ca/messages.json
index 9a74e2f4089d..ff2fb9047e33 100644
--- a/apps/desktop/src/locales/ca/messages.json
+++ b/apps/desktop/src/locales/ca/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "S'utilitza per a la biometria al navegador."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Permet la integració del navegador DuckDuckGo"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Utilitzeu la vostra caixa forta de Bitwarden quan navegueu amb DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "La integració en el navegador no és compatible"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Assegureu-vos que l’empremta digital que es mostra és idèntica a la que es mostra a l’extensió del navegador."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ vol connectar-se a Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Voleu aprovar aquesta sol·licitud?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Si no heu iniciar aquesta sol·licitud, no l'aproveu."
+  },
   "biometricsNotEnabledTitle": {
     "message": "La biomètrica no està habilitada"
   },
diff --git a/apps/desktop/src/locales/cs/messages.json b/apps/desktop/src/locales/cs/messages.json
index 2ed892b62ee0..b6ef93b4cd4d 100644
--- a/apps/desktop/src/locales/cs/messages.json
+++ b/apps/desktop/src/locales/cs/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Integrace prohlížeče se používá pro biometriku v prohlížeči."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Zkontrolujte, zda je zobrazený otisk totožný s otiskem zobrazeným v rozšíření prohlížeče."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrie není povolena"
   },
diff --git a/apps/desktop/src/locales/da/messages.json b/apps/desktop/src/locales/da/messages.json
index fd7550460598..bf909c8fad05 100644
--- a/apps/desktop/src/locales/da/messages.json
+++ b/apps/desktop/src/locales/da/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Bruges til biometri i browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browserintegration understøttes ikke"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Sørg for, at det viste fingeraftryk er identisk med det fingeraftryk, der vises i browserudvidelsen."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometri ikke aktiveret"
   },
diff --git a/apps/desktop/src/locales/de/messages.json b/apps/desktop/src/locales/de/messages.json
index 3e73f09d3630..612b1edd0b1c 100644
--- a/apps/desktop/src/locales/de/messages.json
+++ b/apps/desktop/src/locales/de/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Die Browser-Integration wird für Biometrie im Browser verwendet."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "DuckDuckGo Browser-Integration erlauben"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Verwende deinen Bitwarden-Tresor, wenn du mit DuckDuckGo surfst."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser-Integration wird nicht unterstützt"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Bitte stelle sicher, dass der angezeigte Prüfschlüssel identisch mit dem Prüfschlüssel in der Browser-Erweiterung ist."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ möchte sich mit Bitwarden verbinden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Möchtest du diese Anfrage genehmigen?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Wenn du diese Anfrage nicht initiiert hast, genehmige sie nicht."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrie ist nicht aktiviert"
   },
diff --git a/apps/desktop/src/locales/el/messages.json b/apps/desktop/src/locales/el/messages.json
index d5703316ff3f..b4834c571aa2 100644
--- a/apps/desktop/src/locales/el/messages.json
+++ b/apps/desktop/src/locales/el/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Η ενσωμάτωση του προγράμματος περιήγησης χρησιμοποιείται για βιομετρικά στοιχεία στο πρόγραμμα περιήγησης."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Η ενσωμάτωση του περιηγητή δεν υποστηρίζεται"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Βεβαιωθείτε ότι το εμφανιζόμενο δακτυλικό αποτύπωμα είναι ταυτόσημο με το δακτυλικό αποτύπωμα που εμφανίζεται στην επέκταση του προγράμματος περιήγησης."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Η βιομετρική δεν είναι ενεργοποιημένη"
   },
diff --git a/apps/desktop/src/locales/en/messages.json b/apps/desktop/src/locales/en/messages.json
index 82038e669005..2c0967fa27db 100644
--- a/apps/desktop/src/locales/en/messages.json
+++ b/apps/desktop/src/locales/en/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
@@ -1985,15 +2006,15 @@
   "organizationIsDisabled": {
     "message": "Organization is disabled."
   },
-  "disabledOrganizationFilterError" : {
-    "message" : "Items in disabled Organizations cannot be accessed. Contact your Organization owner for assistance."
+  "disabledOrganizationFilterError": {
+    "message": "Items in disabled Organizations cannot be accessed. Contact your Organization owner for assistance."
   },
   "neverLockWarning": {
     "message": "Are you sure you want to use the \"Never\" option? Setting your lock options to \"Never\" stores your vault's encryption key on your device. If you use this option you should ensure that you keep your device properly protected."
   },
   "cardBrandMir": {
     "message": "Mir"
-  }, 
+  },
   "vault": {
     "message": "Vault"
   }
diff --git a/apps/desktop/src/locales/en_GB/messages.json b/apps/desktop/src/locales/en_GB/messages.json
index c2f2e7cd2843..f2d527b668d3 100644
--- a/apps/desktop/src/locales/en_GB/messages.json
+++ b/apps/desktop/src/locales/en_GB/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint shown in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/en_IN/messages.json b/apps/desktop/src/locales/en_IN/messages.json
index dbc20d4f1bdf..11eb95758d79 100644
--- a/apps/desktop/src/locales/en_IN/messages.json
+++ b/apps/desktop/src/locales/en_IN/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Browser integration is used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/eo/messages.json b/apps/desktop/src/locales/eo/messages.json
index 9fcdd0e4a1e4..7ddbc614b59a 100644
--- a/apps/desktop/src/locales/eo/messages.json
+++ b/apps/desktop/src/locales/eo/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/es/messages.json b/apps/desktop/src/locales/es/messages.json
index 0d6336ff3a06..aab30fce0d53 100644
--- a/apps/desktop/src/locales/es/messages.json
+++ b/apps/desktop/src/locales/es/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "La integración del navegador se usa para la biometría en el mismo."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Permitir integración con el navegador DuckDuckGo"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Usa tu bóveda de Bitwarden cuando navegas con DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "La integración con el navegador no está soportada"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Por favor, asegúrese de que la huella digital mostrada es idéntica a la huella que aparece en la extensión del navegador."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ quiere conectarse a Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "¿Quieres aprobar esta solicitud?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Si no iniciaste esta solicitud, no la apruebes."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometría no habilitada"
   },
diff --git a/apps/desktop/src/locales/et/messages.json b/apps/desktop/src/locales/et/messages.json
index c53115c9bf34..3dfb0bcbc706 100644
--- a/apps/desktop/src/locales/et/messages.json
+++ b/apps/desktop/src/locales/et/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Brauseri integratsioon on vajalik biomeetria kasutamiseks brauseris."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Brauseri integratsioon ei ole toetatud"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Veendu, et kuvatav sõrmejälje fraas on identne sellega, mida kuvatakse brauseri lisas."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biomeetria ei ole sisse lülitatud"
   },
diff --git a/apps/desktop/src/locales/eu/messages.json b/apps/desktop/src/locales/eu/messages.json
index c5b3b8d4f06d..d196a5bdda29 100644
--- a/apps/desktop/src/locales/eu/messages.json
+++ b/apps/desktop/src/locales/eu/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Nabigatzailean biometria erabiltzen da."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Ez da nabigatzailearen integrazioa onartzen"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Ziurtatu bistaratutako hatz-marka digitala nabigatzailearen gehigarrian agertzen den hatz-marka digitalaren berdina dela."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometria desgaitua"
   },
diff --git a/apps/desktop/src/locales/fa/messages.json b/apps/desktop/src/locales/fa/messages.json
index 8b1a17753fc8..0febe54c5d9d 100644
--- a/apps/desktop/src/locales/fa/messages.json
+++ b/apps/desktop/src/locales/fa/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "یکپارچه سازی مرورگر برای بیومتریک در مرورگر استفاده می شود."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "ادغام مرورگر پشتیبانی نمی شود"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "لطفاً اطمینان حاصل کنید که اثر انگشت نشان داده شده با اثر انگشت نشان داده شده در افزونه مرورگر یکسان است."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "بیومتریک فعال نیست"
   },
diff --git a/apps/desktop/src/locales/fi/messages.json b/apps/desktop/src/locales/fi/messages.json
index f81a814b1b2c..1483f3623067 100644
--- a/apps/desktop/src/locales/fi/messages.json
+++ b/apps/desktop/src/locales/fi/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Käytetään selainten biometriatukeen."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Salli integrointi DuckDuckGo-selaimeen"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Käytä Bitwardenin holvia DuckDuckGo-selaimessa."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Selainintegraatiota ei tueta"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Varmista, että näytetty tunnistelauseke on identtinen selainlaajennuksessa näkyvän lausekkeen kanssa."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ haluaa yhdistää Bitwardeniin",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Haluatko hyväksyä pyynnön?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Älä hyväksy pyyntöä, jollet itse aiheuttanut sitä."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometria ei ole käytössä"
   },
diff --git a/apps/desktop/src/locales/fil/messages.json b/apps/desktop/src/locales/fil/messages.json
index 64779d3557b8..4f77b521ad0d 100644
--- a/apps/desktop/src/locales/fil/messages.json
+++ b/apps/desktop/src/locales/fil/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/fr/messages.json b/apps/desktop/src/locales/fr/messages.json
index 7bcc9c6fe5c3..86e4c15eb502 100644
--- a/apps/desktop/src/locales/fr/messages.json
+++ b/apps/desktop/src/locales/fr/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "L'intégration avec le navigateur est utilisée pour le déverrouillage biométrique dans le navigateur."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Intégration dans le navigateur non supportée"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Veuillez vous assurer que la phrase d'empreinte affichée est identique à celle affichée dans l'extension de navigateur."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Le déverrouillage biométrique n'est pas activé"
   },
diff --git a/apps/desktop/src/locales/he/messages.json b/apps/desktop/src/locales/he/messages.json
index ece081756549..d2eedf07910d 100644
--- a/apps/desktop/src/locales/he/messages.json
+++ b/apps/desktop/src/locales/he/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "אינטגרצייה עם הדפדפן מאפשרת שימוש באמצעיים ביומטריים בדפדפן."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "שילוב הדפדפן אינו נתמך"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "בבקשה, וודא כי חתימת האצבע הדיגיטלית המוצגת זהה לחתימה שמופיע בתוסף הדפדפן."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "לא הופעלו אמצעי זיהוי ביומטריים"
   },
diff --git a/apps/desktop/src/locales/hi/messages.json b/apps/desktop/src/locales/hi/messages.json
index 161feab674c4..d2eb932e7f1b 100644
--- a/apps/desktop/src/locales/hi/messages.json
+++ b/apps/desktop/src/locales/hi/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/hr/messages.json b/apps/desktop/src/locales/hr/messages.json
index c7c5fc064772..c720728df00d 100644
--- a/apps/desktop/src/locales/hr/messages.json
+++ b/apps/desktop/src/locales/hr/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Integracija s preglednikom koristi se za biometriju u pregledniku."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Integracija preglednika nije podržana"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Provjeri da je prikazana jedinstvena fraza identična onoj prikazanoj u proširenju preglednika."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrija nije omogućena"
   },
diff --git a/apps/desktop/src/locales/hu/messages.json b/apps/desktop/src/locales/hu/messages.json
index 750f2dede5af..b89d898cb3e2 100644
--- a/apps/desktop/src/locales/hu/messages.json
+++ b/apps/desktop/src/locales/hu/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "A böngésző integrációt a biometrikus adatokhoz használják a böngészőben."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "DuckDuckGo böngésző integráció engedélyezése"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "A Bitwarden széf használata DuckDuckGo böngésző használatakor."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "A böngésző integráció nem támogatott."
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Ellenőrizzük, hogy a bemutatott ujjlenyomat megegyezik a böngésző kiterjesztésében megjelenített ujjlenyomattal."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ szeretne csaklakozni a Bitwardenhez.",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Szeretnénk jóváhagyni ezt a kérést?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Ha nem kezdeményeztük azt a kérést, ne hagyjuk jóvá."
+  },
   "biometricsNotEnabledTitle": {
     "message": "A biometrikus adatok nincsenek engedélyezve."
   },
diff --git a/apps/desktop/src/locales/id/messages.json b/apps/desktop/src/locales/id/messages.json
index 3504bb3d3151..b355f13f5d7c 100644
--- a/apps/desktop/src/locales/id/messages.json
+++ b/apps/desktop/src/locales/id/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Integrasi browser digunakan untuk biometrik di browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Harap pastikan sidik jari yang ditampilkan identik dengan sidik jari yang ditunjukkan di ekstensi browser."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrik tidak diaktifkan"
   },
diff --git a/apps/desktop/src/locales/it/messages.json b/apps/desktop/src/locales/it/messages.json
index 5e139658e11d..c8b708dea27a 100644
--- a/apps/desktop/src/locales/it/messages.json
+++ b/apps/desktop/src/locales/it/messages.json
@@ -1461,7 +1461,7 @@
     "message": "Una cassaforte bloccata richiede l'inserimento della password principale per accedere nuovamente."
   },
   "vaultTimeoutActionLogOutDesc": {
-    "message": "La disconnessione dalla cassaforte richiede l'inserimento della password principale per accedere nuovamente."
+    "message": "Per accedere nuovamente alla cassaforte è necessaria una nuova autenticazione."
   },
   "lock": {
     "message": "Blocca",
@@ -1565,11 +1565,17 @@
     "message": "I termini di servizio e l'informativa sulla privacy non sono stati accettati."
   },
   "enableBrowserIntegration": {
-    "message": "Abilita l'integrazione con il browser"
+    "message": "Abilita l'integrazione del browser"
   },
   "enableBrowserIntegrationDesc": {
     "message": "L'integrazione del browser è utilizzata per l'autenticazione biometrica."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "L'integrazione del browser non è supportata"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Assicurati che l'impronta digitale mostrata sia identica all'impronta digitale mostrata nell'estensione del browser."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Autenticazione biometrica non abilitata"
   },
@@ -1995,6 +2016,6 @@
     "message": "Mir"
   },
   "vault": {
-    "message": "Vault"
+    "message": "Cassaforte"
   }
 }
diff --git a/apps/desktop/src/locales/ja/messages.json b/apps/desktop/src/locales/ja/messages.json
index c2f70a3758de..d2f5953e0fde 100644
--- a/apps/desktop/src/locales/ja/messages.json
+++ b/apps/desktop/src/locales/ja/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "ブラウザでの生体認証のためにブラウザ統合を使用します。"
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "DuckDuckGo ブラウザの統合を許可する"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "DuckDuckGo でブラウズするときに Bitwarden 保管庫を使用します。"
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "ブラウザー統合はサポートされていません"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "表示されているパスフレーズがブラウザ拡張に表示されているものと同じであることを確認してください。"
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ が Bitwarden に接続しようとしています",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "このリクエストを承認しますか？"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "このリクエストが自身でしたものでない場合は、承認しないでください。"
+  },
   "biometricsNotEnabledTitle": {
     "message": "生体認証が有効になっていません。"
   },
diff --git a/apps/desktop/src/locales/ka/messages.json b/apps/desktop/src/locales/ka/messages.json
index 64779d3557b8..4f77b521ad0d 100644
--- a/apps/desktop/src/locales/ka/messages.json
+++ b/apps/desktop/src/locales/ka/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/km/messages.json b/apps/desktop/src/locales/km/messages.json
index 64779d3557b8..4f77b521ad0d 100644
--- a/apps/desktop/src/locales/km/messages.json
+++ b/apps/desktop/src/locales/km/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/kn/messages.json b/apps/desktop/src/locales/kn/messages.json
index 4b0d2da7de75..44349769747a 100644
--- a/apps/desktop/src/locales/kn/messages.json
+++ b/apps/desktop/src/locales/kn/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "ಬ್ರೌಸರ್ನಲ್ಲಿ ಬಯೋಮೆಟ್ರಿಕ್ಸ್ಗಾಗಿ ಬ್ರೌಸರ್ ಏಕೀಕರಣವನ್ನು ಬಳಸಲಾಗುತ್ತದೆ."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "ತೋರಿಸಿದ ಫಿಂಗರ್‌ಪ್ರಿಂಟ್ ಬ್ರೌಸರ್ ವಿಸ್ತರಣೆಯಲ್ಲಿ ತೋರಿಸಿರುವ ಫಿಂಗರ್‌ಪ್ರಿಂಟ್‌ಗೆ ಹೋಲುತ್ತದೆ ಎಂಬುದನ್ನು ಖಚಿತಪಡಿಸಿಕೊಳ್ಳಿ."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "ಬಯೊಮಿಟ್ರಿಕ್ಸ್ ಅನ್ನು ಸಕ್ರಿಯಗೊಳಿಸಲಾಗಿಲ್ಲ"
   },
diff --git a/apps/desktop/src/locales/ko/messages.json b/apps/desktop/src/locales/ko/messages.json
index 70da549a6e26..39b7981ce116 100644
--- a/apps/desktop/src/locales/ko/messages.json
+++ b/apps/desktop/src/locales/ko/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "브라우저와 연결하면 브라우저에서 생체 인식을 사용할 수 있습니다."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "다음의 지문 구절이 브라우저 확장 프로그램에 표시된 지문 구절과 동일한지 확인해주세요."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "생체 인식이 활성화되지 않음"
   },
diff --git a/apps/desktop/src/locales/lv/messages.json b/apps/desktop/src/locales/lv/messages.json
index 391c042f4a2e..5de38d841f57 100644
--- a/apps/desktop/src/locales/lv/messages.json
+++ b/apps/desktop/src/locales/lv/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Pārlūka saistīšana tiek izmantota pārlūka biometrijas nodrošināšanai."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Atļaut DuckDuckGo pārlūka saistīšanu"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Izmantot Bitwarden glabātavu, kad pārlūko ar DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Pārlūka saistīšana nav atbalstīta"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Lūgums pārliecināties, ka attēlotā atpazīšanas vārdkopa ir tāda pati kā tā, kas ir redzama pārlūka paplašinājumā."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ pieprasa savienojumu ar Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Vai apstiprināt šo pieprasījumu?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Ja Tu neuzsāki šo pieprasījumu, neapstiprini to!"
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrija nav iespējota"
   },
diff --git a/apps/desktop/src/locales/me/messages.json b/apps/desktop/src/locales/me/messages.json
index 2566f7f62e37..bff24d496644 100644
--- a/apps/desktop/src/locales/me/messages.json
+++ b/apps/desktop/src/locales/me/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/ml/messages.json b/apps/desktop/src/locales/ml/messages.json
index 55dd0eb0a16b..2b79830ce3f9 100644
--- a/apps/desktop/src/locales/ml/messages.json
+++ b/apps/desktop/src/locales/ml/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "ബയോമെട്രിക്സ് പ്രാപ്തമാക്കിയിട്ടില്ല"
   },
diff --git a/apps/desktop/src/locales/nb/messages.json b/apps/desktop/src/locales/nb/messages.json
index 3ec862b0624d..4b7c78764cc0 100644
--- a/apps/desktop/src/locales/nb/messages.json
+++ b/apps/desktop/src/locales/nb/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Nettleserintegrasjon brukes til biometri i nettleseren."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Nettleserintegrasjon støttes ikke"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Kontroller at vist fingeravtrykk er identisk med fingeravtrykket som vises i nettleserutvidelsen."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometri er ikke aktivert"
   },
diff --git a/apps/desktop/src/locales/nl/messages.json b/apps/desktop/src/locales/nl/messages.json
index 6873e013636c..0040f88c9803 100644
--- a/apps/desktop/src/locales/nl/messages.json
+++ b/apps/desktop/src/locales/nl/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Browserintegratie wordt gebruikt voor biometrie in de browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Verzeker je ervan dat de getoonde vingerafdruk hetzelfde is als de vingerafdruk in de browserextensie."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrie niet ingeschakeld"
   },
diff --git a/apps/desktop/src/locales/nn/messages.json b/apps/desktop/src/locales/nn/messages.json
index 039d20261fc2..27cb9423df41 100644
--- a/apps/desktop/src/locales/nn/messages.json
+++ b/apps/desktop/src/locales/nn/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/pl/messages.json b/apps/desktop/src/locales/pl/messages.json
index d6d32e155702..7653d6143a36 100644
--- a/apps/desktop/src/locales/pl/messages.json
+++ b/apps/desktop/src/locales/pl/messages.json
@@ -875,7 +875,7 @@
     "message": "Podczas bezczynności systemu"
   },
   "onSleep": {
-    "message": "Podczas uśpienia systemu"
+    "message": "Po uśpieniu komputera"
   },
   "onLocked": {
     "message": "Po zablokowaniu komputera"
@@ -901,7 +901,7 @@
     "message": "Pokaż ikony witryn"
   },
   "faviconDesc": {
-    "message": "Pokaż rozpoznawalny obraz obok każdych danych logowania."
+    "message": "Pokaż rozpoznawalny obraz obok danych logowania."
   },
   "enableMinToTray": {
     "message": "Minimalizuj do zasobnika systemowego"
@@ -1281,7 +1281,7 @@
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "loadAccessibilityCookie": {
-    "message": "Załaduj ciasteczko ułatwień dostępu"
+    "message": "Załaduj pliki cookies ułatwień dostępu"
   },
   "registerAccessibilityUser": {
     "message": "Zarejestruj się jako użytkownik ułatwień dostępu na",
@@ -1291,7 +1291,7 @@
     "message": "Skopiuj i wklej link wysłany na poniższy adres e-mail"
   },
   "enterhCaptchaUrl": {
-    "message": "Wpisz adres URL, aby załadować ciasteczko ułatwień dostępu dla hCaptcha",
+    "message": "Wpisz adres URL, aby załadować pliki cookies ułatwień dostępu dla hCaptcha",
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "hCaptchaUrlRequired": {
@@ -1299,16 +1299,16 @@
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "invalidUrl": {
-    "message": "Nieprawidłowy adres URL"
+    "message": "Adres URL jest nieprawidłowy"
   },
   "done": {
     "message": "Gotowe"
   },
   "accessibilityCookieSaved": {
-    "message": "Zapisano ciasteczko ułatwień dostępu!"
+    "message": "Pliki cookies ułatwień dostępu zostały zapisane!"
   },
   "noAccessibilityCookieSaved": {
-    "message": "Brak zapisanych ciasteczek ułatwień dostępu"
+    "message": "Brak zapisanych plików cookies ułatwień dostępu"
   },
   "warning": {
     "message": "UWAGA",
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Połączenie z przeglądarką jest używane do odblokowania danymi biometrycznymi."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Włącz połączenie z przeglądarką DuckDuckGo"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Korzystaj z sejfu Bitwarden podczas przeglądania za pomocą DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Połączenie z przeglądarką nie jest obsługiwane"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Upewnij się, że wyświetlony identyfikator jest identyczny z pokazanym w rozszerzeniu przeglądarki."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ chce połączyć się z Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Czy chcesz zatwierdzić to żądanie?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Jeśli to żądanie nie zostało zainicjowane przez Ciebie, nie zatwierdzaj go."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Dane biometryczne są wyłączone"
   },
diff --git a/apps/desktop/src/locales/pt_BR/messages.json b/apps/desktop/src/locales/pt_BR/messages.json
index e84ef3c9c92f..f27f6cee8d31 100644
--- a/apps/desktop/src/locales/pt_BR/messages.json
+++ b/apps/desktop/src/locales/pt_BR/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "A integração do navegador é usada para biometria no navegador."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Integração com o navegador não suportado"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Por favor, certifique-se que a impressão digital mostrada é idêntica à impressão digital exibida na extensão do navegador."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometria não ativada"
   },
diff --git a/apps/desktop/src/locales/pt_PT/messages.json b/apps/desktop/src/locales/pt_PT/messages.json
index f21b0273f4aa..524f4209836f 100644
--- a/apps/desktop/src/locales/pt_PT/messages.json
+++ b/apps/desktop/src/locales/pt_PT/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Integração com o navegador não suportada"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/ro/messages.json b/apps/desktop/src/locales/ro/messages.json
index 2b772cd4d7c4..3a54501d7098 100644
--- a/apps/desktop/src/locales/ro/messages.json
+++ b/apps/desktop/src/locales/ro/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Folosit pentru biometrie în browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Permiteți integrarea de browser DuckDuckGo"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Utilizați seiful Bitwarden atunci când navigați cu DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Integrarea browserului nu este acceptată"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Vă rugăm să vă asigurați că amprenta afișată este identică cu amprenta indicată în extensia browserului."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ vrea să se conecteze la Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Vreți să aprobați această solicitare?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Dacă nu ați inițiat această solicitare, nu o aprobați."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometria nu a fost activată"
   },
diff --git a/apps/desktop/src/locales/ru/messages.json b/apps/desktop/src/locales/ru/messages.json
index a01a86c8bfc7..84e67f00232a 100644
--- a/apps/desktop/src/locales/ru/messages.json
+++ b/apps/desktop/src/locales/ru/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Используется для биометрии в браузере."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Интеграция с браузером не поддерживается"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Пожалуйста, убедитесь, что отображаемый отпечаток идентичен отпечатку, отображаемому в расширении браузера."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Биометрия не включена"
   },
diff --git a/apps/desktop/src/locales/si/messages.json b/apps/desktop/src/locales/si/messages.json
index 2798e2836b26..32eebc8e99eb 100644
--- a/apps/desktop/src/locales/si/messages.json
+++ b/apps/desktop/src/locales/si/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/sk/messages.json b/apps/desktop/src/locales/sk/messages.json
index 6df419388d9f..a0d1cd364317 100644
--- a/apps/desktop/src/locales/sk/messages.json
+++ b/apps/desktop/src/locales/sk/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Integrácia v prehliadači sa používa na biometriu v prehliadači."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Povoliť integráciu prehliadača DuckDuckGo"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Používajte svoj trezor Bitwarden pri prehliadaní pomocou DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Integrácia v prehliadači nie je podporovaná"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Uistite sa, že zobrazený odtlačok prsta je identický s odtlačkom prsta zobrazeným v rozšírení prehliadača."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ sa chce pripojiť k Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Chcete túto žiadosť schváliť?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Ak ste túto žiadosť neiniciovali, neschvaľujte ju."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometria nie je aktivovaná"
   },
diff --git a/apps/desktop/src/locales/sl/messages.json b/apps/desktop/src/locales/sl/messages.json
index 17e81de0a6e5..34e557dc68ed 100644
--- a/apps/desktop/src/locales/sl/messages.json
+++ b/apps/desktop/src/locales/sl/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/sr/messages.json b/apps/desktop/src/locales/sr/messages.json
index f4ca5f106101..1d01f438130f 100644
--- a/apps/desktop/src/locales/sr/messages.json
+++ b/apps/desktop/src/locales/sr/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Интеграција прегледача се користи за биометрију у прегледачу."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Интеграција са претраживачем није подржана"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Уверите се да је приказани отисак идентичан отиску приказаном у додатку прегледача."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Биометрија није омогућена"
   },
diff --git a/apps/desktop/src/locales/sv/messages.json b/apps/desktop/src/locales/sv/messages.json
index efdf0ae195ad..aa99b529b13c 100644
--- a/apps/desktop/src/locales/sv/messages.json
+++ b/apps/desktop/src/locales/sv/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Webbläsarintegration används för biometri i webbläsaren."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Webbläsarintegration stödjs inte"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Säkerställ att det fingeravtrycket som visas är identiskt med fingeravtrycket som visas i webbläsartillägget."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometri är inte aktiverat"
   },
diff --git a/apps/desktop/src/locales/th/messages.json b/apps/desktop/src/locales/th/messages.json
index 522055688776..cfdde1e07004 100644
--- a/apps/desktop/src/locales/th/messages.json
+++ b/apps/desktop/src/locales/th/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/tr/messages.json b/apps/desktop/src/locales/tr/messages.json
index 5195e7881052..5919d1fc067b 100644
--- a/apps/desktop/src/locales/tr/messages.json
+++ b/apps/desktop/src/locales/tr/messages.json
@@ -126,7 +126,7 @@
     "message": "Panoya kaydederken küçült"
   },
   "minimizeOnCopyToClipboardDesc": {
-    "message": "Bir kaydın verilerini panoya kopyalarken simge durumuna küçült."
+    "message": "Bir kaydın verilerini panoya kopyalarken uygulamayı simge durumuna küçült."
   },
   "toggleVisibility": {
     "message": "Görünürlüğü aç/kapat"
@@ -731,7 +731,7 @@
     "message": "Çıkmak istediğinize emin misiniz?"
   },
   "logOut": {
-    "message": "Çıkış Yap"
+    "message": "Çıkış yap"
   },
   "addNewLogin": {
     "message": "Yeni hesap ekle"
@@ -758,10 +758,10 @@
     "message": "Parola oluşturucu"
   },
   "contactUs": {
-    "message": "Bize Ulaşın"
+    "message": "Bize ulaşın"
   },
   "getHelp": {
-    "message": "Yardım Alın"
+    "message": "Yardım al"
   },
   "fileBugReport": {
     "message": "Hata bildirin"
@@ -790,7 +790,7 @@
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "goToWebVault": {
-    "message": "Web Kasasına Git"
+    "message": "Web kasasına git"
   },
   "getMobileApp": {
     "message": "Mobil uygulamayı indir"
@@ -836,7 +836,7 @@
     "message": "Kasa zaman aşımı"
   },
   "vaultTimeoutDesc": {
-    "message": "Kasanızın zaman aşımına uğrayacağı ve seçilen işlemi gerçekleştirmede seçin."
+    "message": "Kasa zaman aşımı eyleminin ne zaman gerçekleştirileceğini seçin."
   },
   "immediately": {
     "message": "Hemen"
@@ -890,7 +890,7 @@
     "message": "Güvenlik"
   },
   "clearClipboard": {
-    "message": "Panoyu Temizle",
+    "message": "Panoyu temizle",
     "description": "Clipboard is the operating system thing where you copy/paste data to on your device."
   },
   "clearClipboardDesc": {
@@ -904,7 +904,7 @@
     "message": "Hesapların yanında tanıdık görseller göster."
   },
   "enableMinToTray": {
-    "message": "Sistem çubuğu ikonuna küçült"
+    "message": "Tepsi simgesine küçült"
   },
   "enableMinToTrayDesc": {
     "message": "Pencere küçültülünce sistem tepsisinde bir simge göster."
@@ -988,7 +988,7 @@
     "description": "Copy to clipboard"
   },
   "checkForUpdates": {
-    "message": "Güncellemeleri denetle"
+    "message": "Güncellemeleri denetle…"
   },
   "version": {
     "message": "Sürüm $VERSION_NUM$",
@@ -1412,7 +1412,7 @@
     "message": "Tercihler"
   },
   "enableMenuBar": {
-    "message": "Menü Çubuğu Simgesini Etkinleştir"
+    "message": "Menü çubuğu simgesini göster"
   },
   "enableMenuBarDesc": {
     "message": "Menü çubuğunda her zaman bir simge göster."
@@ -1458,7 +1458,7 @@
     "message": "Kasa zaman aşımı eylemi"
   },
   "vaultTimeoutActionLockDesc": {
-    "message": "Kilitli bir kasaya tekrar erişebilmeniz için ana şifrenizi tekrar girmeniz gerekir."
+    "message": "Kasaya tekrar erişmek için ana parolayı veya başka bir kilit açma yöntemini kullanmanız gerekir."
   },
   "vaultTimeoutActionLogOutDesc": {
     "message": "Çıkış yapılmış bir kasaya tekrardan erişmek için yeniden kimlik doğrulaması gerekir."
@@ -1565,10 +1565,16 @@
     "message": "Hizmet Koşulları ve Gizlilik Politikası kabul edilmemiş."
   },
   "enableBrowserIntegration": {
-    "message": "Tarayıcı entegrasyonunu etkinleştir"
+    "message": "Tarayıcı entegrasyonuna izin ver"
   },
   "enableBrowserIntegrationDesc": {
-    "message": "Tarayıcı entegrasyonu tarayıcıda biyometrik doğrulama için kullanılır."
+    "message": "Tarayıcıda biyometrik doğrulama için kullanılır."
+  },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "DuckDuckGo tarayıcı entegrasyonuna izin ver"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "DuckDuckGo ile gezinirken Bitwarden kasanızı kullanın."
   },
   "browserIntegrationUnsupportedTitle": {
     "message": "Tarayıcı entegrasyonu desteklenmiyor"
@@ -1586,7 +1592,7 @@
     "message": "Tarayıcı entegrasyonu için doğrulamayı zorunlu kıl"
   },
   "enableBrowserIntegrationFingerprintDesc": {
-    "message": "Masaüstü uygulamanızla ve tarayıcınız arasında bağlantı kurulurken parmak izi ifadesi doğrulamasını zorunlu kılarak ek bir güvenlik önlemi alabilirsiniz. Bu ayar açıldıktan sonra her bağlantı kurulduğunda tekrar doğrulama yapmanız gerekir."
+    "message": "Masaüstü uygulamanızla tarayıcınız arasında bağlantı kurulurken parmak izi ifadesi doğrulamasını zorunlu kılarak ek bir güvenlik önlemi alabilirsiniz. Bu ayarı açarsanız her bağlantı kurulduğunda tekrar doğrulama yapmanız gerekir."
   },
   "approve": {
     "message": "Onayla"
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Lütfen gösterilen parmak izinin tarayıcı eklentisinde gösterilen parmak iziyle aynı olduğundan emin olun."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ Bitwarden'a bağlanmak istiyor",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Bu isteği onaylamak ister misiniz?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Bu isteği siz başlatmadıysanız onaylamayın."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biyometri etkin değil"
   },
@@ -1894,10 +1915,10 @@
     "message": "Oturumunuzun süresi doldu. Lütfen geri dönüp yeniden giriş yapın."
   },
   "exportingPersonalVaultTitle": {
-    "message": "Kişisel Kasanızı Dışarı Aktarın"
+    "message": "Kişisel Kasayı Dışa Aktar"
   },
   "exportingPersonalVaultDescription": {
-    "message": "Sadece $EMAIL$ ile ilişkili kişisel kasa ögeleri dışarı aktarılacak. Kuruluş kasasındaki ögeler dahil edilmeyecek.",
+    "message": "Yalnızca $EMAIL$ ile ilişkili kişisel kasadaki kayıtlar dışa aktarılacaktır. Kuruluş kasasındaki kayıtlar dahil edilmeyecektir.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -1989,7 +2010,7 @@
     "message": "Devre dışı kuruluşlardaki kayıtlara erişilemez. Destek almak için kuruluş sahibinizle iletişime geçin."
   },
   "neverLockWarning": {
-    "message": "\"Asla\" seçeneğini kullanmak istediğinizden emin misiniz? Kilit seçeneklerinizi \"Asla\" olarak ayarlamak, kasanızın şifreleme anahtarını cihazınızda saklar. Bu seçeneği kullanırsanız, cihazınızı uygun şekilde koruduğunuzdan emin olmalısınız."
+    "message": "\"Asla\" seçeneğini kullanmak istediğinizden emin misiniz? Kilit seçeneklerinizi \"Asla\" olarak ayarlarsanız kasanızın şifreleme anahtarı cihazınızda saklanacaktır. Bu seçeneği kullanırsanız cihazınızı çok iyi korumalısınız."
   },
   "cardBrandMir": {
     "message": "Mir"
diff --git a/apps/desktop/src/locales/uk/messages.json b/apps/desktop/src/locales/uk/messages.json
index 6eb04464e934..b8ef216840a6 100644
--- a/apps/desktop/src/locales/uk/messages.json
+++ b/apps/desktop/src/locales/uk/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Використовується для біометрії в браузері."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Дозволити інтеграцію з браузером DuckDuckGo"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Користуйтеся Bitwarden під час роботи з браузером DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Інтеграція з браузером не підтримується"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Переконайтеся, що показаний відбиток ідентичний відбитку в розширенні браузера."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ хоче з'єднатися з Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Бажаєте схвалити цей запит?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "Відхиліть цей запит, якщо ви його не ініціювали."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Біометрію не увімкнено"
   },
diff --git a/apps/desktop/src/locales/vi/messages.json b/apps/desktop/src/locales/vi/messages.json
index 676975929c55..d1609de42f76 100644
--- a/apps/desktop/src/locales/vi/messages.json
+++ b/apps/desktop/src/locales/vi/messages.json
@@ -45,7 +45,7 @@
     "message": "Chia sẻ"
   },
   "moveToOrganization": {
-    "message": "Move to Organization"
+    "message": "Chuyển tới Tổ chức"
   },
   "movedItemToOrg": {
     "message": "$ITEMNAME$ moved to $ORGNAME$",
@@ -61,7 +61,7 @@
     }
   },
   "moveToOrgDesc": {
-    "message": "Choose an organization that you wish to move this item to. Moving to an organization transfers ownership of the item to that organization. You will no longer be the direct owner of this item once it has been moved."
+    "message": "Chọn một tổ chức mà bạn muốn chuyển mục này tới. Việc di chuyển đến một tổ chức sẽ chuyển quyền sở hữu của mục sang tổ chức mà bạn chọn. Bạn sẽ không còn là chủ sở hữu trực tiếp của mục này một khi nó đã được chuyển."
   },
   "attachments": {
     "message": "Tệp đính kèm"
@@ -269,7 +269,7 @@
     "message": "Họ"
   },
   "fullName": {
-    "message": "Full Name"
+    "message": "Tên đầy đủ"
   },
   "address1": {
     "message": "Địa chỉ 1"
@@ -332,11 +332,11 @@
     "message": "Đúng/Sai"
   },
   "cfTypeLinked": {
-    "message": "Linked",
+    "message": "Đã liên kết",
     "description": "This describes a field that is 'linked' (related) to another field."
   },
   "linkedValue": {
-    "message": "Linked value",
+    "message": "Giá trị được liên kết",
     "description": "This describes a value that is 'linked' (related) to another value."
   },
   "remove": {
@@ -370,10 +370,10 @@
     "message": "Bạn có chắc chắn muốn ghi đè mật khẩu hiện tại không?"
   },
   "overwriteUsername": {
-    "message": "Overwrite Username"
+    "message": "Ghi đè tên người dùng"
   },
   "overwriteUsernameConfirmation": {
-    "message": "Are you sure you want to overwrite the current username?"
+    "message": "Bạn có chắc là muốn ghi đè tên người dùng hiện tại không?"
   },
   "noneFolder": {
     "message": "Không được phân loại",
@@ -401,16 +401,16 @@
     "message": "Độ dài"
   },
   "uppercase": {
-    "message": "Uppercase (A-Z)"
+    "message": "Chữ in hoa (A-Z)"
   },
   "lowercase": {
-    "message": "Lowercase (a-z)"
+    "message": "Chữ in thường (a-z)"
   },
   "numbers": {
-    "message": "Numbers (0-9)"
+    "message": "Chữ số (0-9)"
   },
   "specialCharacters": {
-    "message": "Special Characters (!@#$%^&*)"
+    "message": "Ký tự đặc biệt (!@#$%^&*)"
   },
   "numWords": {
     "message": "Number of Words"
@@ -533,13 +533,13 @@
     "message": "Địa chỉ email không hợp lệ."
   },
   "masterPasswordRequired": {
-    "message": "Master password is required."
+    "message": "Yêu cầu mật khẩu chính."
   },
   "confirmMasterPasswordRequired": {
-    "message": "Master password retype is required."
+    "message": "Yêu cầu nhập lại mật khẩu chính."
   },
   "masterPasswordMinlength": {
-    "message": "Master password must be at least 8 characters long."
+    "message": "Mật khẩu chính phải có ít nhất 8 kí tự."
   },
   "masterPassDoesntMatch": {
     "message": "Xác nhận mật khẩu chính không khớp."
@@ -560,25 +560,25 @@
     "message": "Không có mục nào để liệt kê."
   },
   "sendVerificationCode": {
-    "message": "Send a verification code to your email"
+    "message": "Gửi mã xác minh đến email của bạn"
   },
   "sendCode": {
-    "message": "Send Code"
+    "message": "Gửi mã"
   },
   "codeSent": {
-    "message": "Code Sent"
+    "message": "Đã gửi mã"
   },
   "verificationCode": {
     "message": "Mã xác nhận"
   },
   "confirmIdentity": {
-    "message": "Confirm your identity to continue."
+    "message": "Xác minh danh tính của bạn để tiếp tục."
   },
   "verificationCodeRequired": {
     "message": "Yêu cầu mã xác nhận."
   },
   "invalidVerificationCode": {
-    "message": "Invalid verification code"
+    "message": "Mã xác minh không hợp lệ"
   },
   "continue": {
     "message": "Tiếp tục"
@@ -650,7 +650,7 @@
     "message": "FIDO2 WebAuthn"
   },
   "webAuthnDesc": {
-    "message": "Use any WebAuthn enabled security key to access your account."
+    "message": "Sử dụng bất kỳ khoá bảo mật được kích hoạt WebAuthn nào để truy cập tài khoản của bạn."
   },
   "emailTitle": {
     "message": "Email"
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "Used for biometrics in browser."
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "Allow DuckDuckGo browser integration"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "Browser integration not supported"
   },
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ wants to connect to Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "Would you like to approve this request?"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "If you did not initiate this request, do not approve it."
+  },
   "biometricsNotEnabledTitle": {
     "message": "Biometrics not enabled"
   },
diff --git a/apps/desktop/src/locales/zh_CN/messages.json b/apps/desktop/src/locales/zh_CN/messages.json
index 512543acb9ea..caf13e94e0e4 100644
--- a/apps/desktop/src/locales/zh_CN/messages.json
+++ b/apps/desktop/src/locales/zh_CN/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "用于在浏览器中提供生物识别。"
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "允许 DuckDuckGo 浏览器集成"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "当使用 DuckDuckGo 浏览时，使用您的 Bitwarden 密码库。"
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "不支持浏览器集成"
   },
@@ -1577,7 +1583,7 @@
     "message": "很遗憾，目前仅 Mac App Store 版本支持浏览器集成。"
   },
   "browserIntegrationWindowsStoreDesc": {
-    "message": "很遗憾，Windows Store 版本目前不支持浏览器整合。"
+    "message": "很遗憾，Microsoft Store 版本目前不支持浏览器整合。"
   },
   "browserIntegrationLinuxDesc": {
     "message": "很遗憾，Linux 版本目前不支持浏览器集成。"
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "请确保显示的指纹与浏览器扩展中显示的指纹相同。"
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ 想要连接到 Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "您想要批准此请求吗？"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "如果您没有发起过此请求，请不要批准。"
+  },
   "biometricsNotEnabledTitle": {
     "message": "生物识别未启用"
   },
diff --git a/apps/desktop/src/locales/zh_TW/messages.json b/apps/desktop/src/locales/zh_TW/messages.json
index a07f09c84428..cff53e074c5a 100644
--- a/apps/desktop/src/locales/zh_TW/messages.json
+++ b/apps/desktop/src/locales/zh_TW/messages.json
@@ -1570,6 +1570,12 @@
   "enableBrowserIntegrationDesc": {
     "message": "用於在瀏覽器中提供生物特徵辨識。"
   },
+  "enableDuckDuckGoBrowserIntegration": {
+    "message": "允許 DuckDuckGo 瀏覽器整合"
+  },
+  "enableDuckDuckGoBrowserIntegrationDesc": {
+    "message": "使用 DuckDuckGo 瀏覽時，使用您的 Bitwarden 密碼庫。"
+  },
   "browserIntegrationUnsupportedTitle": {
     "message": "不支援瀏覽器整合"
   },
@@ -1577,7 +1583,7 @@
     "message": "很遺憾，目前僅 Mac App Store 版本支援瀏覽器整合功能。"
   },
   "browserIntegrationWindowsStoreDesc": {
-    "message": "很遺憾，Windows Store 版本目前尚不支援瀏覽器整合功能。"
+    "message": "很遺憾，Microsoft Store 版本目前尚不支援瀏覽器整合功能。"
   },
   "browserIntegrationLinuxDesc": {
     "message": "很遺憾，Linux 版本目前尚未支援瀏覽器整合功能。"
@@ -1597,6 +1603,21 @@
   "verifyBrowserDesc": {
     "message": "請確保顯示的指紋與瀏覽器擴充套件中顯示的指紋一致。"
   },
+  "verifyNativeMessagingConnectionTitle": {
+    "message": "$APPID$ 想要連線至 Bitwarden",
+    "placeholders": {
+      "appid": {
+        "content": "$1",
+        "example": "My App"
+      }
+    }
+  },
+  "verifyNativeMessagingConnectionDesc": {
+    "message": "您要核准此要求嗎？"
+  },
+  "verifyNativeMessagingConnectionWarning": {
+    "message": "如果您沒有發起過此要求，請不要核准它。"
+  },
   "biometricsNotEnabledTitle": {
     "message": "生物特徵辨識未啟用"
   },
diff --git a/apps/desktop/src/main.ts b/apps/desktop/src/main.ts
index 4d1ac739ef68..071cbebc33db 100644
--- a/apps/desktop/src/main.ts
+++ b/apps/desktop/src/main.ts
@@ -171,7 +171,10 @@ export class Main {
           await this.biometricMain.init();
         }
 
-        if (await this.stateService.getEnableBrowserIntegration()) {
+        if (
+          (await this.stateService.getEnableBrowserIntegration()) ||
+          (await this.stateService.getEnableDuckDuckGoBrowserIntegration())
+        ) {
           this.nativeMessagingMain.listen();
         }
 
diff --git a/apps/desktop/src/main/messaging.main.ts b/apps/desktop/src/main/messaging.main.ts
index ee19a99e1997..430949703bbd 100644
--- a/apps/desktop/src/main/messaging.main.ts
+++ b/apps/desktop/src/main/messaging.main.ts
@@ -68,10 +68,18 @@ export class MessagingMain {
         this.main.nativeMessagingMain.generateManifests();
         this.main.nativeMessagingMain.listen();
         break;
+      case "enableDuckDuckGoBrowserIntegration":
+        this.main.nativeMessagingMain.generateDdgManifests();
+        this.main.nativeMessagingMain.listen();
+        break;
       case "disableBrowserIntegration":
         this.main.nativeMessagingMain.removeManifests();
         this.main.nativeMessagingMain.stop();
         break;
+      case "disableDuckDuckGoBrowserIntegration":
+        this.main.nativeMessagingMain.removeDdgManifests();
+        this.main.nativeMessagingMain.stop();
+        break;
       default:
         break;
     }
diff --git a/apps/desktop/src/main/nativeMessaging.main.ts b/apps/desktop/src/main/nativeMessaging.main.ts
index 90557cbb039c..0559d2ce96cf 100644
--- a/apps/desktop/src/main/nativeMessaging.main.ts
+++ b/apps/desktop/src/main/nativeMessaging.main.ts
@@ -163,6 +163,27 @@ export class NativeMessagingMain {
     }
   }
 
+  generateDdgManifests() {
+    const manifest = {
+      name: "com.8bit.bitwarden",
+      description: "Bitwarden desktop <-> DuckDuckGo bridge",
+      path: this.binaryPath(),
+      type: "stdio",
+    };
+    switch (process.platform) {
+      case "darwin": {
+        /* eslint-disable-next-line no-useless-escape */
+        const path = `${this.homedir()}/Library/Containers/com.duckduckgo.macos.browser/Data/Library/Application\ Support/NativeMessagingHosts/com.8bit.bitwarden.json`;
+        this.writeManifest(path, manifest).catch((e) =>
+          this.logService.error(`Error writing manifest for DuckDuckGo. ${e}`)
+        );
+        break;
+      }
+      default:
+        break;
+    }
+  }
+
   removeManifests() {
     switch (process.platform) {
       case "win32":
@@ -217,6 +238,21 @@ export class NativeMessagingMain {
     }
   }
 
+  removeDdgManifests() {
+    switch (process.platform) {
+      case "darwin": {
+        /* eslint-disable-next-line no-useless-escape */
+        const path = `${this.homedir()}/Library/Containers/com.duckduckgo.macos.browser/Data/Library/Application\ Support/NativeMessagingHosts/com.8bit.bitwarden.json`;
+        if (existsSync(path)) {
+          fs.unlink(path);
+        }
+        break;
+      }
+      default:
+        break;
+    }
+  }
+
   private getDarwinNMHS() {
     /* eslint-disable no-useless-escape */
     return {
diff --git a/apps/desktop/src/models/nativeMessaging/decryptedCommandData.ts b/apps/desktop/src/models/nativeMessaging/decryptedCommandData.ts
new file mode 100644
index 000000000000..0aea170f6e67
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/decryptedCommandData.ts
@@ -0,0 +1,6 @@
+import { EncryptedCommand } from "./encryptedCommand";
+
+export type DecryptedCommandData = {
+  command: EncryptedCommand;
+  payload?: any;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedCommand.ts b/apps/desktop/src/models/nativeMessaging/encryptedCommand.ts
new file mode 100644
index 000000000000..4f7bf9c60f71
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedCommand.ts
@@ -0,0 +1,6 @@
+export type EncryptedCommand =
+  | "bw-status"
+  | "bw-credential-retrieval"
+  | "bw-credential-create"
+  | "bw-credential-update"
+  | "bw-generate-password";
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessage.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessage.ts
new file mode 100644
index 000000000000..c7fd9913d110
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessage.ts
@@ -0,0 +1,8 @@
+import { EncString } from "@bitwarden/common/models/domain/encString";
+
+import { MessageCommon } from "./messageCommon";
+
+export type EncryptedMessage = MessageCommon & {
+  // Will decrypt to a DecryptedCommandData object
+  encryptedCommand: EncString;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialCreatePayload.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialCreatePayload.ts
new file mode 100644
index 000000000000..8c0b2115e29d
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialCreatePayload.ts
@@ -0,0 +1,7 @@
+export type CredentialCreatePayload = {
+  userId: string;
+  userName: string;
+  password: string;
+  name: string;
+  uri: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialRetrievePayload.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialRetrievePayload.ts
new file mode 100644
index 000000000000..69f10f63fc8b
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialRetrievePayload.ts
@@ -0,0 +1,4 @@
+export type CredentialRetrievePayload = {
+  userId: string;
+  uri: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialUpdatePayload.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialUpdatePayload.ts
new file mode 100644
index 000000000000..3f994d695db1
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/credentialUpdatePayload.ts
@@ -0,0 +1,8 @@
+export type CredentialUpdatePayload = {
+  userId: string;
+  userName: string;
+  password: string;
+  name: string;
+  uri: string;
+  credentialId: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/passwordGeneratePayload.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/passwordGeneratePayload.ts
new file mode 100644
index 000000000000..fc56488c609a
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessagePayloads/passwordGeneratePayload.ts
@@ -0,0 +1,3 @@
+export type PasswordGeneratePayload = {
+  userId: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponse.ts
new file mode 100644
index 000000000000..1abb81ba8f8c
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponse.ts
@@ -0,0 +1,7 @@
+import { EncString } from "@bitwarden/common/models/domain/encString";
+
+import { MessageCommon } from "./messageCommon";
+
+export type EncryptedMessageResponse = MessageCommon & {
+  encryptedPayload: EncString;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/accountStatusResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/accountStatusResponse.ts
new file mode 100644
index 000000000000..3d7e990e2801
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/accountStatusResponse.ts
@@ -0,0 +1,6 @@
+export type AccountStatusResponse = {
+  id: string;
+  email: string;
+  status: "locked" | "unlocked";
+  active: boolean;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/cannotDecryptErrorResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/cannotDecryptErrorResponse.ts
new file mode 100644
index 000000000000..93e4117b0309
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/cannotDecryptErrorResponse.ts
@@ -0,0 +1,3 @@
+export type CannotDecryptErrorResponse = {
+  error: "cannot-decrypt";
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/cipherResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/cipherResponse.ts
new file mode 100644
index 000000000000..8540bb4d0bd4
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/cipherResponse.ts
@@ -0,0 +1,7 @@
+export type CipherResponse = {
+  userId: string;
+  credentialId: string;
+  userName: string;
+  password: string;
+  name: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/encryptedMessageResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/encryptedMessageResponse.ts
new file mode 100644
index 000000000000..a10da2d85715
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/encryptedMessageResponse.ts
@@ -0,0 +1,16 @@
+import { AccountStatusResponse } from "./accountStatusResponse";
+import { CannotDecryptErrorResponse } from "./cannotDecryptErrorResponse";
+import { CipherResponse } from "./cipherResponse";
+import { FailureStatusResponse } from "./failureStatusResponse";
+import { GenerateResponse } from "./generateResponse";
+import { SuccessStatusResponse } from "./successStatusResponse";
+import { UserStatusErrorResponse } from "./userStatusErrorResponse";
+
+export type EncyptedMessageResponse =
+  | AccountStatusResponse[]
+  | CannotDecryptErrorResponse
+  | CipherResponse[]
+  | FailureStatusResponse
+  | GenerateResponse
+  | SuccessStatusResponse
+  | UserStatusErrorResponse;
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/failureStatusResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/failureStatusResponse.ts
new file mode 100644
index 000000000000..88e24ee65ea0
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/failureStatusResponse.ts
@@ -0,0 +1,3 @@
+export type FailureStatusResponse = {
+  status: "failure";
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/generateResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/generateResponse.ts
new file mode 100644
index 000000000000..5c636eddfa03
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/generateResponse.ts
@@ -0,0 +1,3 @@
+export type GenerateResponse = {
+  password: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/successStatusResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/successStatusResponse.ts
new file mode 100644
index 000000000000..61b835ffe18d
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/successStatusResponse.ts
@@ -0,0 +1,3 @@
+export type SuccessStatusResponse = {
+  status: "success";
+};
diff --git a/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/userStatusErrorResponse.ts b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/userStatusErrorResponse.ts
new file mode 100644
index 000000000000..165747a24621
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/encryptedMessageResponses/userStatusErrorResponse.ts
@@ -0,0 +1,3 @@
+export type UserStatusErrorResponse = {
+  error: "locked" | "not-active-user";
+};
diff --git a/apps/desktop/src/models/nativeMessaging/index.ts b/apps/desktop/src/models/nativeMessaging/index.ts
new file mode 100644
index 000000000000..1b0148c3f90f
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/index.ts
@@ -0,0 +1,25 @@
+export * from "./encryptedMessagePayloads/credentialCreatePayload";
+export * from "./encryptedMessagePayloads/credentialRetrievePayload";
+export * from "./encryptedMessagePayloads/credentialUpdatePayload";
+export * from "./encryptedMessagePayloads/passwordGeneratePayload";
+
+export * from "./encryptedMessageResponses/accountStatusResponse";
+export * from "./encryptedMessageResponses/cannotDecryptErrorResponse";
+export * from "./encryptedMessageResponses/cipherResponse";
+export * from "./encryptedMessageResponses/encryptedMessageResponse";
+export * from "./encryptedMessageResponses/failureStatusResponse";
+export * from "./encryptedMessageResponses/generateResponse";
+export * from "./encryptedMessageResponses/successStatusResponse";
+export * from "./encryptedMessageResponses/userStatusErrorResponse";
+
+export * from "./decryptedCommandData";
+export * from "./encryptedCommand";
+export * from "./encryptedMessage";
+export * from "./encryptedMessageResponse";
+export * from "./legacyMessage";
+export * from "./legacyMessageWrapper";
+export * from "./message";
+export * from "./messageCommon";
+export * from "./unencryptedCommand";
+export * from "./unencryptedMessage";
+export * from "./unencryptedMessageResponse";
diff --git a/apps/desktop/src/models/nativeMessaging/legacyMessage.ts b/apps/desktop/src/models/nativeMessaging/legacyMessage.ts
new file mode 100644
index 000000000000..a2bcf2aa7e5d
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/legacyMessage.ts
@@ -0,0 +1,8 @@
+export type LegacyMessage = {
+  command: string;
+
+  userId?: string;
+  timestamp?: number;
+
+  publicKey?: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/legacyMessageWrapper.ts b/apps/desktop/src/models/nativeMessaging/legacyMessageWrapper.ts
new file mode 100644
index 000000000000..65142540fa7f
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/legacyMessageWrapper.ts
@@ -0,0 +1,8 @@
+import { EncString } from "@bitwarden/common/models/domain/encString";
+
+import { LegacyMessage } from "./legacyMessage";
+
+export type LegacyMessageWrapper = {
+  message: LegacyMessage | EncString;
+  appId: string;
+};
diff --git a/apps/desktop/src/models/nativeMessaging/message.ts b/apps/desktop/src/models/nativeMessaging/message.ts
new file mode 100644
index 000000000000..25d96aa218a4
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/message.ts
@@ -0,0 +1,4 @@
+import { EncryptedMessage } from "./encryptedMessage";
+import { UnencryptedMessage } from "./unencryptedMessage";
+
+export type Message = UnencryptedMessage | EncryptedMessage;
diff --git a/apps/desktop/src/models/nativeMessaging/messageCommon.ts b/apps/desktop/src/models/nativeMessaging/messageCommon.ts
new file mode 100644
index 000000000000..d7a7e0904b8c
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/messageCommon.ts
@@ -0,0 +1,4 @@
+export interface MessageCommon {
+  version: number;
+  messageId: string;
+}
diff --git a/apps/desktop/src/models/nativeMessaging/unencryptedCommand.ts b/apps/desktop/src/models/nativeMessaging/unencryptedCommand.ts
new file mode 100644
index 000000000000..e9a14f8b769c
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/unencryptedCommand.ts
@@ -0,0 +1 @@
+export type UnencryptedCommand = "bw-handshake";
diff --git a/apps/desktop/src/models/nativeMessaging/unencryptedMessage.ts b/apps/desktop/src/models/nativeMessaging/unencryptedMessage.ts
new file mode 100644
index 000000000000..a665f312a980
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/unencryptedMessage.ts
@@ -0,0 +1,10 @@
+import { MessageCommon } from "./messageCommon";
+import { UnencryptedCommand } from "./unencryptedCommand";
+
+export type UnencryptedMessage = MessageCommon & {
+  command: UnencryptedCommand;
+  payload: {
+    publicKey: string;
+    applicationName: string;
+  };
+};
diff --git a/apps/desktop/src/models/nativeMessaging/unencryptedMessageResponse.ts b/apps/desktop/src/models/nativeMessaging/unencryptedMessageResponse.ts
new file mode 100644
index 000000000000..a564b1324e27
--- /dev/null
+++ b/apps/desktop/src/models/nativeMessaging/unencryptedMessageResponse.ts
@@ -0,0 +1,16 @@
+import { MessageCommon } from "./messageCommon";
+
+export type UnencryptedMessageResponse = MessageCommon &
+  (
+    | {
+        payload: {
+          status: "success";
+          sharedKey: string;
+        };
+      }
+    | {
+        payload: {
+          error: "canceled" | "locked" | "cannot-decrypt" | "version-discrepancy";
+        };
+      }
+  );
diff --git a/apps/desktop/src/services/encryptedMessageHandlerService.ts b/apps/desktop/src/services/encryptedMessageHandlerService.ts
new file mode 100644
index 000000000000..86c47d93df6a
--- /dev/null
+++ b/apps/desktop/src/services/encryptedMessageHandlerService.ts
@@ -0,0 +1,228 @@
+import { AuthService } from "@bitwarden/common/abstractions/auth.service";
+import { CipherService } from "@bitwarden/common/abstractions/cipher.service";
+import { MessagingService } from "@bitwarden/common/abstractions/messaging.service";
+import { PasswordGenerationService } from "@bitwarden/common/abstractions/passwordGeneration.service";
+import { PolicyService } from "@bitwarden/common/abstractions/policy/policy.service.abstraction";
+import { AuthenticationStatus } from "@bitwarden/common/enums/authenticationStatus";
+import { CipherType } from "@bitwarden/common/enums/cipherType";
+import { PolicyType } from "@bitwarden/common/enums/policyType";
+import { CipherView } from "@bitwarden/common/models/view/cipherView";
+import { LoginUriView } from "@bitwarden/common/models/view/loginUriView";
+import { LoginView } from "@bitwarden/common/models/view/loginView";
+
+import { DecryptedCommandData } from "src/models/nativeMessaging/decryptedCommandData";
+import { CredentialCreatePayload } from "src/models/nativeMessaging/encryptedMessagePayloads/credentialCreatePayload";
+import { CredentialRetrievePayload } from "src/models/nativeMessaging/encryptedMessagePayloads/credentialRetrievePayload";
+import { CredentialUpdatePayload } from "src/models/nativeMessaging/encryptedMessagePayloads/credentialUpdatePayload";
+import { PasswordGeneratePayload } from "src/models/nativeMessaging/encryptedMessagePayloads/passwordGeneratePayload";
+import { AccountStatusResponse } from "src/models/nativeMessaging/encryptedMessageResponses/accountStatusResponse";
+import { CipherResponse } from "src/models/nativeMessaging/encryptedMessageResponses/cipherResponse";
+import { EncyptedMessageResponse } from "src/models/nativeMessaging/encryptedMessageResponses/encryptedMessageResponse";
+import { FailureStatusResponse } from "src/models/nativeMessaging/encryptedMessageResponses/failureStatusResponse";
+import { GenerateResponse } from "src/models/nativeMessaging/encryptedMessageResponses/generateResponse";
+import { SuccessStatusResponse } from "src/models/nativeMessaging/encryptedMessageResponses/successStatusResponse";
+import { UserStatusErrorResponse } from "src/models/nativeMessaging/encryptedMessageResponses/userStatusErrorResponse";
+
+import { StateService } from "./state.service";
+
+export class EncryptedMessageHandlerService {
+  constructor(
+    private stateService: StateService,
+    private authService: AuthService,
+    private cipherService: CipherService,
+    private policyService: PolicyService,
+    private messagingService: MessagingService,
+    private passwordGenerationService: PasswordGenerationService
+  ) {}
+
+  async responseDataForCommand(
+    commandData: DecryptedCommandData
+  ): Promise<EncyptedMessageResponse> {
+    const { command, payload } = commandData;
+    switch (command) {
+      case "bw-status": {
+        return await this.statusCommandHandler();
+      }
+      case "bw-credential-retrieval": {
+        return await this.credentialretreivalCommandHandler(payload as CredentialRetrievePayload);
+      }
+      case "bw-credential-create": {
+        return await this.credentialCreateCommandHandler(payload as CredentialCreatePayload);
+      }
+      case "bw-credential-update": {
+        return await this.credentialUpdateCommandHandler(payload as CredentialUpdatePayload);
+      }
+      case "bw-generate-password": {
+        return await this.generateCommandHandler(payload as PasswordGeneratePayload);
+      }
+      default:
+        return {
+          error: "cannot-decrypt",
+        };
+    }
+  }
+
+  private async checkUserStatus(userId: string): Promise<string> {
+    const activeUserId = await this.stateService.getUserId();
+
+    if (userId !== activeUserId) {
+      return "not-active-user";
+    }
+
+    const authStatus = await this.authService.getAuthStatus(activeUserId);
+    if (authStatus !== AuthenticationStatus.Unlocked) {
+      return "locked";
+    }
+
+    return "valid";
+  }
+
+  private async statusCommandHandler(): Promise<AccountStatusResponse[]> {
+    const accounts = this.stateService.accounts.getValue();
+    const activeUserId = await this.stateService.getUserId();
+
+    if (!accounts || !Object.keys(accounts)) {
+      return [];
+    }
+
+    return Promise.all(
+      Object.keys(accounts).map(async (userId) => {
+        const authStatus = await this.authService.getAuthStatus(userId);
+        const email = await this.stateService.getEmail({ userId });
+
+        return {
+          id: userId,
+          email,
+          status: authStatus === AuthenticationStatus.Unlocked ? "unlocked" : "locked",
+          active: userId === activeUserId,
+        };
+      })
+    );
+  }
+
+  private async credentialretreivalCommandHandler(
+    payload: CredentialRetrievePayload
+  ): Promise<CipherResponse[] | UserStatusErrorResponse> {
+    if (payload.uri == null) {
+      return [];
+    }
+
+    const ciphersResponse: CipherResponse[] = [];
+    const activeUserId = await this.stateService.getUserId();
+    const authStatus = await this.authService.getAuthStatus(activeUserId);
+
+    if (authStatus !== AuthenticationStatus.Unlocked) {
+      return { error: "locked" };
+    }
+
+    const ciphers = await this.cipherService.getAllDecryptedForUrl(payload.uri);
+    ciphers.sort((a, b) => this.cipherService.sortCiphersByLastUsedThenName(a, b));
+
+    ciphers.forEach((c) => {
+      ciphersResponse.push({
+        userId: activeUserId,
+        credentialId: c.id,
+        userName: c.login.username,
+        password: c.login.password,
+        name: c.name,
+      } as CipherResponse);
+    });
+
+    return ciphersResponse;
+  }
+
+  private async credentialCreateCommandHandler(
+    payload: CredentialCreatePayload
+  ): Promise<SuccessStatusResponse | FailureStatusResponse | UserStatusErrorResponse> {
+    const userStatus = await this.checkUserStatus(payload.userId);
+    if (userStatus !== "valid") {
+      return { error: userStatus } as UserStatusErrorResponse;
+    }
+
+    const credentialCreatePayload = payload as CredentialCreatePayload;
+
+    if (
+      credentialCreatePayload.name == null ||
+      (await this.policyService.policyAppliesToUser(PolicyType.PersonalOwnership))
+    ) {
+      return { status: "failure" };
+    }
+
+    const cipherView = new CipherView();
+    cipherView.type = CipherType.Login;
+    cipherView.name = payload.name;
+    cipherView.login = new LoginView();
+    cipherView.login.password = credentialCreatePayload.password;
+    cipherView.login.username = credentialCreatePayload.userName;
+    cipherView.login.uris = [new LoginUriView()];
+    cipherView.login.uris[0].uri = credentialCreatePayload.uri;
+
+    try {
+      const encrypted = await this.cipherService.encrypt(cipherView);
+      await this.cipherService.saveWithServer(encrypted);
+
+      // Notify other clients of new login
+      await this.messagingService.send("addedCipher");
+      // Refresh Desktop ciphers list
+      await this.messagingService.send("refreshCiphers");
+
+      return { status: "success" };
+    } catch (error) {
+      return { status: "failure" };
+    }
+  }
+
+  private async credentialUpdateCommandHandler(
+    payload: CredentialUpdatePayload
+  ): Promise<SuccessStatusResponse | FailureStatusResponse | UserStatusErrorResponse> {
+    const userStatus = await this.checkUserStatus(payload.userId);
+    if (userStatus !== "valid") {
+      return { error: userStatus } as UserStatusErrorResponse;
+    }
+
+    const credentialUpdatePayload = payload as CredentialUpdatePayload;
+
+    if (credentialUpdatePayload.name == null) {
+      return { status: "failure" };
+    }
+
+    try {
+      const cipher = await this.cipherService.get(credentialUpdatePayload.credentialId);
+      if (cipher === null) {
+        return { status: "failure" };
+      }
+      const cipherView = await cipher.decrypt();
+      cipherView.name = credentialUpdatePayload.name;
+      cipherView.login.password = credentialUpdatePayload.password;
+      cipherView.login.username = credentialUpdatePayload.userName;
+      cipherView.login.uris[0].uri = credentialUpdatePayload.uri;
+      const encrypted = await this.cipherService.encrypt(cipherView);
+
+      await this.cipherService.saveWithServer(encrypted);
+
+      // Notify other clients of update
+      await this.messagingService.send("editedCipher");
+      // Refresh Desktop ciphers list
+      await this.messagingService.send("refreshCiphers");
+
+      return { status: "success" };
+    } catch (error) {
+      return { status: "failure" };
+    }
+  }
+
+  private async generateCommandHandler(
+    payload: PasswordGeneratePayload
+  ): Promise<GenerateResponse | UserStatusErrorResponse> {
+    const userStatus = await this.checkUserStatus(payload.userId);
+    if (userStatus !== "valid") {
+      return { error: userStatus } as UserStatusErrorResponse;
+    }
+
+    const options = (await this.passwordGenerationService.getOptions())[0];
+    const generatedValue = await this.passwordGenerationService.generatePassword(options);
+    await this.passwordGenerationService.addHistory(generatedValue);
+
+    return { password: generatedValue };
+  }
+}
diff --git a/apps/desktop/src/services/nativeMessageHandler.service.ts b/apps/desktop/src/services/nativeMessageHandler.service.ts
new file mode 100644
index 000000000000..138a2d5e7f54
--- /dev/null
+++ b/apps/desktop/src/services/nativeMessageHandler.service.ts
@@ -0,0 +1,221 @@
+import { Injectable } from "@angular/core";
+import { ipcRenderer } from "electron";
+import Swal from "sweetalert2";
+
+import { CryptoService } from "@bitwarden/common/abstractions/crypto.service";
+import { CryptoFunctionService } from "@bitwarden/common/abstractions/cryptoFunction.service";
+import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
+import { MessagingService } from "@bitwarden/common/abstractions/messaging.service";
+import { NativeMessagingVersion } from "@bitwarden/common/enums/nativeMessagingVersion";
+import { Utils } from "@bitwarden/common/misc/utils";
+import { EncString } from "@bitwarden/common/models/domain/encString";
+import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
+import { StateService } from "@bitwarden/common/services/state.service";
+
+import { DecryptedCommandData } from "src/models/nativeMessaging/decryptedCommandData";
+import { EncryptedMessage } from "src/models/nativeMessaging/encryptedMessage";
+import { EncryptedMessageResponse } from "src/models/nativeMessaging/encryptedMessageResponse";
+import { Message } from "src/models/nativeMessaging/message";
+import { UnencryptedMessage } from "src/models/nativeMessaging/unencryptedMessage";
+import { UnencryptedMessageResponse } from "src/models/nativeMessaging/unencryptedMessageResponse";
+
+import { EncryptedMessageHandlerService } from "./encryptedMessageHandlerService";
+
+const EncryptionAlgorithm = "sha1";
+
+@Injectable()
+export class NativeMessageHandlerService {
+  private ddgSharedSecret: SymmetricCryptoKey;
+
+  constructor(
+    private stateService: StateService,
+    private cryptoService: CryptoService,
+    private cryptoFunctionService: CryptoFunctionService,
+    private messagingService: MessagingService,
+    private i18nService: I18nService,
+    private encryptedMessageHandlerService: EncryptedMessageHandlerService
+  ) {}
+
+  async handleMessage(message: Message) {
+    const decryptedCommand = message as UnencryptedMessage;
+    if (message.version != NativeMessagingVersion.Latest) {
+      this.sendResponse({
+        messageId: message.messageId,
+        version: NativeMessagingVersion.Latest,
+        payload: {
+          error: "version-discrepancy",
+        },
+      });
+    } else {
+      if (decryptedCommand.command === "bw-handshake") {
+        await this.handleDecryptedMessage(decryptedCommand);
+      } else {
+        await this.handleEncryptedMessage(message as EncryptedMessage);
+      }
+    }
+  }
+
+  private async handleDecryptedMessage(message: UnencryptedMessage) {
+    const { messageId, payload } = message;
+    const { publicKey, applicationName } = payload;
+    if (!publicKey) {
+      this.sendResponse({
+        messageId: messageId,
+        version: NativeMessagingVersion.Latest,
+        payload: {
+          error: "cannot-decrypt",
+        },
+      });
+      return;
+    }
+
+    try {
+      const remotePublicKey = Utils.fromB64ToArray(publicKey).buffer;
+      const ddgEnabled = await this.stateService.getEnableDuckDuckGoBrowserIntegration();
+
+      if (!ddgEnabled) {
+        this.sendResponse({
+          messageId: messageId,
+          version: NativeMessagingVersion.Latest,
+          payload: {
+            error: "canceled",
+          },
+        });
+
+        return;
+      }
+
+      // Ask for confirmation from user
+      this.messagingService.send("setFocus");
+      const submitted = await Swal.fire({
+        heightAuto: false,
+        titleText: this.i18nService.t("verifyNativeMessagingConnectionTitle", applicationName),
+        html: `${this.i18nService.t("verifyNativeMessagingConnectionDesc")}<br>${this.i18nService.t(
+          "verifyNativeMessagingConnectionWarning"
+        )}`,
+        showCancelButton: true,
+        cancelButtonText: this.i18nService.t("no"),
+        showConfirmButton: true,
+        confirmButtonText: this.i18nService.t("yes"),
+        allowOutsideClick: false,
+        focusCancel: true,
+      });
+
+      if (submitted.value !== true) {
+        this.sendResponse({
+          messageId: messageId,
+          version: NativeMessagingVersion.Latest,
+          payload: {
+            error: "canceled",
+          },
+        });
+        return;
+      }
+
+      const secret = await this.cryptoFunctionService.randomBytes(64);
+      this.ddgSharedSecret = new SymmetricCryptoKey(secret);
+      const sharedKeyB64 = new SymmetricCryptoKey(secret).toJSON().keyB64;
+
+      await this.stateService.setDuckDuckGoSharedKey(sharedKeyB64);
+
+      const encryptedSecret = await this.cryptoFunctionService.rsaEncrypt(
+        secret,
+        remotePublicKey,
+        EncryptionAlgorithm
+      );
+
+      this.sendResponse({
+        messageId: messageId,
+        version: NativeMessagingVersion.Latest,
+        payload: {
+          status: "success",
+          sharedKey: Utils.fromBufferToB64(encryptedSecret),
+        },
+      });
+    } catch (error) {
+      this.sendResponse({
+        messageId: messageId,
+        version: NativeMessagingVersion.Latest,
+        payload: {
+          error: "cannot-decrypt",
+        },
+      });
+    }
+  }
+
+  private async handleEncryptedMessage(message: EncryptedMessage) {
+    message.encryptedCommand = EncString.fromJSON(message.encryptedCommand.toString());
+    const decryptedCommandData = await this.decryptPayload(message);
+    const { command } = decryptedCommandData;
+
+    try {
+      const responseData = await this.encryptedMessageHandlerService.responseDataForCommand(
+        decryptedCommandData
+      );
+
+      await this.sendEncryptedResponse(message, { command, payload: responseData });
+    } catch (error) {
+      this.sendEncryptedResponse(message, { command, payload: {} });
+    }
+  }
+
+  private async encryptPayload(
+    payload: DecryptedCommandData,
+    key: SymmetricCryptoKey
+  ): Promise<EncString> {
+    return await this.cryptoService.encrypt(JSON.stringify(payload), key);
+  }
+
+  private async decryptPayload(message: EncryptedMessage): Promise<DecryptedCommandData> {
+    if (!this.ddgSharedSecret) {
+      const storedKey = await this.stateService.getDuckDuckGoSharedKey();
+      if (storedKey == null) {
+        this.sendResponse({
+          messageId: message.messageId,
+          version: NativeMessagingVersion.Latest,
+          payload: {
+            error: "cannot-decrypt",
+          },
+        });
+        return;
+      }
+      this.ddgSharedSecret = SymmetricCryptoKey.fromJSON({ keyB64: storedKey });
+    }
+
+    return JSON.parse(
+      await this.cryptoService.decryptToUtf8(
+        message.encryptedCommand as EncString,
+        this.ddgSharedSecret
+      )
+    );
+  }
+
+  private async sendEncryptedResponse(
+    originalMessage: EncryptedMessage,
+    response: DecryptedCommandData
+  ) {
+    if (!this.ddgSharedSecret) {
+      this.sendResponse({
+        messageId: originalMessage.messageId,
+        version: NativeMessagingVersion.Latest,
+        payload: {
+          error: "cannot-decrypt",
+        },
+      });
+
+      return;
+    }
+
+    const encryptedPayload = await this.encryptPayload(response, this.ddgSharedSecret);
+
+    this.sendResponse({
+      messageId: originalMessage.messageId,
+      version: NativeMessagingVersion.Latest,
+      encryptedPayload,
+    });
+  }
+
+  private sendResponse(response: EncryptedMessageResponse | UnencryptedMessageResponse) {
+    ipcRenderer.send("nativeMessagingReply", response);
+  }
+}
diff --git a/apps/desktop/src/services/nativeMessaging.service.ts b/apps/desktop/src/services/nativeMessaging.service.ts
index 695f3b3b3f2e..11d59472bfd0 100644
--- a/apps/desktop/src/services/nativeMessaging.service.ts
+++ b/apps/desktop/src/services/nativeMessaging.service.ts
@@ -14,22 +14,14 @@ import { Utils } from "@bitwarden/common/misc/utils";
 import { EncString } from "@bitwarden/common/models/domain/encString";
 import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
 
-const MessageValidTimeout = 10 * 1000;
-const EncryptionAlgorithm = "sha1";
-
-type Message = {
-  command: string;
+import { LegacyMessage } from "src/models/nativeMessaging/legacyMessage";
+import { LegacyMessageWrapper } from "src/models/nativeMessaging/legacyMessageWrapper";
+import { Message } from "src/models/nativeMessaging/message";
 
-  userId?: string;
-  timestamp?: number;
+import { NativeMessageHandlerService } from "./nativeMessageHandler.service";
 
-  publicKey?: string;
-};
-
-type OuterMessage = {
-  message: Message | EncString;
-  appId: string;
-};
+const MessageValidTimeout = 10 * 1000;
+const EncryptionAlgorithm = "sha1";
 
 @Injectable()
 export class NativeMessagingService {
@@ -42,7 +34,8 @@ export class NativeMessagingService {
     private logService: LogService,
     private i18nService: I18nService,
     private messagingService: MessagingService,
-    private stateService: StateService
+    private stateService: StateService,
+    private nativeMessageHandler: NativeMessageHandlerService
   ) {}
 
   init() {
@@ -51,15 +44,20 @@ export class NativeMessagingService {
     });
   }
 
-  private async messageHandler(msg: OuterMessage) {
-    const appId = msg.appId;
-    const rawMessage = msg.message;
+  private async messageHandler(msg: LegacyMessageWrapper | Message) {
+    const outerMessage = msg as Message;
+    if (outerMessage.version) {
+      this.nativeMessageHandler.handleMessage(outerMessage);
+      return;
+    }
+
+    const { appId, message: rawMessage } = msg as LegacyMessageWrapper;
 
     // Request to setup secure encryption
     if ("command" in rawMessage && rawMessage.command === "setupEncryption") {
       const remotePublicKey = Utils.fromB64ToArray(rawMessage.publicKey).buffer;
 
-      // Valudate the UserId to ensure we are logged into the same account.
+      // Validate the UserId to ensure we are logged into the same account.
       const userIds = Object.keys(this.stateService.accounts.getValue());
       if (!userIds.includes(rawMessage.userId)) {
         ipcRenderer.send("nativeMessagingReply", { command: "wrongUserId", appId: appId });
@@ -103,7 +101,7 @@ export class NativeMessagingService {
       return;
     }
 
-    const message: Message = JSON.parse(
+    const message: LegacyMessage = JSON.parse(
       await this.cryptoService.decryptToUtf8(rawMessage as EncString, this.sharedSecrets.get(appId))
     );
 
diff --git a/apps/web/config/base.json b/apps/web/config/base.json
index cab6fbe950f5..8eb8a3113359 100644
--- a/apps/web/config/base.json
+++ b/apps/web/config/base.json
@@ -10,5 +10,7 @@
     "port": 8080,
     "allowedHosts": "auto"
   },
-  "flags": {}
+  "flags": {
+    "showPasswordless": false
+  }
 }
diff --git a/apps/web/config/cloud.json b/apps/web/config/cloud.json
index 96d692f7e8dd..5bd5e6b0608e 100644
--- a/apps/web/config/cloud.json
+++ b/apps/web/config/cloud.json
@@ -16,6 +16,7 @@
     "proxyEvents": "https://events.bitwarden.com"
   },
   "flags": {
-    "showTrial": true
+    "showTrial": true,
+    "showPasswordless": false
   }
 }
diff --git a/apps/web/config/development.json b/apps/web/config/development.json
index e3048db7a228..f460a1659aa4 100644
--- a/apps/web/config/development.json
+++ b/apps/web/config/development.json
@@ -10,6 +10,7 @@
     "proxyNotifications": "http://localhost:61840"
   },
   "flags": {
-    "showTrial": true
+    "showTrial": true,
+    "showPasswordless": true
   }
 }
diff --git a/apps/web/config/qa.json b/apps/web/config/qa.json
index 4371ea1ff98c..a0d1b0e88c3f 100644
--- a/apps/web/config/qa.json
+++ b/apps/web/config/qa.json
@@ -10,6 +10,7 @@
     "proxyEvents": "https://events.qa.bitwarden.pw"
   },
   "flags": {
-    "showTrial": true
+    "showTrial": true,
+    "showPasswordless": true
   }
 }
diff --git a/apps/web/config/selfhosted.json b/apps/web/config/selfhosted.json
index 3ba61fda5960..b37a92260432 100644
--- a/apps/web/config/selfhosted.json
+++ b/apps/web/config/selfhosted.json
@@ -7,6 +7,7 @@
     "port": 8081
   },
   "flags": {
-    "showTrial": false
+    "showTrial": false,
+    "showPasswordless": false
   }
 }
diff --git a/apps/web/package.json b/apps/web/package.json
index 4f6a2a0e802a..cc146e56123a 100644
--- a/apps/web/package.json
+++ b/apps/web/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@bitwarden/web-vault",
-  "version": "2022.9.1",
+  "version": "2022.9.2",
   "scripts": {
     "build:oss": "webpack",
     "build:bit": "webpack -c ../../bitwarden_license/bit-web/webpack.config.js",
diff --git a/apps/web/src/app/accounts/login.component.html b/apps/web/src/app/accounts/login.component.html
deleted file mode 100644
index e0c4ef68db79..000000000000
--- a/apps/web/src/app/accounts/login.component.html
+++ /dev/null
@@ -1,102 +0,0 @@
-<form #form (ngSubmit)="submit()" [appApiAction]="formPromise" class="container" ngNativeValidate>
-  <div class="row justify-content-md-center mt-5">
-    <div class="col-5">
-      <img class="mb-2 logo logo-themed" alt="Bitwarden" />
-      <p class="lead text-center mx-4 mb-4">{{ "loginOrCreateNewAccount" | i18n }}</p>
-      <div class="card d-block">
-        <div class="card-body">
-          <app-callout
-            type="warning"
-            title="{{ 'resetPasswordPolicyAutoEnroll' | i18n }}"
-            *ngIf="showResetPasswordAutoEnrollWarning"
-          >
-            {{ "resetPasswordAutoEnrollInviteWarning" | i18n }}
-          </app-callout>
-          <div class="form-group">
-            <label for="email">{{ "emailAddress" | i18n }}</label>
-            <input
-              id="email"
-              class="form-control"
-              type="text"
-              name="Email"
-              [(ngModel)]="email"
-              required
-              inputmode="email"
-              appInputVerbatim="false"
-            />
-          </div>
-          <div class="form-group">
-            <label for="masterPassword">{{ "masterPass" | i18n }}</label>
-            <div class="d-flex">
-              <input
-                id="masterPassword"
-                type="{{ showPassword ? 'text' : 'password' }}"
-                name="MasterPassword"
-                class="text-monospace form-control"
-                [(ngModel)]="masterPassword"
-                required
-                appInputVerbatim
-              />
-              <button
-                type="button"
-                class="ml-1 btn btn-link"
-                appA11yTitle="{{ 'toggleVisibility' | i18n }}"
-                (click)="togglePassword()"
-              >
-                <i
-                  class="bwi bwi-lg"
-                  aria-hidden="true"
-                  [ngClass]="{ 'bwi-eye': !showPassword, 'bwi-eye-slash': showPassword }"
-                ></i>
-              </button>
-            </div>
-            <small class="form-text">
-              <a routerLink="/hint">{{ "getMasterPasswordHint" | i18n }}</a>
-            </small>
-          </div>
-          <div class="form-check mb-3">
-            <input
-              type="checkbox"
-              class="form-check-input"
-              id="rememberEmail"
-              name="RememberEmail"
-              [(ngModel)]="rememberEmail"
-            />
-            <label class="form-check-label" for="rememberEmail">{{ "rememberEmail" | i18n }}</label>
-          </div>
-          <div class="mb-n3" [hidden]="!showCaptcha()">
-            <iframe id="hcaptcha_iframe" height="80"></iframe>
-          </div>
-          <hr />
-          <div class="d-flex">
-            <button
-              type="submit"
-              class="btn btn-primary btn-block btn-submit"
-              [disabled]="form.loading"
-            >
-              <span> <i class="bwi bwi-sign-in" aria-hidden="true"></i> {{ "logIn" | i18n }} </span>
-              <i
-                class="bwi bwi-spinner bwi-spin"
-                title="{{ 'loading' | i18n }}"
-                aria-hidden="true"
-              ></i>
-            </button>
-            <a
-              routerLink="/register"
-              [queryParams]="{ email: email }"
-              class="btn btn-outline-secondary btn-block ml-2 mt-0"
-            >
-              <i class="bwi bwi-pencil-square" aria-hidden="true"></i>
-              {{ "createAccount" | i18n }}
-            </a>
-          </div>
-          <div class="d-flex">
-            <a routerLink="/sso" class="btn btn-outline-secondary btn-block mt-2">
-              <i class="bwi bwi-bank" aria-hidden="true"></i> {{ "enterpriseSingleSignOn" | i18n }}
-            </a>
-          </div>
-        </div>
-      </div>
-    </div>
-  </div>
-</form>
diff --git a/apps/web/src/app/accounts/login/login-with-device.component.html b/apps/web/src/app/accounts/login/login-with-device.component.html
new file mode 100644
index 000000000000..3105a639ad35
--- /dev/null
+++ b/apps/web/src/app/accounts/login/login-with-device.component.html
@@ -0,0 +1,44 @@
+<div
+  class="tw-mx-auto tw-mt-5 tw-flex tw-max-w-lg tw-flex-col tw-items-center tw-justify-center tw-p-8"
+>
+  <div>
+    <img class="logo logo-themed" alt="Bitwarden" />
+    <p class="tw-mx-4 tw-mt-3 tw-mb-4 tw-text-center tw-text-xl">
+      {{ "loginOrCreateNewAccount" | i18n }}
+    </p>
+
+    <div
+      class="tw-mt-3 tw-rounded-md tw-border tw-border-solid tw-border-secondary-300 tw-bg-background tw-p-6"
+    >
+      <h2 class="tw-mb-6 tw-text-xl tw-font-semibold">{{ "logInInitiated" | i18n }}</h2>
+
+      <div class="tw-text-light">
+        <p class="tw-mb-6">{{ "notificationSentDevice" | i18n }}</p>
+
+        <p class="tw-mb-6">
+          {{ "fingerprintMatchInfo" | i18n }}
+        </p>
+      </div>
+
+      <div class="tw-mb-6">
+        <h4 class="tw-font-semibold">{{ "fingerprintPhraseHeader" | i18n }}</h4>
+        <p>
+          <code>{{ passwordlessRequest?.fingerprintPhrase }}</code>
+        </p>
+      </div>
+
+      <div class="tw-my-10" *ngIf="showResendNotification">
+        <a [routerLink]="[]" disabled="true" (click)="startPasswordlessLogin()">{{
+          "resendNotification" | i18n
+        }}</a>
+      </div>
+
+      <hr />
+
+      <div class="tw-text-light tw-mt-3">
+        {{ "loginWithDevciceEnabledInfo" | i18n }}
+        <a routerLink="/login">{{ "viewAllLoginOptions" | i18n }}</a>
+      </div>
+    </div>
+  </div>
+</div>
diff --git a/apps/web/src/app/accounts/login/login-with-device.component.ts b/apps/web/src/app/accounts/login/login-with-device.component.ts
new file mode 100644
index 000000000000..4c6f6268dfd7
--- /dev/null
+++ b/apps/web/src/app/accounts/login/login-with-device.component.ts
@@ -0,0 +1,175 @@
+import { Component, OnDestroy, OnInit } from "@angular/core";
+import { Router } from "@angular/router";
+import { Subject, takeUntil } from "rxjs";
+
+import { CaptchaProtectedComponent } from "@bitwarden/angular/components/captchaProtected.component";
+import { AnonymousHubService } from "@bitwarden/common/abstractions/anonymousHub.service";
+import { ApiService } from "@bitwarden/common/abstractions/api.service";
+import { AppIdService } from "@bitwarden/common/abstractions/appId.service";
+import { AuthService } from "@bitwarden/common/abstractions/auth.service";
+import { CryptoService } from "@bitwarden/common/abstractions/crypto.service";
+import { CryptoFunctionService } from "@bitwarden/common/abstractions/cryptoFunction.service";
+import { EnvironmentService } from "@bitwarden/common/abstractions/environment.service";
+import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
+import { LogService } from "@bitwarden/common/abstractions/log.service";
+import { PasswordGenerationService } from "@bitwarden/common/abstractions/passwordGeneration.service";
+import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service";
+import { StateService } from "@bitwarden/common/abstractions/state.service";
+import { AuthRequestType } from "@bitwarden/common/enums/authRequestType";
+import { Utils } from "@bitwarden/common/misc/utils";
+import { PasswordlessLogInCredentials } from "@bitwarden/common/models/domain/logInCredentials";
+import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
+import { PasswordlessCreateAuthRequest } from "@bitwarden/common/models/request/passwordlessCreateAuthRequest";
+import { AuthRequestResponse } from "@bitwarden/common/models/response/authRequestResponse";
+
+@Component({
+  selector: "app-login-with-device",
+  templateUrl: "login-with-device.component.html",
+})
+export class LoginWithDeviceComponent
+  extends CaptchaProtectedComponent
+  implements OnInit, OnDestroy
+{
+  private destroy$ = new Subject<void>();
+  email: string;
+  showResendNotification = false;
+  passwordlessRequest: PasswordlessCreateAuthRequest;
+  onSuccessfulLoginTwoFactorNavigate: () => Promise<any>;
+  onSuccessfulLogin: () => Promise<any>;
+  onSuccessfulLoginNavigate: () => Promise<any>;
+
+  protected twoFactorRoute = "2fa";
+  protected successRoute = "vault";
+  private authRequestKeyPair: [publicKey: ArrayBuffer, privateKey: ArrayBuffer];
+
+  constructor(
+    private router: Router,
+    private cryptoService: CryptoService,
+    private cryptoFunctionService: CryptoFunctionService,
+    private appIdService: AppIdService,
+    private passwordGenerationService: PasswordGenerationService,
+    private apiService: ApiService,
+    private authService: AuthService,
+    private logService: LogService,
+    private stateService: StateService,
+    environmentService: EnvironmentService,
+    i18nService: I18nService,
+    platformUtilsService: PlatformUtilsService,
+    private anonymousHubService: AnonymousHubService
+  ) {
+    super(environmentService, i18nService, platformUtilsService);
+
+    const navigation = this.router.getCurrentNavigation();
+    if (navigation) {
+      this.email = navigation.extras?.state?.email;
+    }
+
+    //gets signalR push notification
+    this.authService
+      .getPushNotifcationObs$()
+      .pipe(takeUntil(this.destroy$))
+      .subscribe((id) => {
+        this.confirmResponse(id);
+      });
+  }
+
+  async ngOnInit() {
+    if (!this.email) {
+      this.router.navigate(["/login"]);
+      return;
+    }
+
+    this.startPasswordlessLogin();
+  }
+
+  async startPasswordlessLogin() {
+    this.showResendNotification = false;
+
+    try {
+      await this.buildAuthRequest();
+      const reqResponse = await this.apiService.postAuthRequest(this.passwordlessRequest);
+
+      if (reqResponse.id) {
+        this.anonymousHubService.createHubConnection(reqResponse.id);
+      }
+    } catch (e) {
+      this.logService.error(e);
+    }
+
+    setTimeout(() => {
+      this.showResendNotification = true;
+    }, 12000);
+  }
+
+  ngOnDestroy(): void {
+    this.destroy$.next();
+    this.destroy$.complete();
+    this.anonymousHubService.stopHubConnection();
+  }
+
+  private async confirmResponse(requestId: string) {
+    try {
+      const response = await this.apiService.getAuthResponse(
+        requestId,
+        this.passwordlessRequest.accessCode
+      );
+
+      if (!response.requestApproved) {
+        return;
+      }
+
+      const credentials = await this.buildLoginCredntials(requestId, response);
+      await this.authService.logIn(credentials);
+      if (this.onSuccessfulLogin != null) {
+        this.onSuccessfulLogin();
+      }
+      if (this.onSuccessfulLoginNavigate != null) {
+        this.onSuccessfulLoginNavigate();
+      } else {
+        this.router.navigate([this.successRoute]);
+      }
+    } catch (error) {
+      this.logService.error(error);
+    }
+  }
+
+  private async buildAuthRequest() {
+    this.authRequestKeyPair = await this.cryptoFunctionService.rsaGenerateKeyPair(2048);
+    const fingerprint = await (
+      await this.cryptoService.getFingerprint(this.email, this.authRequestKeyPair[0])
+    ).join("-");
+    const deviceIdentifier = await this.appIdService.getAppId();
+    const publicKey = Utils.fromBufferToB64(this.authRequestKeyPair[0]);
+    const accessCode = await this.passwordGenerationService.generatePassword({ length: 25 });
+
+    this.passwordlessRequest = new PasswordlessCreateAuthRequest(
+      this.email,
+      deviceIdentifier,
+      publicKey,
+      AuthRequestType.AuthenticateAndUnlock,
+      accessCode,
+      fingerprint
+    );
+  }
+
+  private async buildLoginCredntials(
+    requestId: string,
+    response: AuthRequestResponse
+  ): Promise<PasswordlessLogInCredentials> {
+    const decKey = await this.cryptoService.rsaDecrypt(response.key, this.authRequestKeyPair[1]);
+    const decMasterPasswordHash = await this.cryptoService.rsaDecrypt(
+      response.masterPasswordHash,
+      this.authRequestKeyPair[1]
+    );
+    const key = new SymmetricCryptoKey(decKey);
+    const localHashedPassword = Utils.fromBufferToUtf8(decMasterPasswordHash);
+
+    return new PasswordlessLogInCredentials(
+      this.email,
+      this.passwordlessRequest.accessCode,
+      requestId,
+      key,
+      localHashedPassword
+    );
+  }
+}
diff --git a/apps/web/src/app/accounts/login/login.component.html b/apps/web/src/app/accounts/login/login.component.html
new file mode 100644
index 000000000000..7df9777f39c6
--- /dev/null
+++ b/apps/web/src/app/accounts/login/login.component.html
@@ -0,0 +1,121 @@
+<form
+  #form
+  (ngSubmit)="submit()"
+  [appApiAction]="formPromise"
+  class="tw-container tw-mx-auto"
+  [formGroup]="formGroup"
+>
+  <div
+    class="tw-mx-auto tw-mt-5 tw-flex tw-max-w-lg tw-flex-col tw-items-center tw-justify-center tw-p-8"
+  >
+    <div>
+      <img class="logo logo-themed" alt="Bitwarden" />
+      <p class="tw-mx-4 tw-mt-3 tw-mb-4 tw-text-center tw-text-xl">
+        {{ "loginOrCreateNewAccount" | i18n }}
+      </p>
+      <div
+        class="tw-mt-3 tw-rounded-md tw-border tw-border-solid tw-border-secondary-300 tw-bg-background tw-p-6"
+      >
+        <bit-callout
+          type="warning"
+          title="{{ 'resetPasswordPolicyAutoEnroll' | i18n }}"
+          *ngIf="showResetPasswordAutoEnrollWarning"
+        >
+          {{ "resetPasswordAutoEnrollInviteWarning" | i18n }}
+        </bit-callout>
+
+        <div class="tw-mb-3">
+          <bit-form-field>
+            <bit-label>{{ "emailAddress" | i18n }}</bit-label>
+            <input id="login_input_email" bitInput type="email" formControlName="email" />
+          </bit-form-field>
+        </div>
+
+        <div class="tw-mb-3">
+          <bit-form-field>
+            <bit-label>{{ "masterPass" | i18n }}</bit-label>
+            <input
+              id="login_input_master-password"
+              bitInput
+              type="{{ showPassword ? 'text' : 'password' }}"
+              formControlName="masterPassword"
+            />
+            <button type="button" bitSuffix bitButton (click)="togglePassword()">
+              <i
+                aria-hidden="true"
+                class="bwi bwi-lg bwi-eye"
+                [ngClass]="{ 'bwi-eye': !showPassword, 'bwi-eye-slash': showPassword }"
+              ></i>
+            </button>
+            <bit-hint>
+              <a routerLink="/hint">{{ "getMasterPasswordHint" | i18n }}</a>
+            </bit-hint>
+          </bit-form-field>
+        </div>
+
+        <div class="tw-mb-3 tw-flex tw-items-start">
+          <div class="tw-flex tw-h-6 tw-items-center">
+            <input
+              id="login_input_remember-email"
+              class="tw-w-4 tw-rounded tw-border"
+              bitInput
+              type="checkbox"
+              formControlName="rememberEmail"
+            />
+          </div>
+          <bit-label class="ml-2">
+            {{ "rememberEmail" | i18n }}
+          </bit-label>
+        </div>
+
+        <hr />
+
+        <div [hidden]="!showCaptcha()">
+          <iframe id="hcaptcha_iframe" height="80"></iframe>
+        </div>
+
+        <div class="tw-mb-3 tw-flex tw-space-x-4">
+          <button
+            bitButton
+            buttonType="primary"
+            type="submit"
+            class="tw-inline-block tw-w-1/2"
+            [disabled]="form.loading"
+          >
+            <span> <i class="bwi bwi-sign-in"></i> {{ "logIn" | i18n }} </span>
+          </button>
+
+          <a
+            bitButton
+            buttonType="secondary"
+            routerLink="/register"
+            class="tw-inline-block tw-w-1/2"
+          >
+            <i class="bwi bwi-pencil-square"></i>
+            {{ "createAccount" | i18n }}
+          </a>
+        </div>
+
+        <div class="tw-mb-3" *ngIf="!selfHosted && showPasswordless">
+          <button
+            bitButton
+            type="button"
+            buttonType="secondary"
+            class="tw-w-full"
+            (click)="startPasswordlessLogin()"
+            [disabled]="form.loading"
+          >
+            <span> <i class="bwi bwi-mobile"></i> {{ "loginWithDevice" | i18n }} </span>
+          </button>
+        </div>
+
+        <div class="tw-mb-3">
+          <a routerLink="/sso" bitButton buttonType="secondary" class="tw-w-full">
+            <i class="bwi bwi-provider tw-mr-2"></i>
+            {{ "enterpriseSingleSignOn" | i18n }}
+          </a>
+        </div>
+      </div>
+    </div>
+  </div>
+</form>
diff --git a/apps/web/src/app/accounts/login.component.ts b/apps/web/src/app/accounts/login/login.component.ts
similarity index 81%
rename from apps/web/src/app/accounts/login.component.ts
rename to apps/web/src/app/accounts/login/login.component.ts
index 13dc50e08b6f..1ba2f0fe2639 100644
--- a/apps/web/src/app/accounts/login.component.ts
+++ b/apps/web/src/app/accounts/login/login.component.ts
@@ -1,4 +1,5 @@
 import { Component, NgZone, OnDestroy, OnInit } from "@angular/core";
+import { FormBuilder } from "@angular/forms";
 import { ActivatedRoute, Router } from "@angular/router";
 import { Subject, takeUntil } from "rxjs";
 import { first } from "rxjs/operators";
@@ -8,6 +9,7 @@ import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { AuthService } from "@bitwarden/common/abstractions/auth.service";
 import { CryptoFunctionService } from "@bitwarden/common/abstractions/cryptoFunction.service";
 import { EnvironmentService } from "@bitwarden/common/abstractions/environment.service";
+import { FormValidationErrorsService } from "@bitwarden/common/abstractions/formValidationErrors.service";
 import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/abstractions/log.service";
 import { MessagingService } from "@bitwarden/common/abstractions/messaging.service";
@@ -21,7 +23,9 @@ import { Policy } from "@bitwarden/common/models/domain/policy";
 import { ListResponse } from "@bitwarden/common/models/response/listResponse";
 import { PolicyResponse } from "@bitwarden/common/models/response/policyResponse";
 
-import { RouterService, StateService } from "../core";
+import { flagEnabled } from "src/utils/flags";
+
+import { RouterService, StateService } from "../../core";
 
 @Component({
   selector: "app-login",
@@ -31,6 +35,7 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
   showResetPasswordAutoEnrollWarning = false;
   enforcedPasswordPolicyOptions: MasterPasswordPolicyOptions;
   policies: ListResponse<PolicyResponse>;
+  showPasswordless = false;
 
   private destroy$ = new Subject<void>();
 
@@ -50,7 +55,9 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
     ngZone: NgZone,
     protected stateService: StateService,
     private messagingService: MessagingService,
-    private routerService: RouterService
+    private routerService: RouterService,
+    formBuilder: FormBuilder,
+    formValidationErrorService: FormValidationErrorsService
   ) {
     super(
       authService,
@@ -62,19 +69,22 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
       passwordGenerationService,
       cryptoFunctionService,
       logService,
-      ngZone
+      ngZone,
+      formBuilder,
+      formValidationErrorService
     );
     this.onSuccessfulLogin = async () => {
       this.messagingService.send("setFullWidth");
     };
     this.onSuccessfulLoginNavigate = this.goAfterLogIn;
+    this.showPasswordless = flagEnabled("showPasswordless");
   }
 
   async ngOnInit() {
     // eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
     this.route.queryParams.pipe(first()).subscribe(async (qParams) => {
       if (qParams.email != null && qParams.email.indexOf("@") > -1) {
-        this.email = qParams.email;
+        this.formGroup.get("email")?.setValue(qParams.email);
       }
       if (qParams.premium != null) {
         this.routerService.setPreviousUrl("/settings/premium");
@@ -93,7 +103,8 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
         this.routerService.setPreviousUrl(route.toString());
       }
       await super.ngOnInit();
-      this.rememberEmail = await this.stateService.getRememberEmail();
+      const rememberEmail = await this.stateService.getRememberEmail();
+      this.formGroup.get("rememberEmail")?.setValue(rememberEmail);
     });
 
     const invite = await this.stateService.getOrganizationInvitation();
@@ -136,10 +147,12 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
   }
 
   async goAfterLogIn() {
+    const masterPassword = this.formGroup.get("masterPassword")?.value;
+
     // Check master password against policy
     if (this.enforcedPasswordPolicyOptions != null) {
       const strengthResult = this.passwordGenerationService.passwordStrength(
-        this.masterPassword,
+        masterPassword,
         this.getPasswordStrengthUserInput()
       );
       const masterPasswordScore = strengthResult == null ? null : strengthResult.score;
@@ -148,7 +161,7 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
       if (
         !this.policyService.evaluateMasterPassword(
           masterPasswordScore,
-          this.masterPassword,
+          masterPassword,
           this.enforcedPasswordPolicyOptions
         )
       ) {
@@ -169,19 +182,34 @@ export class LoginComponent extends BaseLoginComponent implements OnInit, OnDest
   }
 
   async submit() {
-    await this.stateService.setRememberEmail(this.rememberEmail);
-    if (!this.rememberEmail) {
+    const rememberEmail = this.formGroup.get("rememberEmail")?.value;
+
+    await this.stateService.setRememberEmail(rememberEmail);
+    if (!rememberEmail) {
       await this.stateService.setRememberedEmail(null);
     }
-    await super.submit();
+    await super.submit(false);
+  }
+
+  async startPasswordlessLogin() {
+    this.formGroup.get("masterPassword")?.clearValidators();
+    this.formGroup.get("masterPassword")?.updateValueAndValidity();
+
+    if (!this.formGroup.valid) {
+      return;
+    }
+
+    const email = this.formGroup.get("email").value;
+    this.router.navigate(["/login-with-device"], { state: { email: email } });
   }
 
   private getPasswordStrengthUserInput() {
+    const email = this.formGroup.get("email")?.value;
     let userInput: string[] = [];
-    const atPosition = this.email.indexOf("@");
+    const atPosition = email.indexOf("@");
     if (atPosition > -1) {
       userInput = userInput.concat(
-        this.email
+        email
           .substr(0, atPosition)
           .trim()
           .toLowerCase()
diff --git a/apps/web/src/app/accounts/login/login.module.ts b/apps/web/src/app/accounts/login/login.module.ts
new file mode 100644
index 000000000000..9ab8dfb3a1b2
--- /dev/null
+++ b/apps/web/src/app/accounts/login/login.module.ts
@@ -0,0 +1,13 @@
+import { NgModule } from "@angular/core";
+
+import { SharedModule } from "../../shared";
+
+import { LoginWithDeviceComponent } from "./login-with-device.component";
+import { LoginComponent } from "./login.component";
+
+@NgModule({
+  imports: [SharedModule],
+  declarations: [LoginComponent, LoginWithDeviceComponent],
+  exports: [LoginComponent, LoginWithDeviceComponent],
+})
+export class LoginModule {}
diff --git a/apps/web/src/app/organizations/manage/user-add-edit.component.html b/apps/web/src/app/organizations/manage/user-add-edit.component.html
index fa4e896d2083..7d15eaa22f3a 100644
--- a/apps/web/src/app/organizations/manage/user-add-edit.component.html
+++ b/apps/web/src/app/organizations/manage/user-add-edit.component.html
@@ -135,7 +135,7 @@ <h3 class="mt-4 d-flex">
           <div class="row">
             <div class="col-6">
               <div class="mb-3">
-                <label class="font-weight-bold mb-0">Manager Permissions</label>
+                <label class="font-weight-bold mb-0">{{ "managerPermissions" | i18n }}</label>
                 <hr class="my-0 mr-2" />
                 <app-nested-checkbox
                   parentId="manageAssignedCollections"
@@ -146,7 +146,7 @@ <h3 class="mt-4 d-flex">
             </div>
             <div class="col-6">
               <div class="mb-3">
-                <label class="font-weight-bold mb-0">Admin Permissions</label>
+                <label class="font-weight-bold mb-0">{{ "adminPermissions" | i18n }}</label>
                 <hr class="my-0 mr-2" />
                 <div class="form-group mb-0">
                   <div class="form-check mt-1 form-check-block">
diff --git a/apps/web/src/app/oss-routing.module.ts b/apps/web/src/app/oss-routing.module.ts
index 61daf7c82cbd..6e1c4e569ef1 100644
--- a/apps/web/src/app/oss-routing.module.ts
+++ b/apps/web/src/app/oss-routing.module.ts
@@ -11,7 +11,8 @@ import { AcceptEmergencyComponent } from "./accounts/accept-emergency.component"
 import { AcceptOrganizationComponent } from "./accounts/accept-organization.component";
 import { HintComponent } from "./accounts/hint.component";
 import { LockComponent } from "./accounts/lock.component";
-import { LoginComponent } from "./accounts/login.component";
+import { LoginWithDeviceComponent } from "./accounts/login/login-with-device.component";
+import { LoginComponent } from "./accounts/login/login.component";
 import { RecoverDeleteComponent } from "./accounts/recover-delete.component";
 import { RecoverTwoFactorComponent } from "./accounts/recover-two-factor.component";
 import { RegisterComponent } from "./accounts/register.component";
@@ -60,6 +61,11 @@ const routes: Routes = [
         canActivate: [HomeGuard], // Redirects either to vault, login or lock page.
       },
       { path: "login", component: LoginComponent, canActivate: [UnauthGuard] },
+      {
+        path: "login-with-device",
+        component: LoginWithDeviceComponent,
+        data: { titleId: "loginWithDevice" },
+      },
       { path: "2fa", component: TwoFactorComponent, canActivate: [UnauthGuard] },
       {
         path: "register",
diff --git a/apps/web/src/app/oss.module.ts b/apps/web/src/app/oss.module.ts
index 0885d7d5d770..457200a0e9b8 100644
--- a/apps/web/src/app/oss.module.ts
+++ b/apps/web/src/app/oss.module.ts
@@ -1,5 +1,6 @@
 import { NgModule } from "@angular/core";
 
+import { LoginModule } from "./accounts/login/login.module";
 import { TrialInitiationModule } from "./accounts/trial-initiation/trial-initiation.module";
 import { OrganizationCreateModule } from "./organizations/create/organization-create.module";
 import { OrganizationManageModule } from "./organizations/manage/organization-manage.module";
@@ -18,6 +19,7 @@ import { VaultFilterModule } from "./vault/vault-filter/vault-filter.module";
     OrganizationManageModule,
     OrganizationUserModule,
     OrganizationCreateModule,
+    LoginModule,
   ],
   exports: [
     SharedModule,
@@ -25,6 +27,7 @@ import { VaultFilterModule } from "./vault/vault-filter/vault-filter.module";
     TrialInitiationModule,
     VaultFilterModule,
     OrganizationBadgeModule,
+    LoginModule,
   ],
   bootstrap: [],
 })
diff --git a/apps/web/src/app/shared/loose-components.module.ts b/apps/web/src/app/shared/loose-components.module.ts
index 59315f9253c9..c68741b5a2bb 100644
--- a/apps/web/src/app/shared/loose-components.module.ts
+++ b/apps/web/src/app/shared/loose-components.module.ts
@@ -6,7 +6,6 @@ import { AcceptEmergencyComponent } from "../accounts/accept-emergency.component
 import { AcceptOrganizationComponent } from "../accounts/accept-organization.component";
 import { HintComponent } from "../accounts/hint.component";
 import { LockComponent } from "../accounts/lock.component";
-import { LoginComponent } from "../accounts/login.component";
 import { RecoverDeleteComponent } from "../accounts/recover-delete.component";
 import { RecoverTwoFactorComponent } from "../accounts/recover-two-factor.component";
 import { RegisterFormModule } from "../accounts/register-form/register-form.module";
@@ -210,7 +209,6 @@ import { SharedModule } from ".";
     FrontendLayoutComponent,
     HintComponent,
     LockComponent,
-    LoginComponent,
     MasterPasswordPolicyComponent,
     NavbarComponent,
     NestedCheckboxComponent,
@@ -355,7 +353,6 @@ import { SharedModule } from ".";
     FrontendLayoutComponent,
     HintComponent,
     LockComponent,
-    LoginComponent,
     MasterPasswordPolicyComponent,
     NavbarComponent,
     NestedCheckboxComponent,
diff --git a/apps/web/src/locales/af/messages.json b/apps/web/src/locales/af/messages.json
index 3ab3434cfb30..6a52acd58d77 100644
--- a/apps/web/src/locales/af/messages.json
+++ b/apps/web/src/locales/af/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Toestemmings"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/ar/messages.json b/apps/web/src/locales/ar/messages.json
index 2b3457e9bde1..473e312b25e2 100644
--- a/apps/web/src/locales/ar/messages.json
+++ b/apps/web/src/locales/ar/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/az/messages.json b/apps/web/src/locales/az/messages.json
index 1bd2459880a8..86ebc3a5878d 100644
--- a/apps/web/src/locales/az/messages.json
+++ b/apps/web/src/locales/az/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "İcazələr"
   },
+  "managerPermissions": {
+    "message": "Menecer icazələri"
+  },
+  "adminPermissions": {
+    "message": "Admin icazələri"
+  },
   "accessEventLogs": {
     "message": "Tədbir jurnalına müraciət"
   },
diff --git a/apps/web/src/locales/be/messages.json b/apps/web/src/locales/be/messages.json
index a140a2254141..20a80249cc79 100644
--- a/apps/web/src/locales/be/messages.json
+++ b/apps/web/src/locales/be/messages.json
@@ -65,7 +65,7 @@
     "message": "Код бяспекі (CVV)"
   },
   "identityName": {
-    "message": "Імя"
+    "message": "Імя пасведчання"
   },
   "company": {
     "message": "Кампанія"
@@ -233,7 +233,7 @@
     "message": "Праверце, ці не скампраметаваны пароль."
   },
   "passwordExposed": {
-    "message": "Гэты пароль быў скампраметаваны $VALUE$ раз(-ы/-оў). Вы павінны змяніць яго.",
+    "message": "Гэты пароль быў скампраметаваны наступную колькасць разоў: $VALUE$. Вы павінны змяніць яго.",
     "placeholders": {
       "value": {
         "content": "$1",
@@ -398,27 +398,27 @@
     }
   },
   "copyValue": {
-    "message": "Капіяваць значэнне",
+    "message": "Скапіяваць значэнне",
     "description": "Copy value to clipboard"
   },
   "copyPassword": {
-    "message": "Капіяваць пароль",
+    "message": "Скапіяваць пароль",
     "description": "Copy password to clipboard"
   },
   "copyUsername": {
-    "message": "Капіяваць імя карыстальніка",
+    "message": "Скапіяваць імя карыстальніка",
     "description": "Copy username to clipboard"
   },
   "copyNumber": {
-    "message": "Капіяваць нумар",
+    "message": "Скапіяваць нумар",
     "description": "Copy credit card number"
   },
   "copySecurityCode": {
-    "message": "Капіяваць код бяспекі",
+    "message": "Скапіяваць код бяспекі",
     "description": "Copy credit card security code (CVV)"
   },
   "copyUri": {
-    "message": "Капіяваць URI",
+    "message": "Скапіяваць URI",
     "description": "Copy URI to clipboard"
   },
   "me": {
@@ -648,7 +648,7 @@
     "message": "Уліковы запіс паспяхова створаны."
   },
   "masterPassSent": {
-    "message": "Мы адправілі вам на электронную пошту падказку для асноўнага пароля."
+    "message": "Мы адправілі вам на электронную пошту падказку да асноўнага пароля."
   },
   "unexpectedError": {
     "message": "Адбылася нечаканая памылка."
@@ -663,7 +663,7 @@
     "message": "Разблакіраваць"
   },
   "loggedInAsEmailOn": {
-    "message": "Вы ўвайшлі як $HOSTNAME$ у $EMAIL$.",
+    "message": "Вы ўвайшлі як $EMAIL$ у $HOSTNAME$.",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -867,7 +867,7 @@
     "message": "Праверачны код (TOTP)"
   },
   "copyVerificationCode": {
-    "message": "Капіяваць праверачны код"
+    "message": "Скапіяваць праверачны код"
   },
   "warning": {
     "message": "Папярэджанне"
@@ -2272,10 +2272,10 @@
     "message": "Ваша арганізацыя была абноўлена."
   },
   "leave": {
-    "message": "Пакінуць"
+    "message": "Выйсці"
   },
   "leaveOrganizationConfirmation": {
-    "message": "Вы ўпэўнены, што хочаце пакінуць гэту арганізацыю?"
+    "message": "Вы ўпэўнены, што хочаце выйсці з гэтай арганізацыі?"
   },
   "leftOrganization": {
     "message": "Вы пакінулі арганізацыю."
@@ -2284,7 +2284,7 @@
     "message": "Прадвызначаная калекцыя"
   },
   "getHelp": {
-    "message": "Атрымаць дапамогу"
+    "message": "Атрымаць даведку"
   },
   "getApps": {
     "message": "Атрымаць праграмы"
@@ -3365,7 +3365,7 @@
     "message": "У вашым сховішчы ёсць старыя далучаныя файлы, якія неабходна выправіць перад тым, як змяніць ключ шыфравання ўліковага запісу."
   },
   "yourAccountsFingerprint": {
-    "message": "Фраза адбітку вашага ўліковага запісу",
+    "message": "Фраза адбітку пальца вашага ўліковага запісу",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "fingerprintEnsureIntegrityVerify": {
@@ -3454,7 +3454,7 @@
     "message": "Адна або больш палітык арганізацыі ўплывае на налады генератара."
   },
   "masterPasswordPolicyInEffect": {
-    "message": "Згодна з адной або некалькімі палітыкамі арганізацыі асноўны пароль павінен адпавядаць наступным патрабаванням:"
+    "message": "Адна або больш палітык арганізацыі патрабуе, каб ваш асноўны пароль адпавядаў наступным патрабаванням:"
   },
   "policyInEffectMinComplexity": {
     "message": "Мінімальны ўзровень складанасці $SCORE$",
@@ -3534,7 +3534,7 @@
     "message": "Назаўсёды выдаліць элементы"
   },
   "permanentlyDeleteItemConfirmation": {
-    "message": "Вы ўпэўнены, што хочаце назаўсёды выдаліць гэтыя элементы?"
+    "message": "Вы ўпэўнены, што хочаце назаўсёды выдаліць гэты элемент?"
   },
   "permanentlyDeletedItem": {
     "message": "Элемент выдалены назаўсёды"
@@ -3744,14 +3744,14 @@
     "message": "Дата завяршэння"
   },
   "expirationDateDesc": {
-    "message": "Калі зададзена, то доступ да гэтага Send міне ў азначаную дату і час.",
+    "message": "Калі прызначана, то доступ да гэтага Send міне ў азначаную дату і час.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "maxAccessCount": {
     "message": "Максімальная колькасць доступаў"
   },
   "maxAccessCountDesc": {
-    "message": "Калі зададзена, то карыстальнікі больш не змогуць атрымаць доступ да гэтага Send пасля таго, як будзе дасягнута максімальная колькасць зваротаў.",
+    "message": "Калі прызначана, то карыстальнікі больш не змогуць атрымаць доступ да гэтага Send пасля таго, як будзе дасягнута максімальная колькасць зваротаў.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "currentAccessCount": {
@@ -3776,7 +3776,7 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "copySendLink": {
-    "message": "Капіяваць спасылку на Send",
+    "message": "Скапіяваць спасылку на Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "removePassword": {
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Дазволы"
   },
+  "managerPermissions": {
+    "message": "Дазволы менеджара"
+  },
+  "adminPermissions": {
+    "message": "Дазволы адміністратара"
+  },
   "accessEventLogs": {
     "message": "Доступ да журналаў з падзеямі"
   },
@@ -4310,7 +4316,7 @@
     "message": "гэты карыстальнік"
   },
   "resetPasswordMasterPasswordPolicyInEffect": {
-    "message": "Згодна з адной або некалькімі палітыкамі арганізацыі асноўны пароль павінен адпавядаць наступным патрабаванням:"
+    "message": "Адна або больш палітык арганізацыі патрабуе, каб асноўны пароль адпавядаў наступным патрабаванням:"
   },
   "resetPasswordSuccess": {
     "message": "Пароль паспяхова скінуты!"
@@ -4885,7 +4891,7 @@
     }
   },
   "leaveOrganization": {
-    "message": "Пакінуць арганізацыю"
+    "message": "Выйсці з арганізацыі"
   },
   "removeMasterPassword": {
     "message": "Выдаліць асноўны пароль"
@@ -5011,7 +5017,7 @@
     "message": "Уласнае размяшчэнне"
   },
   "selfHostingEnterpriseOrganizationSectionCopy": {
-    "message": "Для наладжвання арганізацыі на вашым уласным серверы, вам неабходна будзе загрузіць файл з ліцэнзіяй. Для падтрымкі тарыфных планаў Bitwarden Families і пашыраных магчымасцяў выстаўлення рахункаў для вашай арганізацыі, вам неабходна наладзіць плацежную сінхранізацыю."
+    "message": "Для наладжвання арганізацыі на вашым уласным серверы, вам неабходна будзе загрузіць файл з ліцэнзіяй. Для падтрымкі тарыфных планаў Bitwarden Families і пашыраных магчымасцей выстаўлення рахункаў для вашай арганізацыі, вам неабходна наладзіць плацежную сінхранізацыю."
   },
   "billingSyncApiKeyRotated": {
     "message": "Токен зменены."
@@ -5160,7 +5166,7 @@
     "description": "Username generator option that appends a random sub-address to the username. For example: address+subaddress@email.com"
   },
   "plusAddressedEmailDesc": {
-    "message": "Выкарыстоўваць магчымасці пададрасацыі вашага пастаўшчыка паслуг электроннай пошты."
+    "message": "Выкарыстоўвайце магчымасці пададрасацыі вашага пастаўшчыка паслуг электроннай пошты."
   },
   "catchallEmail": {
     "message": "Адрас для ўсёй пошты дамена"
@@ -5288,7 +5294,7 @@
     "message": "Гэты ключ API мае доступ да кіравання карыстальнікаў у межах вашай арганізацыі. Яго неабходна захоўваць у надзейным месцы."
   },
   "copyScimKey": {
-    "message": "Капіяваць ключ API для SCIM у буфер абмену",
+    "message": "Скапіяваць ключ API для SCIM у буфер абмену",
     "description": "the text, 'SCIM' and 'API', are acronymns and should not be translated."
   },
   "rotateScimKey": {
diff --git a/apps/web/src/locales/bg/messages.json b/apps/web/src/locales/bg/messages.json
index 65134d43fc59..200a343abaf7 100644
--- a/apps/web/src/locales/bg/messages.json
+++ b/apps/web/src/locales/bg/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Права"
   },
+  "managerPermissions": {
+    "message": "Права на управителя"
+  },
+  "adminPermissions": {
+    "message": "Права на администратора"
+  },
   "accessEventLogs": {
     "message": "Достъп до журналите"
   },
diff --git a/apps/web/src/locales/bn/messages.json b/apps/web/src/locales/bn/messages.json
index d3e7a5f6a1d9..837c9cf71905 100644
--- a/apps/web/src/locales/bn/messages.json
+++ b/apps/web/src/locales/bn/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/bs/messages.json b/apps/web/src/locales/bs/messages.json
index fbc629ef7fe9..2f14bb380f0b 100644
--- a/apps/web/src/locales/bs/messages.json
+++ b/apps/web/src/locales/bs/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/ca/messages.json b/apps/web/src/locales/ca/messages.json
index 08cc2b165f28..953e79fbf134 100644
--- a/apps/web/src/locales/ca/messages.json
+++ b/apps/web/src/locales/ca/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permisos"
   },
+  "managerPermissions": {
+    "message": "Permisos de l'administrador"
+  },
+  "adminPermissions": {
+    "message": "Permisos de l'administrador"
+  },
   "accessEventLogs": {
     "message": "Registres d'esdeveniments dels accessos"
   },
diff --git a/apps/web/src/locales/cs/messages.json b/apps/web/src/locales/cs/messages.json
index 2e18e2c59234..3bba318dd473 100644
--- a/apps/web/src/locales/cs/messages.json
+++ b/apps/web/src/locales/cs/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Oprávnění"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Přístup k logům"
   },
diff --git a/apps/web/src/locales/da/messages.json b/apps/web/src/locales/da/messages.json
index 9631152699d4..67fdbc44188e 100644
--- a/apps/web/src/locales/da/messages.json
+++ b/apps/web/src/locales/da/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Tilladelser"
   },
+  "managerPermissions": {
+    "message": "Håndtér rettigheder"
+  },
+  "adminPermissions": {
+    "message": "Admin-tilladelser"
+  },
   "accessEventLogs": {
     "message": "Tilgå begivenhedslogger"
   },
diff --git a/apps/web/src/locales/de/messages.json b/apps/web/src/locales/de/messages.json
index d12b19e9a4ef..a00359ce98c2 100644
--- a/apps/web/src/locales/de/messages.json
+++ b/apps/web/src/locales/de/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Berechtigungen"
   },
+  "managerPermissions": {
+    "message": "Manager-Berechtigungen"
+  },
+  "adminPermissions": {
+    "message": "Administrator-Berechtigungen"
+  },
   "accessEventLogs": {
     "message": "Zugriff auf Ereignisprotokolle"
   },
diff --git a/apps/web/src/locales/el/messages.json b/apps/web/src/locales/el/messages.json
index 54b778b228ba..b8ac7e6c3859 100644
--- a/apps/web/src/locales/el/messages.json
+++ b/apps/web/src/locales/el/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Άδειες"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Αρχείο Καταγραφής Πρόσβασης"
   },
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index 5ca96affb7a2..3b8c2f772d7b 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -569,15 +569,27 @@
   "loginOrCreateNewAccount": {
     "message": "Log in or create a new account to access your secure vault."
   },
+  "loginWithDevice" : {
+    "message": "Log in with device"
+  },
+  "loginWithDevciceEnabledInfo": {
+    "message": "Log in with device must be enabled in the settings of the Biwarden mobile app. Need another option?"
+  },
   "createAccount": {
     "message": "Create Account"
   },
+  "newAroundHere": {
+    "message": "New around here?"
+  },
   "startTrial": {
     "message": "Start Trial"
   },
   "logIn": {
     "message": "Log In"
   },
+  "logInInitiated": {
+    "message": "Log in initiated"
+  },
   "submit": {
     "message": "Submit"
   },
@@ -635,7 +647,7 @@
   "confirmMasterPasswordRequired": {
     "message": "Master password retype is required."
   },
-  "masterPasswordMinLength": {
+  "masterPasswordMinlength": {
     "message": "Master password must be at least 8 characters long."
   },
   "masterPassDoesntMatch": {
@@ -705,6 +717,9 @@
   "noOrganizationsList": {
     "message": "You do not belong to any organizations. Organizations allow you to securely share items with other users."
   },
+  "notificationSentDevice":{
+    "message": "A notification has been sent to your device."
+  },
   "versionNumber": {
     "message": "Version $VERSION_NUMBER$",
     "placeholders": {
@@ -2532,6 +2547,9 @@
       }
     }
   },
+  "viewAllLoginOptions": {
+    "message": "View all log in options"
+  },
   "viewedItemId": {
     "message": "Viewed item $ID$.",
     "placeholders": {
@@ -3372,6 +3390,12 @@
     "message": "To ensure the integrity of your encryption keys, please verify the user's fingerprint phrase before continuing.",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
+  "fingerprintMatchInfo": {
+    "message": "Please make sure your vault is unlocked and Fingerprint phrase matches the other device."
+  },
+  "fingerprintPhraseHeader": {
+    "message": "Fingerprint phrase"
+  },
   "dontAskFingerprintAgain": {
     "message": "Never prompt to verify fingerprint phrases for invited users (Not recommended)",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
@@ -4057,6 +4081,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
@@ -4366,6 +4396,9 @@
   "reinviteSelected": {
     "message": "Resend Invitations"
   },
+  "resendNotification": {
+    "message": "Resend notification"
+  },
   "noSelectedUsersApplicable": {
     "message": "This action is not applicable to any of the selected users."
   },
diff --git a/apps/web/src/locales/en_GB/messages.json b/apps/web/src/locales/en_GB/messages.json
index eac572498834..3f7beb72d168 100644
--- a/apps/web/src/locales/en_GB/messages.json
+++ b/apps/web/src/locales/en_GB/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/en_IN/messages.json b/apps/web/src/locales/en_IN/messages.json
index 14a07c48e2d3..939d41b015d7 100644
--- a/apps/web/src/locales/en_IN/messages.json
+++ b/apps/web/src/locales/en_IN/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/eo/messages.json b/apps/web/src/locales/eo/messages.json
index 327bc12f0864..960cb3250e7d 100644
--- a/apps/web/src/locales/eo/messages.json
+++ b/apps/web/src/locales/eo/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permesoj"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Aliri Eventajn Registrojn"
   },
diff --git a/apps/web/src/locales/es/messages.json b/apps/web/src/locales/es/messages.json
index 686980e052cd..062e73263406 100644
--- a/apps/web/src/locales/es/messages.json
+++ b/apps/web/src/locales/es/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permisos"
   },
+  "managerPermissions": {
+    "message": "Permisos del Administrador"
+  },
+  "adminPermissions": {
+    "message": "Permisos del administrador"
+  },
   "accessEventLogs": {
     "message": "Acceder a los registros de eventos"
   },
diff --git a/apps/web/src/locales/et/messages.json b/apps/web/src/locales/et/messages.json
index 542914b221dc..f4242fe946db 100644
--- a/apps/web/src/locales/et/messages.json
+++ b/apps/web/src/locales/et/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Õigused"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Ligipääs sündmuste logile"
   },
diff --git a/apps/web/src/locales/eu/messages.json b/apps/web/src/locales/eu/messages.json
index c685a9ffb081..467f257db3de 100644
--- a/apps/web/src/locales/eu/messages.json
+++ b/apps/web/src/locales/eu/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Baimenak"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Sarreren erregistroak"
   },
diff --git a/apps/web/src/locales/fi/messages.json b/apps/web/src/locales/fi/messages.json
index 610868899195..5bd081806c61 100644
--- a/apps/web/src/locales/fi/messages.json
+++ b/apps/web/src/locales/fi/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Käyttöoikeudet"
   },
+  "managerPermissions": {
+    "message": "Valvojan oikeudet"
+  },
+  "adminPermissions": {
+    "message": "Ylläpitäjän oikeudet"
+  },
   "accessEventLogs": {
     "message": "Tapahtumalokien käyttö"
   },
diff --git a/apps/web/src/locales/fil/messages.json b/apps/web/src/locales/fil/messages.json
index 37f65c83d49f..874faf9c5527 100644
--- a/apps/web/src/locales/fil/messages.json
+++ b/apps/web/src/locales/fil/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/fr/messages.json b/apps/web/src/locales/fr/messages.json
index 51dd966dea1c..ce1b38ac01de 100644
--- a/apps/web/src/locales/fr/messages.json
+++ b/apps/web/src/locales/fr/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Permissions du Gestionnaire"
+  },
+  "adminPermissions": {
+    "message": "Permissions de l'Administrateur"
+  },
   "accessEventLogs": {
     "message": "Accéder aux journaux d'événements"
   },
diff --git a/apps/web/src/locales/he/messages.json b/apps/web/src/locales/he/messages.json
index fce1aa9d41e4..7097f7424616 100644
--- a/apps/web/src/locales/he/messages.json
+++ b/apps/web/src/locales/he/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/hi/messages.json b/apps/web/src/locales/hi/messages.json
index 63abb103a711..ebdb4cd0ac2c 100644
--- a/apps/web/src/locales/hi/messages.json
+++ b/apps/web/src/locales/hi/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/hr/messages.json b/apps/web/src/locales/hr/messages.json
index 0207bb4e5955..5ae0ed2b8a78 100644
--- a/apps/web/src/locales/hr/messages.json
+++ b/apps/web/src/locales/hr/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Dozvole"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Pristup zapisnicima događaja"
   },
diff --git a/apps/web/src/locales/hu/messages.json b/apps/web/src/locales/hu/messages.json
index c4c76ad60954..2d673d6e6542 100644
--- a/apps/web/src/locales/hu/messages.json
+++ b/apps/web/src/locales/hu/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Jogosultságok"
   },
+  "managerPermissions": {
+    "message": "Jogosultságok kezelése"
+  },
+  "adminPermissions": {
+    "message": "Adminisztrátori jogosultságok"
+  },
   "accessEventLogs": {
     "message": "Eseménynapló elérése"
   },
diff --git a/apps/web/src/locales/id/messages.json b/apps/web/src/locales/id/messages.json
index 46f191e077bf..07e2c67bdf00 100644
--- a/apps/web/src/locales/id/messages.json
+++ b/apps/web/src/locales/id/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Izin"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Akses Log Peristiwa"
   },
diff --git a/apps/web/src/locales/it/messages.json b/apps/web/src/locales/it/messages.json
index b9ba2942153f..f92c5c349e6a 100644
--- a/apps/web/src/locales/it/messages.json
+++ b/apps/web/src/locales/it/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permessi"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Accedi ai log degli eventi"
   },
diff --git a/apps/web/src/locales/ja/messages.json b/apps/web/src/locales/ja/messages.json
index dd3ab6b97a9b..e415d8375343 100644
--- a/apps/web/src/locales/ja/messages.json
+++ b/apps/web/src/locales/ja/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "権限"
   },
+  "managerPermissions": {
+    "message": "権限の管理"
+  },
+  "adminPermissions": {
+    "message": "管理者権限"
+  },
   "accessEventLogs": {
     "message": "イベントログにアクセス"
   },
diff --git a/apps/web/src/locales/ka/messages.json b/apps/web/src/locales/ka/messages.json
index 5ca96affb7a2..80755183b9f4 100644
--- a/apps/web/src/locales/ka/messages.json
+++ b/apps/web/src/locales/ka/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/km/messages.json b/apps/web/src/locales/km/messages.json
index 5ca96affb7a2..80755183b9f4 100644
--- a/apps/web/src/locales/km/messages.json
+++ b/apps/web/src/locales/km/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/kn/messages.json b/apps/web/src/locales/kn/messages.json
index e49c178c6bec..0f57d99a7391 100644
--- a/apps/web/src/locales/kn/messages.json
+++ b/apps/web/src/locales/kn/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "ಅನುಮತಿಗಳು"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "ಈವೆಂಟ್ ಲಾಗ್‌ಗಳನ್ನು ಪ್ರವೇಶಿಸಿ"
   },
diff --git a/apps/web/src/locales/ko/messages.json b/apps/web/src/locales/ko/messages.json
index 5e9ec49e03a1..9ea99f044464 100644
--- a/apps/web/src/locales/ko/messages.json
+++ b/apps/web/src/locales/ko/messages.json
@@ -306,7 +306,7 @@
     "message": "보안 메모"
   },
   "typeLoginPlural": {
-    "message": "Logins"
+    "message": "로그인"
   },
   "typeCardPlural": {
     "message": "카드"
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "권한"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "이벤트 로그 접근"
   },
diff --git a/apps/web/src/locales/lv/messages.json b/apps/web/src/locales/lv/messages.json
index 7409f55b9c04..8b5956c696cb 100644
--- a/apps/web/src/locales/lv/messages.json
+++ b/apps/web/src/locales/lv/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Atļaujas"
   },
+  "managerPermissions": {
+    "message": "Pārvaldnieka atļaujas"
+  },
+  "adminPermissions": {
+    "message": "Administratora atļaujas"
+  },
   "accessEventLogs": {
     "message": "Piekļūt notikumu žurnāla ierakstiem"
   },
diff --git a/apps/web/src/locales/ml/messages.json b/apps/web/src/locales/ml/messages.json
index 3daff3c64927..ea6689a9b80c 100644
--- a/apps/web/src/locales/ml/messages.json
+++ b/apps/web/src/locales/ml/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "അനുമതികൾ"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/nb/messages.json b/apps/web/src/locales/nb/messages.json
index 3f8bec3fd68f..372bd618e022 100644
--- a/apps/web/src/locales/nb/messages.json
+++ b/apps/web/src/locales/nb/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Rettigheter"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Få tilgang til hendelseslogger"
   },
diff --git a/apps/web/src/locales/nl/messages.json b/apps/web/src/locales/nl/messages.json
index 456d2253c6cf..002abcd8852c 100644
--- a/apps/web/src/locales/nl/messages.json
+++ b/apps/web/src/locales/nl/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Rechten"
   },
+  "managerPermissions": {
+    "message": "Managersrechten"
+  },
+  "adminPermissions": {
+    "message": "Beheerdersrechten"
+  },
   "accessEventLogs": {
     "message": "Eventlogs"
   },
diff --git a/apps/web/src/locales/nn/messages.json b/apps/web/src/locales/nn/messages.json
index 1b27527fc3a9..fa3ea5e5272d 100644
--- a/apps/web/src/locales/nn/messages.json
+++ b/apps/web/src/locales/nn/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/pl/messages.json b/apps/web/src/locales/pl/messages.json
index fc3f0ff1b838..ea9e0cba5330 100644
--- a/apps/web/src/locales/pl/messages.json
+++ b/apps/web/src/locales/pl/messages.json
@@ -645,7 +645,7 @@
     "message": "Konto zostało utworzone! Teraz możesz się zalogować."
   },
   "trialAccountCreated": {
-    "message": "Konto zostało pomyślnie utworzone."
+    "message": "Konto zostało utworzone."
   },
   "masterPassSent": {
     "message": "Wysłaliśmy Tobie wiadomość e-mail z podpowiedzią do hasła głównego."
@@ -918,7 +918,7 @@
     "message": "Utwórz hasło wygenerowane przez użytkownika, aby chronić eksport. Użyj tego, aby utworzyć eksport, który może być używany na innych kontach."
   },
   "fileTypeHeading": {
-    "message": "Typ Pliku"
+    "message": "Rodzaj pliku"
   },
   "accountBackup": {
     "message": "Kopia zapasowa konta"
@@ -1324,7 +1324,7 @@
     "message": "Wyłącz"
   },
   "revokeAccess": {
-    "message": "Odwołaj dostęp"
+    "message": "Unieważnij dostęp"
   },
   "twoStepLoginProviderEnabled": {
     "message": "Ten dostawca logowania dwustopniowego jest już włączony na koncie."
@@ -1840,7 +1840,7 @@
     "message": "rok"
   },
   "yr": {
-    "message": "r."
+    "message": "rok"
   },
   "month": {
     "message": "miesiąc"
@@ -2257,7 +2257,7 @@
     "message": "Rocznie"
   },
   "annual": {
-    "message": "Raz w roku"
+    "message": "Rocznie"
   },
   "basePrice": {
     "message": "Cena netto"
@@ -2329,7 +2329,7 @@
     "message": "Gdy członek zostanie usunięty, nie ma już dostępu do danych organizacji, a ta czynność jest nieodwracalna. Aby ponownie dodać członka do organizacji, należy go zaprosić i ponownie wprowadzić."
   },
   "revokeUserConfirmation": {
-    "message": "Gdy członek zostanie odwołany, nie ma już dostępu do danych organizacji. Aby szybko przywrócić dostęp członków, przejdź do karty Odwołani."
+    "message": "Jeśli użytkownik zostanie unieważniony, nie będzie miał dostępu do danych organizacji. Aby przywrócić dostęp użytkownika, przejdź do karty Unieważnieni."
   },
   "removeUserConfirmationKeyConnector": {
     "message": "Ostrzeżenie! Ten użytkownik wymaga serwera Key Connector do zarządzania szyfrowaniem. Usunięcie tego użytkownika z organizacji spowoduje trwałe wyłączenie jego konta. Nie możesz cofnąć tej akcji. Czy chcesz kontynuować?"
@@ -2686,7 +2686,7 @@
     }
   },
   "revokedUserId": {
-    "message": "Odwołano dostęp organizacji dla $ID$.",
+    "message": "Dostęp do organizacji dla użytkownika $ID$ został unieważniony.",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -2704,7 +2704,7 @@
     }
   },
   "revokeUserId": {
-    "message": "Odwołano dostęp $ID$",
+    "message": "Unieważnij dostęp dla użytkownika $ID$",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -3769,7 +3769,7 @@
     "message": "Wyłączone"
   },
   "revoked": {
-    "message": "Odwołani"
+    "message": "Unieważnieni"
   },
   "sendLink": {
     "message": "Link wysyłki",
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Uprawnienia"
   },
+  "managerPermissions": {
+    "message": "Menedżer uprawnień"
+  },
+  "adminPermissions": {
+    "message": "Administrator uprawnień"
+  },
   "accessEventLogs": {
     "message": "Dostęp do dziennika zdarzeń"
   },
@@ -4376,7 +4382,7 @@
     "message": "Kiedy członek (członkowie) zostaje usunięty, nie ma już dostępu do danych organizacji i działanie to jest nieodwracalne. Aby dodać członka z powrotem do organizacji, musi on zostać ponownie zaproszony i włączony do organizacji. Proces ten może trwać kilka sekund i nie może być przerwany ani anulowany."
   },
   "revokeUsersWarning": {
-    "message": "Gdy członek (członkowie) zostanie odwołany, nie ma już dostępu do danych organizacji. Aby szybko przywrócić dostęp do danych członka, przejdź do zakładki Odwołano. Proces ten może potrwać kilka sekund i nie można go przerwać ani anulować."
+    "message": "Jeśli użytkownicy zostaną unieważnieni, nie będą mieli dostępu do danych organizacji. Aby przywrócić dostęp użytkownika, przejdź do karty Unieważnieni. Proces może potrwać kilka sekund i nie można go przerwać lub anulować."
   },
   "theme": {
     "message": "Motyw"
@@ -4409,7 +4415,7 @@
     "message": "Usunięto"
   },
   "bulkRevokedMessage": {
-    "message": "Odwołano dostęp do organizacji"
+    "message": "Dostęp do organizacji został unieważniony"
   },
   "bulkRestoredMessage": {
     "message": "Przywrócono dostęp do organizacji"
@@ -4424,7 +4430,7 @@
     "message": "Usuń użytkowników"
   },
   "revokeUsers": {
-    "message": "Odwołaj użytkowników"
+    "message": "Unieważnij użytkowników"
   },
   "restoreUsers": {
     "message": "Przywróć użytkowników"
diff --git a/apps/web/src/locales/pt_BR/messages.json b/apps/web/src/locales/pt_BR/messages.json
index 6944ffec979f..fcb778e6d9b9 100644
--- a/apps/web/src/locales/pt_BR/messages.json
+++ b/apps/web/src/locales/pt_BR/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissões"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Acessar Registro de Eventos"
   },
diff --git a/apps/web/src/locales/pt_PT/messages.json b/apps/web/src/locales/pt_PT/messages.json
index bdf34e78aecf..38025cfcab36 100644
--- a/apps/web/src/locales/pt_PT/messages.json
+++ b/apps/web/src/locales/pt_PT/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissões"
   },
+  "managerPermissions": {
+    "message": "Gestão de permissões"
+  },
+  "adminPermissions": {
+    "message": "Permissões de Administrador"
+  },
   "accessEventLogs": {
     "message": "Aceder ao Registro de Eventos"
   },
diff --git a/apps/web/src/locales/ro/messages.json b/apps/web/src/locales/ro/messages.json
index ac5b652a525a..79ec219b22e3 100644
--- a/apps/web/src/locales/ro/messages.json
+++ b/apps/web/src/locales/ro/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permisiuni"
   },
+  "managerPermissions": {
+    "message": "Permisiuni manager"
+  },
+  "adminPermissions": {
+    "message": "Permisiuni Admin"
+  },
   "accessEventLogs": {
     "message": "Acces la jurnalele de evenimente"
   },
diff --git a/apps/web/src/locales/ru/messages.json b/apps/web/src/locales/ru/messages.json
index 9039b0e70c84..e6a40602e3b3 100644
--- a/apps/web/src/locales/ru/messages.json
+++ b/apps/web/src/locales/ru/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Разрешения"
   },
+  "managerPermissions": {
+    "message": "Права менеджера"
+  },
+  "adminPermissions": {
+    "message": "Права администратора"
+  },
   "accessEventLogs": {
     "message": "Доступ к журналам событий"
   },
diff --git a/apps/web/src/locales/si/messages.json b/apps/web/src/locales/si/messages.json
index ae91788759df..26e5893ffcef 100644
--- a/apps/web/src/locales/si/messages.json
+++ b/apps/web/src/locales/si/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/sk/messages.json b/apps/web/src/locales/sk/messages.json
index a90a35f09739..0a76deafa2c5 100644
--- a/apps/web/src/locales/sk/messages.json
+++ b/apps/web/src/locales/sk/messages.json
@@ -1523,14 +1523,14 @@
     "message": "Reporty"
   },
   "reportsDesc": {
-    "message": "Identify and close security gaps in your online accounts by clicking the reports below.",
+    "message": "Identifikujte a opravte bezpečnostné nedostatky kliknutím na reporty nižšie.",
     "description": "Vault Health Reports can be used to evaluate the security of your Bitwarden Personal or Organization Vault."
   },
   "unsecuredWebsitesReport": {
     "message": "Nezabezpečené stránky"
   },
   "unsecuredWebsitesReportDesc": {
-    "message": "URLs that start with http:// don’t use the best available encryption. Change the Login URIs for these accounts to https:// for safer browsing."
+    "message": "URL, ktoré začínajú s http:// nepoužívajú najlepšie dostupné šifrovanie. Upravte URL prihlásenia pre tieto kontá na https:// pre bezpečnejšie surfovanie na internete."
   },
   "unsecuredWebsitesFound": {
     "message": "Našli sa nezabezpečené stránky"
@@ -1575,7 +1575,7 @@
     "message": "Uniknuté heslá"
   },
   "exposedPasswordsReportDesc": {
-    "message": "Passwords exposed in a data breach are easy targets for attackers. Change these passwords to prevent potential break-ins."
+    "message": "Heslá odhalené pri úniku dát sú pre útočníkov jednoduchým cieľom. Zmeňte tieto heslá aby ste sa vyhli možnému vlámaniu."
   },
   "exposedPasswordsFound": {
     "message": "Našli sme uniknuté heslá"
@@ -1608,7 +1608,7 @@
     "message": "Slabé heslá"
   },
   "weakPasswordsReportDesc": {
-    "message": "Weak passwords can be easily guessed by attackers. Change these passwords to strong ones using the Password Generator."
+    "message": "Jednoduché heslá môže útočník ľahko uhádnuť. Vymeňte tieto heslá za silné s použitím Generátora Hesiel."
   },
   "weakPasswordsFound": {
     "message": "Našli sa slabé heslá"
@@ -1629,7 +1629,7 @@
     "message": "Viacnásobne použité heslá"
   },
   "reusedPasswordsReportDesc": {
-    "message": "Reusing passwords makes it easier for attackers to break into multiple accounts. Change these passwords so that each is unique."
+    "message": "Opakované používanie hesiel uľahčuje útočníkom vlámať sa do viacerých účtov. Zmeňte si tieto heslá tak aby bolo každé unikátne."
   },
   "reusedPasswordsFound": {
     "message": "Našli sa viacnásobne použité heslá"
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Povolenia"
   },
+  "managerPermissions": {
+    "message": "Oprávnenia manažéra"
+  },
+  "adminPermissions": {
+    "message": "Oprávnenia správcu"
+  },
   "accessEventLogs": {
     "message": "Prístup k protokolom udalostí"
   },
diff --git a/apps/web/src/locales/sl/messages.json b/apps/web/src/locales/sl/messages.json
index b98db470a0cc..2290771cdf47 100644
--- a/apps/web/src/locales/sl/messages.json
+++ b/apps/web/src/locales/sl/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/sr/messages.json b/apps/web/src/locales/sr/messages.json
index 53726c7c596f..77530eb13401 100644
--- a/apps/web/src/locales/sr/messages.json
+++ b/apps/web/src/locales/sr/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Дозволе"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Приступе извештаја догађаја"
   },
diff --git a/apps/web/src/locales/sr_CS/messages.json b/apps/web/src/locales/sr_CS/messages.json
index ad332f42106c..73b53363e46e 100644
--- a/apps/web/src/locales/sr_CS/messages.json
+++ b/apps/web/src/locales/sr_CS/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/sv/messages.json b/apps/web/src/locales/sv/messages.json
index 9b9f40897cc4..2812a6047f9d 100644
--- a/apps/web/src/locales/sv/messages.json
+++ b/apps/web/src/locales/sv/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Behörigheter"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Åtkomst till händelseloggar"
   },
diff --git a/apps/web/src/locales/tr/messages.json b/apps/web/src/locales/tr/messages.json
index e186527ed53c..e40011655b05 100644
--- a/apps/web/src/locales/tr/messages.json
+++ b/apps/web/src/locales/tr/messages.json
@@ -2428,7 +2428,7 @@
     "message": "Kuruluşunuzda atanmış koleksiyonlara erişimi olan normal bir kullanıcı."
   },
   "manager": {
-    "message": "Yönetici"
+    "message": "Yetkili"
   },
   "managerDesc": {
     "message": "Yetkililer kuruluşunuzdaki kendilerine atanmış koleksiyonlara erişebilir ve onları yönetebilir."
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "İzinler"
   },
+  "managerPermissions": {
+    "message": "Yetkili İzinleri"
+  },
+  "adminPermissions": {
+    "message": "Yönetici İzinleri"
+  },
   "accessEventLogs": {
     "message": "Olay günlüklerine erişme"
   },
diff --git a/apps/web/src/locales/uk/messages.json b/apps/web/src/locales/uk/messages.json
index d866fc6512ba..b774c28e2987 100644
--- a/apps/web/src/locales/uk/messages.json
+++ b/apps/web/src/locales/uk/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Дозволи"
   },
+  "managerPermissions": {
+    "message": "Дозволи менеджера"
+  },
+  "adminPermissions": {
+    "message": "Дозволи адміністратора"
+  },
   "accessEventLogs": {
     "message": "Доступ до журналів подій"
   },
diff --git a/apps/web/src/locales/vi/messages.json b/apps/web/src/locales/vi/messages.json
index 7842e65b5fe2..dfad84612e82 100644
--- a/apps/web/src/locales/vi/messages.json
+++ b/apps/web/src/locales/vi/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "Permissions"
   },
+  "managerPermissions": {
+    "message": "Manager Permissions"
+  },
+  "adminPermissions": {
+    "message": "Admin Permissions"
+  },
   "accessEventLogs": {
     "message": "Access Event Logs"
   },
diff --git a/apps/web/src/locales/zh_CN/messages.json b/apps/web/src/locales/zh_CN/messages.json
index 2fec98de3fb0..3e7d64fa465d 100644
--- a/apps/web/src/locales/zh_CN/messages.json
+++ b/apps/web/src/locales/zh_CN/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "权限"
   },
+  "managerPermissions": {
+    "message": "经理权限"
+  },
+  "adminPermissions": {
+    "message": "管理员权限"
+  },
   "accessEventLogs": {
     "message": "访问事件日志"
   },
diff --git a/apps/web/src/locales/zh_TW/messages.json b/apps/web/src/locales/zh_TW/messages.json
index b9ba520df1ed..a125fe17477a 100644
--- a/apps/web/src/locales/zh_TW/messages.json
+++ b/apps/web/src/locales/zh_TW/messages.json
@@ -4057,6 +4057,12 @@
   "permissions": {
     "message": "權限"
   },
+  "managerPermissions": {
+    "message": "權限管理"
+  },
+  "adminPermissions": {
+    "message": "管理員權限"
+  },
   "accessEventLogs": {
     "message": "存取事件紀錄"
   },
diff --git a/apps/web/src/utils/flags.ts b/apps/web/src/utils/flags.ts
index 5cc3b930bb43..195bc8e5f540 100644
--- a/apps/web/src/utils/flags.ts
+++ b/apps/web/src/utils/flags.ts
@@ -10,6 +10,7 @@ import {
 /* eslint-disable-next-line @typescript-eslint/ban-types */
 export type Flags = {
   showTrial?: boolean;
+  showPasswordless?: boolean;
 } & SharedFlags;
 
 // required to avoid linting errors when there are no flags
diff --git a/libs/angular/src/components/login.component.ts b/libs/angular/src/components/login.component.ts
index 1c7a8c2332d0..1bc2e8ed8715 100644
--- a/libs/angular/src/components/login.component.ts
+++ b/libs/angular/src/components/login.component.ts
@@ -1,10 +1,15 @@
-import { Directive, Input, NgZone, OnInit } from "@angular/core";
+import { Directive, NgZone, OnInit } from "@angular/core";
+import { FormBuilder, Validators } from "@angular/forms";
 import { Router } from "@angular/router";
 import { take } from "rxjs/operators";
 
 import { AuthService } from "@bitwarden/common/abstractions/auth.service";
 import { CryptoFunctionService } from "@bitwarden/common/abstractions/cryptoFunction.service";
 import { EnvironmentService } from "@bitwarden/common/abstractions/environment.service";
+import {
+  AllValidationErrors,
+  FormValidationErrorsService,
+} from "@bitwarden/common/abstractions/formValidationErrors.service";
 import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/abstractions/log.service";
 import { PasswordGenerationService } from "@bitwarden/common/abstractions/passwordGeneration.service";
@@ -18,16 +23,19 @@ import { CaptchaProtectedComponent } from "./captchaProtected.component";
 
 @Directive()
 export class LoginComponent extends CaptchaProtectedComponent implements OnInit {
-  @Input() email = "";
-  @Input() rememberEmail = true;
-
-  masterPassword = "";
   showPassword = false;
   formPromise: Promise<AuthResult>;
   onSuccessfulLogin: () => Promise<any>;
   onSuccessfulLoginNavigate: () => Promise<any>;
   onSuccessfulLoginTwoFactorNavigate: () => Promise<any>;
   onSuccessfulLoginForceResetNavigate: () => Promise<any>;
+  selfHosted = false;
+
+  formGroup = this.formBuilder.group({
+    email: ["", [Validators.required, Validators.email]],
+    masterPassword: ["", [Validators.required, Validators.minLength(8)]],
+    rememberEmail: [true],
+  });
 
   protected twoFactorRoute = "2fa";
   protected successRoute = "vault";
@@ -44,9 +52,12 @@ export class LoginComponent extends CaptchaProtectedComponent implements OnInit
     protected passwordGenerationService: PasswordGenerationService,
     protected cryptoFunctionService: CryptoFunctionService,
     protected logService: LogService,
-    protected ngZone: NgZone
+    protected ngZone: NgZone,
+    protected formBuilder: FormBuilder,
+    protected formValidationErrorService: FormValidationErrorsService
   ) {
     super(environmentService, i18nService, platformUtilsService);
+    this.selfHosted = platformUtilsService.isSelfHost();
   }
 
   get selfHostedDomain() {
@@ -54,59 +65,53 @@ export class LoginComponent extends CaptchaProtectedComponent implements OnInit
   }
 
   async ngOnInit() {
-    if (this.email == null || this.email === "") {
-      this.email = await this.stateService.getRememberedEmail();
-      if (this.email == null) {
-        this.email = "";
+    let email = this.formGroup.get("email")?.value;
+    if (email == null || email === "") {
+      email = await this.stateService.getRememberedEmail();
+      this.formGroup.get("email")?.setValue(email);
+
+      if (email == null) {
+        this.formGroup.get("email")?.setValue("");
       }
     }
     if (!this.alwaysRememberEmail) {
-      this.rememberEmail = (await this.stateService.getRememberedEmail()) != null;
-    }
-    if (Utils.isBrowser && !Utils.isNode) {
-      this.focusInput();
+      const rememberEmail = (await this.stateService.getRememberedEmail()) != null;
+      this.formGroup.get("rememberEmail")?.setValue(rememberEmail);
     }
   }
 
-  async submit() {
+  async submit(showToast = true) {
+    const email = this.formGroup.get("email")?.value;
+    const masterPassword = this.formGroup.get("masterPassword")?.value;
+    const rememberEmail = this.formGroup.get("rememberEmail")?.value;
+
     await this.setupCaptcha();
 
-    if (this.email == null || this.email === "") {
-      this.platformUtilsService.showToast(
-        "error",
-        this.i18nService.t("errorOccurred"),
-        this.i18nService.t("emailRequired")
-      );
-      return;
-    }
-    if (this.email.indexOf("@") === -1) {
-      this.platformUtilsService.showToast(
-        "error",
-        this.i18nService.t("errorOccurred"),
-        this.i18nService.t("invalidEmail")
-      );
+    this.formGroup.markAllAsTouched();
+
+    //web
+    if (this.formGroup.invalid && !showToast) {
       return;
     }
-    if (this.masterPassword == null || this.masterPassword === "") {
-      this.platformUtilsService.showToast(
-        "error",
-        this.i18nService.t("errorOccurred"),
-        this.i18nService.t("masterPasswordRequired")
-      );
+
+    //desktop, browser; This should be removed once all clients use reactive forms
+    if (this.formGroup.invalid && showToast) {
+      const errorText = this.getErrorToastMessage();
+      this.platformUtilsService.showToast("error", this.i18nService.t("errorOccurred"), errorText);
       return;
     }
 
     try {
       const credentials = new PasswordLogInCredentials(
-        this.email,
-        this.masterPassword,
+        email,
+        masterPassword,
         this.captchaToken,
         null
       );
       this.formPromise = this.authService.logIn(credentials);
       const response = await this.formPromise;
-      if (this.rememberEmail || this.alwaysRememberEmail) {
-        await this.stateService.setRememberedEmail(this.email);
+      if (rememberEmail || this.alwaysRememberEmail) {
+        await this.stateService.setRememberedEmail(email);
       } else {
         await this.stateService.setRememberedEmail(null);
       }
@@ -188,9 +193,30 @@ export class LoginComponent extends CaptchaProtectedComponent implements OnInit
     );
   }
 
+  private getErrorToastMessage() {
+    const error: AllValidationErrors = this.formValidationErrorService
+      .getFormValidationErrors(this.formGroup.controls)
+      .shift();
+
+    if (error) {
+      switch (error.errorName) {
+        case "email":
+          return this.i18nService.t("invalidEmail");
+        default:
+          return this.i18nService.t(this.errorTag(error));
+      }
+    }
+
+    return;
+  }
+
+  private errorTag(error: AllValidationErrors): string {
+    const name = error.errorName.charAt(0).toUpperCase() + error.errorName.slice(1);
+    return `${error.controlName}${name}`;
+  }
+
   protected focusInput() {
-    document
-      .getElementById(this.email == null || this.email === "" ? "email" : "masterPassword")
-      .focus();
+    const email = this.formGroup.get("email")?.value;
+    document.getElementById(email == null || email === "" ? "email" : "masterPassword").focus();
   }
 }
diff --git a/libs/angular/src/services/jslib-services.module.ts b/libs/angular/src/services/jslib-services.module.ts
index b76ad9a5903b..b53aac0866a8 100644
--- a/libs/angular/src/services/jslib-services.module.ts
+++ b/libs/angular/src/services/jslib-services.module.ts
@@ -5,6 +5,7 @@ import { AbstractThemingService } from "@bitwarden/angular/services/theming/them
 import { AbstractEncryptService } from "@bitwarden/common/abstractions/abstractEncrypt.service";
 import { AccountApiService as AccountApiServiceAbstraction } from "@bitwarden/common/abstractions/account/account-api.service.abstraction";
 import { AccountService as AccountServiceAbstraction } from "@bitwarden/common/abstractions/account/account.service.abstraction";
+import { AnonymousHubService as AnonymousHubServiceAbstraction } from "@bitwarden/common/abstractions/anonymousHub.service";
 import { ApiService as ApiServiceAbstraction } from "@bitwarden/common/abstractions/api.service";
 import { AppIdService as AppIdServiceAbstraction } from "@bitwarden/common/abstractions/appId.service";
 import { AuditService as AuditServiceAbstraction } from "@bitwarden/common/abstractions/audit.service";
@@ -62,6 +63,7 @@ import { Account } from "@bitwarden/common/models/domain/account";
 import { GlobalState } from "@bitwarden/common/models/domain/globalState";
 import { AccountApiService } from "@bitwarden/common/services/account/account-api.service";
 import { AccountService } from "@bitwarden/common/services/account/account.service";
+import { AnonymousHubService } from "@bitwarden/common/services/anonymousHub.service";
 import { ApiService } from "@bitwarden/common/services/api.service";
 import { AppIdService } from "@bitwarden/common/services/appId.service";
 import { AuditService } from "@bitwarden/common/services/audit.service";
@@ -544,6 +546,11 @@ import { ValidationService } from "./validation.service";
       useClass: ConfigApiService,
       deps: [ApiServiceAbstraction],
     },
+    {
+      provide: AnonymousHubServiceAbstraction,
+      useClass: AnonymousHubService,
+      deps: [EnvironmentServiceAbstraction, AuthServiceAbstraction, LogService],
+    },
   ],
 })
 export class JslibServicesModule {}
diff --git a/libs/common/spec/importers/bitwardenPasswordProtectedImporter.spec.ts b/libs/common/spec/importers/bitwardenPasswordProtectedImporter.spec.ts
index 820f8db38cc8..67e03d030c55 100644
--- a/libs/common/spec/importers/bitwardenPasswordProtectedImporter.spec.ts
+++ b/libs/common/spec/importers/bitwardenPasswordProtectedImporter.spec.ts
@@ -1,4 +1,4 @@
-import Substitute, { Arg, SubstituteOf } from "@fluffy-spoon/substitute";
+import { Substitute, Arg, SubstituteOf } from "@fluffy-spoon/substitute";
 
 import { CryptoService } from "@bitwarden/common/abstractions/crypto.service";
 import { I18nService } from "@bitwarden/common/abstractions/i18n.service";
diff --git a/libs/common/spec/misc/utils.spec.ts b/libs/common/spec/misc/utils.spec.ts
index d4dbac958a86..3978f9cfed8f 100644
--- a/libs/common/spec/misc/utils.spec.ts
+++ b/libs/common/spec/misc/utils.spec.ts
@@ -70,4 +70,10 @@ describe("Utils Service", () => {
       expect(Utils.newGuid()).toMatch(validGuid);
     });
   });
+
+  describe("fromByteStringToArray", () => {
+    it("should handle null", () => {
+      expect(Utils.fromByteStringToArray(null)).toEqual(null);
+    });
+  });
 });
diff --git a/libs/common/spec/models/domain/cipher.spec.ts b/libs/common/spec/models/domain/cipher.spec.ts
index c7c0d36714fd..0158945d8ce8 100644
--- a/libs/common/spec/models/domain/cipher.spec.ts
+++ b/libs/common/spec/models/domain/cipher.spec.ts
@@ -1,4 +1,4 @@
-import Substitute, { Arg } from "@fluffy-spoon/substitute";
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
 
 import { CipherRepromptType } from "@bitwarden/common/enums/cipherRepromptType";
 import { CipherType } from "@bitwarden/common/enums/cipherType";
diff --git a/libs/common/spec/models/domain/encString.spec.ts b/libs/common/spec/models/domain/encString.spec.ts
index adcfaf0706e9..413d091d68bc 100644
--- a/libs/common/spec/models/domain/encString.spec.ts
+++ b/libs/common/spec/models/domain/encString.spec.ts
@@ -1,4 +1,4 @@
-import Substitute, { Arg } from "@fluffy-spoon/substitute";
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
 import { mock, MockProxy } from "jest-mock-extended";
 
 import { AbstractEncryptService } from "@bitwarden/common/abstractions/abstractEncrypt.service";
diff --git a/libs/common/spec/models/domain/login.spec.ts b/libs/common/spec/models/domain/login.spec.ts
index 6021a4b2908d..b2235e758313 100644
--- a/libs/common/spec/models/domain/login.spec.ts
+++ b/libs/common/spec/models/domain/login.spec.ts
@@ -1,4 +1,4 @@
-import Substitute, { Arg } from "@fluffy-spoon/substitute";
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
 
 import { UriMatchType } from "@bitwarden/common/enums/uriMatchType";
 import { LoginData } from "@bitwarden/common/models/data/loginData";
diff --git a/libs/common/spec/models/domain/send.spec.ts b/libs/common/spec/models/domain/send.spec.ts
index 575821abc961..903043f86c83 100644
--- a/libs/common/spec/models/domain/send.spec.ts
+++ b/libs/common/spec/models/domain/send.spec.ts
@@ -1,4 +1,4 @@
-import Substitute, { Arg, SubstituteOf } from "@fluffy-spoon/substitute";
+import { Substitute, Arg, SubstituteOf } from "@fluffy-spoon/substitute";
 
 import { AbstractEncryptService } from "@bitwarden/common/abstractions/abstractEncrypt.service";
 import { CryptoService } from "@bitwarden/common/abstractions/crypto.service";
diff --git a/libs/common/spec/models/domain/sendAccess.spec.ts b/libs/common/spec/models/domain/sendAccess.spec.ts
index 7772fe428ac8..32b01d13fd40 100644
--- a/libs/common/spec/models/domain/sendAccess.spec.ts
+++ b/libs/common/spec/models/domain/sendAccess.spec.ts
@@ -1,4 +1,4 @@
-import Substitute, { Arg } from "@fluffy-spoon/substitute";
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
 
 import { SendType } from "@bitwarden/common/enums/sendType";
 import { SendAccess } from "@bitwarden/common/models/domain/sendAccess";
diff --git a/libs/common/spec/services/import.service.spec.ts b/libs/common/spec/services/import.service.spec.ts
index 654c1b6124fd..2b47518bc5dc 100644
--- a/libs/common/spec/services/import.service.spec.ts
+++ b/libs/common/spec/services/import.service.spec.ts
@@ -1,4 +1,4 @@
-import Substitute, { SubstituteOf } from "@fluffy-spoon/substitute";
+import { Substitute, SubstituteOf } from "@fluffy-spoon/substitute";
 
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { CipherService } from "@bitwarden/common/abstractions/cipher.service";
diff --git a/libs/common/spec/services/state.service.spec.ts b/libs/common/spec/services/state.service.spec.ts
deleted file mode 100644
index a6f76ab4fc07..000000000000
--- a/libs/common/spec/services/state.service.spec.ts
+++ /dev/null
@@ -1,82 +0,0 @@
-import { Arg, Substitute, SubstituteOf } from "@fluffy-spoon/substitute";
-
-import { LogService } from "@bitwarden/common/abstractions/log.service";
-import { AbstractStorageService } from "@bitwarden/common/abstractions/storage.service";
-import { StateFactory } from "@bitwarden/common/factories/stateFactory";
-import { Account } from "@bitwarden/common/models/domain/account";
-import { GlobalState } from "@bitwarden/common/models/domain/globalState";
-import { State } from "@bitwarden/common/models/domain/state";
-import { StorageOptions } from "@bitwarden/common/models/domain/storageOptions";
-import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
-import { StateService } from "@bitwarden/common/services/state.service";
-import { StateMigrationService } from "@bitwarden/common/services/stateMigration.service";
-
-describe("Browser State Service backed by chrome.storage api", () => {
-  let secureStorageService: SubstituteOf<AbstractStorageService>;
-  let diskStorageService: SubstituteOf<AbstractStorageService>;
-  let memoryStorageService: SubstituteOf<AbstractStorageService>;
-  let logService: SubstituteOf<LogService>;
-  let stateMigrationService: SubstituteOf<StateMigrationService>;
-  let stateFactory: SubstituteOf<StateFactory<GlobalState, Account>>;
-  let useAccountCache: boolean;
-
-  let state: State<GlobalState, Account>;
-  const userId = "userId";
-
-  let sut: StateService;
-
-  beforeEach(() => {
-    secureStorageService = Substitute.for();
-    diskStorageService = Substitute.for();
-    memoryStorageService = Substitute.for();
-    logService = Substitute.for();
-    stateMigrationService = Substitute.for();
-    stateFactory = Substitute.for();
-    useAccountCache = true;
-
-    state = new State(new GlobalState());
-    const stateGetter = (key: string) => Promise.resolve(JSON.parse(JSON.stringify(state)));
-    memoryStorageService.get("state").mimicks(stateGetter);
-    memoryStorageService
-      .save("state", Arg.any(), Arg.any())
-      .mimicks((key: string, obj: any, options: StorageOptions) => {
-        return new Promise(() => {
-          state = obj;
-        });
-      });
-
-    sut = new StateService(
-      diskStorageService,
-      secureStorageService,
-      memoryStorageService,
-      logService,
-      stateMigrationService,
-      stateFactory,
-      useAccountCache
-    );
-  });
-
-  describe("account state getters", () => {
-    beforeEach(() => {
-      state.accounts[userId] = createAccount(userId);
-      state.activeUserId = userId;
-    });
-
-    describe("getCryptoMasterKey", () => {
-      it("should return the stored SymmetricCryptoKey", async () => {
-        const key = new SymmetricCryptoKey(new Uint8Array(32).buffer);
-        state.accounts[userId].keys.cryptoMasterKey = key;
-
-        const actual = await sut.getCryptoMasterKey();
-        expect(actual).toBeInstanceOf(SymmetricCryptoKey);
-        expect(actual).toMatchObject(key);
-      });
-    });
-  });
-
-  function createAccount(userId: string): Account {
-    return new Account({
-      profile: { userId: userId },
-    });
-  }
-});
diff --git a/libs/common/spec/services/stateMigration.service.spec.ts b/libs/common/spec/services/stateMigration.service.spec.ts
index e306e64e29b2..b0188abacce9 100644
--- a/libs/common/spec/services/stateMigration.service.spec.ts
+++ b/libs/common/spec/services/stateMigration.service.spec.ts
@@ -116,8 +116,8 @@ describe("State Migration Service", () => {
                 key: "orgThreeEncKey",
               },
             },
-          },
-        },
+          } as any,
+        } as any,
       });
 
       const migratedAccount = await (stateMigrationService as any).migrateAccountFrom4To5(
diff --git a/libs/common/spec/utils.ts b/libs/common/spec/utils.ts
index 0ea16b4d725d..4f9dc4076f19 100644
--- a/libs/common/spec/utils.ts
+++ b/libs/common/spec/utils.ts
@@ -1,4 +1,4 @@
-import Substitute, { Arg } from "@fluffy-spoon/substitute";
+import { Substitute, Arg } from "@fluffy-spoon/substitute";
 
 import { EncString } from "@bitwarden/common/models/domain/encString";
 
diff --git a/libs/common/spec/web/services/webCryptoFunction.service.spec.ts b/libs/common/spec/web/services/webCryptoFunction.service.spec.ts
index 964364a1fafe..ce131472d4ba 100644
--- a/libs/common/spec/web/services/webCryptoFunction.service.spec.ts
+++ b/libs/common/spec/web/services/webCryptoFunction.service.spec.ts
@@ -1,4 +1,4 @@
-import Substitute from "@fluffy-spoon/substitute";
+import { Substitute } from "@fluffy-spoon/substitute";
 
 import { PlatformUtilsService } from "@bitwarden/common/abstractions/platformUtils.service";
 import { Utils } from "@bitwarden/common/misc/utils";
diff --git a/libs/common/src/abstractions/anonymousHub.service.ts b/libs/common/src/abstractions/anonymousHub.service.ts
new file mode 100644
index 000000000000..43bdabd512c9
--- /dev/null
+++ b/libs/common/src/abstractions/anonymousHub.service.ts
@@ -0,0 +1,4 @@
+export abstract class AnonymousHubService {
+  createHubConnection: (token: string) => void;
+  stopHubConnection: () => void;
+}
diff --git a/libs/common/src/abstractions/api.service.ts b/libs/common/src/abstractions/api.service.ts
index f08e5c34af82..06d3f5b4eba5 100644
--- a/libs/common/src/abstractions/api.service.ts
+++ b/libs/common/src/abstractions/api.service.ts
@@ -46,6 +46,7 @@ import { OrganizationUserUpdateGroupsRequest } from "../models/request/organizat
 import { OrganizationUserUpdateRequest } from "../models/request/organizationUserUpdateRequest";
 import { PasswordHintRequest } from "../models/request/passwordHintRequest";
 import { PasswordRequest } from "../models/request/passwordRequest";
+import { PasswordlessCreateAuthRequest } from "../models/request/passwordlessCreateAuthRequest";
 import { PaymentRequest } from "../models/request/paymentRequest";
 import { PreloginRequest } from "../models/request/preloginRequest";
 import { ProviderAddOrganizationRequest } from "../models/request/provider/providerAddOrganizationRequest";
@@ -84,6 +85,7 @@ import { VerifyEmailRequest } from "../models/request/verifyEmailRequest";
 import { ApiKeyResponse } from "../models/response/apiKeyResponse";
 import { AttachmentResponse } from "../models/response/attachmentResponse";
 import { AttachmentUploadDataResponse } from "../models/response/attachmentUploadDataResponse";
+import { AuthRequestResponse } from "../models/response/authRequestResponse";
 import { RegisterResponse } from "../models/response/authentication/registerResponse";
 import { BillingHistoryResponse } from "../models/response/billingHistoryResponse";
 import { BillingPaymentResponse } from "../models/response/billingPaymentResponse";
@@ -210,6 +212,9 @@ export abstract class ApiService {
   postUserRotateApiKey: (id: string, request: SecretVerificationRequest) => Promise<ApiKeyResponse>;
   putUpdateTempPassword: (request: UpdateTempPasswordRequest) => Promise<any>;
   postConvertToKeyConnector: () => Promise<void>;
+  //passwordless
+  postAuthRequest: (request: PasswordlessCreateAuthRequest) => Promise<AuthRequestResponse>;
+  getAuthResponse: (id: string, accessCode: string) => Promise<AuthRequestResponse>;
 
   getUserBillingHistory: () => Promise<BillingHistoryResponse>;
   getUserBillingPayment: () => Promise<BillingPaymentResponse>;
diff --git a/libs/common/src/abstractions/auth.service.ts b/libs/common/src/abstractions/auth.service.ts
index 4947f21708bc..bbe1c01bf29d 100644
--- a/libs/common/src/abstractions/auth.service.ts
+++ b/libs/common/src/abstractions/auth.service.ts
@@ -1,18 +1,26 @@
+import { Observable } from "rxjs";
+
 import { AuthenticationStatus } from "../enums/authenticationStatus";
 import { AuthResult } from "../models/domain/authResult";
 import {
   ApiLogInCredentials,
   PasswordLogInCredentials,
   SsoLogInCredentials,
+  PasswordlessLogInCredentials,
 } from "../models/domain/logInCredentials";
 import { SymmetricCryptoKey } from "../models/domain/symmetricCryptoKey";
 import { TokenRequestTwoFactor } from "../models/request/identityToken/tokenRequestTwoFactor";
+import { AuthRequestPushNotification } from "../models/response/notificationResponse";
 
 export abstract class AuthService {
   masterPasswordHash: string;
   email: string;
   logIn: (
-    credentials: ApiLogInCredentials | PasswordLogInCredentials | SsoLogInCredentials
+    credentials:
+      | ApiLogInCredentials
+      | PasswordLogInCredentials
+      | SsoLogInCredentials
+      | PasswordlessLogInCredentials
   ) => Promise<AuthResult>;
   logInTwoFactor: (
     twoFactor: TokenRequestTwoFactor,
@@ -24,4 +32,7 @@ export abstract class AuthService {
   authingWithSso: () => boolean;
   authingWithPassword: () => boolean;
   getAuthStatus: (userId?: string) => Promise<AuthenticationStatus>;
+  authResponsePushNotifiction: (notification: AuthRequestPushNotification) => Promise<any>;
+
+  getPushNotifcationObs$: () => Observable<any>;
 }
diff --git a/libs/common/src/abstractions/state.service.ts b/libs/common/src/abstractions/state.service.ts
index b7e5aa7c2454..58e342238d19 100644
--- a/libs/common/src/abstractions/state.service.ts
+++ b/libs/common/src/abstractions/state.service.ts
@@ -78,8 +78,6 @@ export abstract class StateService<T extends Account = Account> {
   getCryptoMasterKeyBiometric: (options?: StorageOptions) => Promise<string>;
   hasCryptoMasterKeyBiometric: (options?: StorageOptions) => Promise<boolean>;
   setCryptoMasterKeyBiometric: (value: string, options?: StorageOptions) => Promise<void>;
-  getDecodedToken: (options?: StorageOptions) => Promise<any>;
-  setDecodedToken: (value: any, options?: StorageOptions) => Promise<void>;
   getDecryptedCiphers: (options?: StorageOptions) => Promise<CipherView[]>;
   setDecryptedCiphers: (value: CipherView[], options?: StorageOptions) => Promise<void>;
   getDecryptedCollections: (options?: StorageOptions) => Promise<CollectionView[]>;
@@ -147,6 +145,8 @@ export abstract class StateService<T extends Account = Account> {
   setDontShowCardsCurrentTab: (value: boolean, options?: StorageOptions) => Promise<void>;
   getDontShowIdentitiesCurrentTab: (options?: StorageOptions) => Promise<boolean>;
   setDontShowIdentitiesCurrentTab: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getDuckDuckGoSharedKey: (options?: StorageOptions) => Promise<string>;
+  setDuckDuckGoSharedKey: (value: string, options?: StorageOptions) => Promise<void>;
   getEmail: (options?: StorageOptions) => Promise<string>;
   setEmail: (value: string, options?: StorageOptions) => Promise<void>;
   getEmailVerified: (options?: StorageOptions) => Promise<boolean>;
@@ -166,6 +166,11 @@ export abstract class StateService<T extends Account = Account> {
   ) => Promise<void>;
   getEnableCloseToTray: (options?: StorageOptions) => Promise<boolean>;
   setEnableCloseToTray: (value: boolean, options?: StorageOptions) => Promise<void>;
+  getEnableDuckDuckGoBrowserIntegration: (options?: StorageOptions) => Promise<boolean>;
+  setEnableDuckDuckGoBrowserIntegration: (
+    value: boolean,
+    options?: StorageOptions
+  ) => Promise<void>;
   getEnableFullWidth: (options?: StorageOptions) => Promise<boolean>;
   setEnableFullWidth: (value: boolean, options?: StorageOptions) => Promise<void>;
   getEnableGravitars: (options?: StorageOptions) => Promise<boolean>;
diff --git a/libs/common/src/abstractions/storage.service.ts b/libs/common/src/abstractions/storage.service.ts
index 5cff9fdac60b..31506f4302bd 100644
--- a/libs/common/src/abstractions/storage.service.ts
+++ b/libs/common/src/abstractions/storage.service.ts
@@ -1,4 +1,4 @@
-import { StorageOptions } from "../models/domain/storageOptions";
+import { MemoryStorageOptions, StorageOptions } from "../models/domain/storageOptions";
 
 export abstract class AbstractStorageService {
   abstract get<T>(key: string, options?: StorageOptions): Promise<T>;
@@ -8,5 +8,9 @@ export abstract class AbstractStorageService {
 }
 
 export abstract class AbstractCachedStorageService extends AbstractStorageService {
-  abstract getBypassCache<T>(key: string, options?: StorageOptions): Promise<T>;
+  abstract getBypassCache<T>(key: string, options?: MemoryStorageOptions<T>): Promise<T>;
+}
+
+export interface MemoryStorageServiceInterface {
+  get<T>(key: string, options?: MemoryStorageOptions<T>): Promise<T>;
 }
diff --git a/libs/common/src/enums/authRequestType.ts b/libs/common/src/enums/authRequestType.ts
new file mode 100644
index 000000000000..4edfa5b8889e
--- /dev/null
+++ b/libs/common/src/enums/authRequestType.ts
@@ -0,0 +1,4 @@
+export enum AuthRequestType {
+  AuthenticateAndUnlock = 0,
+  Unlock = 1,
+}
diff --git a/libs/common/src/enums/authenticationType.ts b/libs/common/src/enums/authenticationType.ts
index ed7375c8085f..5133c4f648ea 100644
--- a/libs/common/src/enums/authenticationType.ts
+++ b/libs/common/src/enums/authenticationType.ts
@@ -2,4 +2,5 @@ export enum AuthenticationType {
   Password = 0,
   Sso = 1,
   Api = 2,
+  Passwordless = 3,
 }
diff --git a/libs/common/src/enums/nativeMessagingVersion.ts b/libs/common/src/enums/nativeMessagingVersion.ts
new file mode 100644
index 000000000000..f7cf411a40a8
--- /dev/null
+++ b/libs/common/src/enums/nativeMessagingVersion.ts
@@ -0,0 +1,4 @@
+export enum NativeMessagingVersion {
+  One = 1, // Original implementation
+  Latest = One,
+}
diff --git a/libs/common/src/enums/notificationType.ts b/libs/common/src/enums/notificationType.ts
index 77ebde01fc57..457ad174cad7 100644
--- a/libs/common/src/enums/notificationType.ts
+++ b/libs/common/src/enums/notificationType.ts
@@ -17,4 +17,7 @@ export enum NotificationType {
   SyncSendCreate = 12,
   SyncSendUpdate = 13,
   SyncSendDelete = 14,
+
+  AuthRequest = 15,
+  AuthRequestResponse = 16,
 }
diff --git a/libs/common/src/misc/logInStrategies/logIn.strategy.ts b/libs/common/src/misc/logInStrategies/logIn.strategy.ts
index 8615700681b8..577130156f7a 100644
--- a/libs/common/src/misc/logInStrategies/logIn.strategy.ts
+++ b/libs/common/src/misc/logInStrategies/logIn.strategy.ts
@@ -14,6 +14,7 @@ import {
   ApiLogInCredentials,
   PasswordLogInCredentials,
   SsoLogInCredentials,
+  PasswordlessLogInCredentials,
 } from "../../models/domain/logInCredentials";
 import { DeviceRequest } from "../../models/request/deviceRequest";
 import { ApiTokenRequest } from "../../models/request/identityToken/apiTokenRequest";
@@ -42,7 +43,11 @@ export abstract class LogInStrategy {
   ) {}
 
   abstract logIn(
-    credentials: ApiLogInCredentials | PasswordLogInCredentials | SsoLogInCredentials
+    credentials:
+      | ApiLogInCredentials
+      | PasswordLogInCredentials
+      | SsoLogInCredentials
+      | PasswordlessLogInCredentials
   ): Promise<AuthResult>;
 
   async logInTwoFactor(
diff --git a/libs/common/src/misc/logInStrategies/passwordlessLogin.strategy.ts b/libs/common/src/misc/logInStrategies/passwordlessLogin.strategy.ts
new file mode 100644
index 000000000000..0acc4a49f00c
--- /dev/null
+++ b/libs/common/src/misc/logInStrategies/passwordlessLogin.strategy.ts
@@ -0,0 +1,86 @@
+import { ApiService } from "../../abstractions/api.service";
+import { AppIdService } from "../../abstractions/appId.service";
+import { AuthService } from "../../abstractions/auth.service";
+import { CryptoService } from "../../abstractions/crypto.service";
+import { LogService } from "../../abstractions/log.service";
+import { MessagingService } from "../../abstractions/messaging.service";
+import { PlatformUtilsService } from "../../abstractions/platformUtils.service";
+import { StateService } from "../../abstractions/state.service";
+import { TokenService } from "../../abstractions/token.service";
+import { TwoFactorService } from "../../abstractions/twoFactor.service";
+import { AuthResult } from "../../models/domain/authResult";
+import { PasswordlessLogInCredentials } from "../../models/domain/logInCredentials";
+import { SymmetricCryptoKey } from "../../models/domain/symmetricCryptoKey";
+import { PasswordTokenRequest } from "../../models/request/identityToken/passwordTokenRequest";
+import { TokenRequestTwoFactor } from "../../models/request/identityToken/tokenRequestTwoFactor";
+
+import { LogInStrategy } from "./logIn.strategy";
+
+export class PasswordlessLogInStrategy extends LogInStrategy {
+  get email() {
+    return this.tokenRequest.email;
+  }
+
+  get masterPasswordHash() {
+    return this.tokenRequest.masterPasswordHash;
+  }
+
+  tokenRequest: PasswordTokenRequest;
+
+  private localHashedPassword: string;
+  private key: SymmetricCryptoKey;
+
+  constructor(
+    cryptoService: CryptoService,
+    apiService: ApiService,
+    tokenService: TokenService,
+    appIdService: AppIdService,
+    platformUtilsService: PlatformUtilsService,
+    messagingService: MessagingService,
+    logService: LogService,
+    stateService: StateService,
+    twoFactorService: TwoFactorService,
+    private authService: AuthService
+  ) {
+    super(
+      cryptoService,
+      apiService,
+      tokenService,
+      appIdService,
+      platformUtilsService,
+      messagingService,
+      logService,
+      stateService,
+      twoFactorService
+    );
+  }
+
+  async onSuccessfulLogin() {
+    await this.cryptoService.setKey(this.key);
+    await this.cryptoService.setKeyHash(this.localHashedPassword);
+  }
+
+  async logInTwoFactor(
+    twoFactor: TokenRequestTwoFactor,
+    captchaResponse: string
+  ): Promise<AuthResult> {
+    this.tokenRequest.captchaResponse = captchaResponse ?? this.captchaBypassToken;
+    return super.logInTwoFactor(twoFactor);
+  }
+
+  async logIn(credentials: PasswordlessLogInCredentials) {
+    this.localHashedPassword = credentials.localPasswordHash;
+    this.key = credentials.decKey;
+
+    this.tokenRequest = new PasswordTokenRequest(
+      credentials.email,
+      credentials.accessCode,
+      null,
+      await this.buildTwoFactor(credentials.twoFactor),
+      await this.buildDeviceRequest()
+    );
+
+    this.tokenRequest.setPasswordlessAccessCode(credentials.authRequestId);
+    return this.startLogIn();
+  }
+}
diff --git a/libs/common/src/misc/utils.ts b/libs/common/src/misc/utils.ts
index f66124bc47e7..454def365517 100644
--- a/libs/common/src/misc/utils.ts
+++ b/libs/common/src/misc/utils.ts
@@ -99,6 +99,9 @@ export class Utils {
   }
 
   static fromByteStringToArray(str: string): Uint8Array {
+    if (str == null) {
+      return null;
+    }
     const arr = new Uint8Array(str.length);
     for (let i = 0; i < str.length; i++) {
       arr[i] = str.charCodeAt(i);
diff --git a/libs/common/src/models/data/server-config.data.spec.ts b/libs/common/src/models/data/server-config.data.spec.ts
new file mode 100644
index 000000000000..1c4e890ab806
--- /dev/null
+++ b/libs/common/src/models/data/server-config.data.spec.ts
@@ -0,0 +1,55 @@
+import {
+  EnvironmentServerConfigData,
+  ServerConfigData,
+  ThirdPartyServerConfigData,
+} from "./server-config.data";
+
+describe("ServerConfigData", () => {
+  describe("fromJSON", () => {
+    it("should create a ServerConfigData from a JSON object", () => {
+      const serverConfigData = ServerConfigData.fromJSON({
+        version: "1.0.0",
+        gitHash: "1234567890",
+        server: {
+          name: "test",
+          url: "https://test.com",
+        },
+        environment: {
+          vault: "https://vault.com",
+          api: "https://api.com",
+          identity: "https://identity.com",
+          notifications: "https://notifications.com",
+          sso: "https://sso.com",
+        },
+        utcDate: "2020-01-01T00:00:00.000Z",
+      });
+
+      expect(serverConfigData.version).toEqual("1.0.0");
+      expect(serverConfigData.gitHash).toEqual("1234567890");
+      expect(serverConfigData.server.name).toEqual("test");
+      expect(serverConfigData.server.url).toEqual("https://test.com");
+      expect(serverConfigData.environment.vault).toEqual("https://vault.com");
+      expect(serverConfigData.environment.api).toEqual("https://api.com");
+      expect(serverConfigData.environment.identity).toEqual("https://identity.com");
+      expect(serverConfigData.environment.notifications).toEqual("https://notifications.com");
+      expect(serverConfigData.environment.sso).toEqual("https://sso.com");
+      expect(serverConfigData.utcDate).toEqual("2020-01-01T00:00:00.000Z");
+    });
+
+    it("should be an instance of ServerConfigData", () => {
+      const serverConfigData = ServerConfigData.fromJSON({} as any);
+
+      expect(serverConfigData).toBeInstanceOf(ServerConfigData);
+    });
+
+    it("should deserialize sub objects", () => {
+      const serverConfigData = ServerConfigData.fromJSON({
+        server: {},
+        environment: {},
+      } as any);
+
+      expect(serverConfigData.server).toBeInstanceOf(ThirdPartyServerConfigData);
+      expect(serverConfigData.environment).toBeInstanceOf(EnvironmentServerConfigData);
+    });
+  });
+});
diff --git a/libs/common/src/models/data/server-config.data.ts b/libs/common/src/models/data/server-config.data.ts
index 62744ecb621a..30043a0b0280 100644
--- a/libs/common/src/models/data/server-config.data.ts
+++ b/libs/common/src/models/data/server-config.data.ts
@@ -1,3 +1,5 @@
+import { Jsonify } from "type-fest";
+
 import {
   ServerConfigResponse,
   ThirdPartyServerConfigResponse,
@@ -11,27 +13,38 @@ export class ServerConfigData {
   environment?: EnvironmentServerConfigData;
   utcDate: string;
 
-  constructor(serverConfigReponse: ServerConfigResponse) {
-    this.version = serverConfigReponse?.version;
-    this.gitHash = serverConfigReponse?.gitHash;
-    this.server = serverConfigReponse?.server
-      ? new ThirdPartyServerConfigData(serverConfigReponse.server)
+  constructor(serverConfigResponse: Partial<ServerConfigResponse>) {
+    this.version = serverConfigResponse?.version;
+    this.gitHash = serverConfigResponse?.gitHash;
+    this.server = serverConfigResponse?.server
+      ? new ThirdPartyServerConfigData(serverConfigResponse.server)
       : null;
     this.utcDate = new Date().toISOString();
-    this.environment = serverConfigReponse?.environment
-      ? new EnvironmentServerConfigData(serverConfigReponse.environment)
+    this.environment = serverConfigResponse?.environment
+      ? new EnvironmentServerConfigData(serverConfigResponse.environment)
       : null;
   }
+
+  static fromJSON(obj: Jsonify<ServerConfigData>): ServerConfigData {
+    return Object.assign(new ServerConfigData({}), obj, {
+      server: obj?.server ? ThirdPartyServerConfigData.fromJSON(obj.server) : null,
+      environment: obj?.environment ? EnvironmentServerConfigData.fromJSON(obj.environment) : null,
+    });
+  }
 }
 
 export class ThirdPartyServerConfigData {
   name: string;
   url: string;
 
-  constructor(response: ThirdPartyServerConfigResponse) {
+  constructor(response: Partial<ThirdPartyServerConfigResponse>) {
     this.name = response.name;
     this.url = response.url;
   }
+
+  static fromJSON(obj: Jsonify<ThirdPartyServerConfigData>): ThirdPartyServerConfigData {
+    return Object.assign(new ThirdPartyServerConfigData({}), obj);
+  }
 }
 
 export class EnvironmentServerConfigData {
@@ -41,11 +54,15 @@ export class EnvironmentServerConfigData {
   notifications: string;
   sso: string;
 
-  constructor(response: EnvironmentServerConfigResponse) {
+  constructor(response: Partial<EnvironmentServerConfigResponse>) {
     this.vault = response.vault;
     this.api = response.api;
     this.identity = response.identity;
     this.notifications = response.notifications;
     this.sso = response.sso;
   }
+
+  static fromJSON(obj: Jsonify<EnvironmentServerConfigData>): EnvironmentServerConfigData {
+    return Object.assign(new EnvironmentServerConfigData({}), obj);
+  }
 }
diff --git a/libs/common/src/models/domain/account-keys.spec.ts b/libs/common/src/models/domain/account-keys.spec.ts
new file mode 100644
index 000000000000..bf8348e15a27
--- /dev/null
+++ b/libs/common/src/models/domain/account-keys.spec.ts
@@ -0,0 +1,62 @@
+import { Utils } from "@bitwarden/common/misc/utils";
+
+import { makeStaticByteArray } from "../../../spec/utils";
+
+import { AccountKeys, EncryptionPair } from "./account";
+import { SymmetricCryptoKey } from "./symmetricCryptoKey";
+
+describe("AccountKeys", () => {
+  describe("toJSON", () => {
+    it("should serialize itself", () => {
+      const keys = new AccountKeys();
+      const buffer = makeStaticByteArray(64).buffer;
+      keys.publicKey = buffer;
+
+      const bufferSpy = jest.spyOn(Utils, "fromBufferToByteString");
+      keys.toJSON();
+      expect(bufferSpy).toHaveBeenCalledWith(buffer);
+    });
+
+    it("should serialize public key as a string", () => {
+      const keys = new AccountKeys();
+      keys.publicKey = Utils.fromByteStringToArray("hello").buffer;
+      const json = JSON.stringify(keys);
+      expect(json).toContain('"publicKey":"hello"');
+    });
+  });
+
+  describe("fromJSON", () => {
+    it("should deserialize public key to a buffer", () => {
+      const keys = AccountKeys.fromJSON({
+        publicKey: "hello",
+      });
+      expect(keys.publicKey).toEqual(Utils.fromByteStringToArray("hello").buffer);
+    });
+
+    it("should deserialize cryptoMasterKey", () => {
+      const spy = jest.spyOn(SymmetricCryptoKey, "fromJSON");
+      AccountKeys.fromJSON({} as any);
+      expect(spy).toHaveBeenCalled();
+    });
+
+    it("should deserialize organizationKeys", () => {
+      const spy = jest.spyOn(SymmetricCryptoKey, "fromJSON");
+      AccountKeys.fromJSON({ organizationKeys: [{ orgId: "keyJSON" }] } as any);
+      expect(spy).toHaveBeenCalled();
+    });
+
+    it("should deserialize providerKeys", () => {
+      const spy = jest.spyOn(SymmetricCryptoKey, "fromJSON");
+      AccountKeys.fromJSON({ providerKeys: [{ providerId: "keyJSON" }] } as any);
+      expect(spy).toHaveBeenCalled();
+    });
+
+    it("should deserialize privateKey", () => {
+      const spy = jest.spyOn(EncryptionPair, "fromJSON");
+      AccountKeys.fromJSON({
+        privateKey: { encrypted: "encrypted", decrypted: "decrypted" },
+      } as any);
+      expect(spy).toHaveBeenCalled();
+    });
+  });
+});
diff --git a/libs/common/src/models/domain/account-profile.spec.ts b/libs/common/src/models/domain/account-profile.spec.ts
new file mode 100644
index 000000000000..7c6deda34eb2
--- /dev/null
+++ b/libs/common/src/models/domain/account-profile.spec.ts
@@ -0,0 +1,9 @@
+import { AccountProfile } from "./account";
+
+describe("AccountProfile", () => {
+  describe("fromJSON", () => {
+    it("should deserialize to an instance of itself", () => {
+      expect(AccountProfile.fromJSON({})).toBeInstanceOf(AccountProfile);
+    });
+  });
+});
diff --git a/libs/common/src/models/domain/account-settings.spec.ts b/libs/common/src/models/domain/account-settings.spec.ts
new file mode 100644
index 000000000000..544d591b3236
--- /dev/null
+++ b/libs/common/src/models/domain/account-settings.spec.ts
@@ -0,0 +1,24 @@
+import { AccountSettings, EncryptionPair } from "./account";
+import { EncString } from "./encString";
+
+describe("AccountSettings", () => {
+  describe("fromJSON", () => {
+    it("should deserialize to an instance of itself", () => {
+      expect(AccountSettings.fromJSON(JSON.parse("{}"))).toBeInstanceOf(AccountSettings);
+    });
+
+    it("should deserialize pinProtected", () => {
+      const accountSettings = new AccountSettings();
+      accountSettings.pinProtected = EncryptionPair.fromJSON<string, EncString>({
+        encrypted: "encrypted",
+        decrypted: "3.data",
+      });
+      const jsonObj = JSON.parse(JSON.stringify(accountSettings));
+      const actual = AccountSettings.fromJSON(jsonObj);
+
+      expect(actual.pinProtected).toBeInstanceOf(EncryptionPair);
+      expect(actual.pinProtected.encrypted).toEqual("encrypted");
+      expect(actual.pinProtected.decrypted.encryptedString).toEqual("3.data");
+    });
+  });
+});
diff --git a/libs/common/src/models/domain/account-tokens.spec.ts b/libs/common/src/models/domain/account-tokens.spec.ts
new file mode 100644
index 000000000000..733b3908e9a7
--- /dev/null
+++ b/libs/common/src/models/domain/account-tokens.spec.ts
@@ -0,0 +1,9 @@
+import { AccountTokens } from "./account";
+
+describe("AccountTokens", () => {
+  describe("fromJSON", () => {
+    it("should deserialize to an instance of itself", () => {
+      expect(AccountTokens.fromJSON({})).toBeInstanceOf(AccountTokens);
+    });
+  });
+});
diff --git a/libs/common/src/models/domain/account.spec.ts b/libs/common/src/models/domain/account.spec.ts
new file mode 100644
index 000000000000..0c76c16cc2d2
--- /dev/null
+++ b/libs/common/src/models/domain/account.spec.ts
@@ -0,0 +1,23 @@
+import { Account, AccountKeys, AccountProfile, AccountSettings, AccountTokens } from "./account";
+
+describe("Account", () => {
+  describe("fromJSON", () => {
+    it("should deserialize to an instance of itself", () => {
+      expect(Account.fromJSON({})).toBeInstanceOf(Account);
+    });
+
+    it("should call all the sub-fromJSONs", () => {
+      const keysSpy = jest.spyOn(AccountKeys, "fromJSON");
+      const profileSpy = jest.spyOn(AccountProfile, "fromJSON");
+      const settingsSpy = jest.spyOn(AccountSettings, "fromJSON");
+      const tokensSpy = jest.spyOn(AccountTokens, "fromJSON");
+
+      Account.fromJSON({});
+
+      expect(keysSpy).toHaveBeenCalled();
+      expect(profileSpy).toHaveBeenCalled();
+      expect(settingsSpy).toHaveBeenCalled();
+      expect(tokensSpy).toHaveBeenCalled();
+    });
+  });
+});
diff --git a/libs/common/src/models/domain/account.ts b/libs/common/src/models/domain/account.ts
index b7bbcb431c9b..5822af35c031 100644
--- a/libs/common/src/models/domain/account.ts
+++ b/libs/common/src/models/domain/account.ts
@@ -1,3 +1,8 @@
+import { Except, Jsonify } from "type-fest";
+
+import { Utils } from "@bitwarden/common/misc/utils";
+import { DeepJsonify } from "@bitwarden/common/types/deep-jsonify";
+
 import { AuthenticationStatus } from "../../enums/authenticationStatus";
 import { KdfType } from "../../enums/kdfType";
 import { UriMatchType } from "../../enums/uriMatchType";
@@ -24,7 +29,39 @@ import { SymmetricCryptoKey } from "./symmetricCryptoKey";
 export class EncryptionPair<TEncrypted, TDecrypted> {
   encrypted?: TEncrypted;
   decrypted?: TDecrypted;
-  decryptedSerialized?: string;
+
+  toJSON() {
+    return {
+      encrypted: this.encrypted,
+      decrypted:
+        this.decrypted instanceof ArrayBuffer
+          ? Utils.fromBufferToByteString(this.decrypted)
+          : this.decrypted,
+    };
+  }
+
+  static fromJSON<TEncrypted, TDecrypted>(
+    obj: Jsonify<EncryptionPair<Jsonify<TEncrypted>, Jsonify<TDecrypted>>>,
+    decryptedFromJson?: (decObj: Jsonify<TDecrypted> | string) => TDecrypted,
+    encryptedFromJson?: (encObj: Jsonify<TEncrypted>) => TEncrypted
+  ) {
+    if (obj == null) {
+      return null;
+    }
+
+    const pair = new EncryptionPair<TEncrypted, TDecrypted>();
+    if (obj?.encrypted != null) {
+      pair.encrypted = encryptedFromJson
+        ? encryptedFromJson(obj.encrypted)
+        : (obj.encrypted as TEncrypted);
+    }
+    if (obj?.decrypted != null) {
+      pair.decrypted = decryptedFromJson
+        ? decryptedFromJson(obj.decrypted)
+        : (obj.decrypted as TDecrypted);
+    }
+    return pair;
+  }
 }
 
 export class DataEncryptionPair<TEncrypted, TDecrypted> {
@@ -73,19 +110,66 @@ export class AccountKeys {
   >();
   organizationKeys?: EncryptionPair<
     { [orgId: string]: EncryptedOrganizationKeyData },
-    Map<string, SymmetricCryptoKey>
+    Record<string, SymmetricCryptoKey>
   > = new EncryptionPair<
     { [orgId: string]: EncryptedOrganizationKeyData },
-    Map<string, SymmetricCryptoKey>
+    Record<string, SymmetricCryptoKey>
   >();
-  providerKeys?: EncryptionPair<any, Map<string, SymmetricCryptoKey>> = new EncryptionPair<
+  providerKeys?: EncryptionPair<any, Record<string, SymmetricCryptoKey>> = new EncryptionPair<
     any,
-    Map<string, SymmetricCryptoKey>
+    Record<string, SymmetricCryptoKey>
   >();
   privateKey?: EncryptionPair<string, ArrayBuffer> = new EncryptionPair<string, ArrayBuffer>();
   publicKey?: ArrayBuffer;
-  publicKeySerialized?: string;
   apiKeyClientSecret?: string;
+
+  toJSON() {
+    return Object.assign(this as Except<AccountKeys, "publicKey">, {
+      publicKey: Utils.fromBufferToByteString(this.publicKey),
+    });
+  }
+
+  static fromJSON(obj: DeepJsonify<AccountKeys>): AccountKeys {
+    if (obj == null) {
+      return null;
+    }
+
+    return Object.assign(
+      new AccountKeys(),
+      { cryptoMasterKey: SymmetricCryptoKey.fromJSON(obj?.cryptoMasterKey) },
+      {
+        cryptoSymmetricKey: EncryptionPair.fromJSON(
+          obj?.cryptoSymmetricKey,
+          SymmetricCryptoKey.fromJSON
+        ),
+      },
+      { organizationKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.organizationKeys) },
+      { providerKeys: AccountKeys.initRecordEncryptionPairsFromJSON(obj?.providerKeys) },
+      {
+        privateKey: EncryptionPair.fromJSON<string, ArrayBuffer>(
+          obj?.privateKey,
+          (decObj: string) => Utils.fromByteStringToArray(decObj).buffer
+        ),
+      },
+      {
+        publicKey: Utils.fromByteStringToArray(obj?.publicKey)?.buffer,
+      }
+    );
+  }
+
+  static initRecordEncryptionPairsFromJSON(obj: any) {
+    return EncryptionPair.fromJSON(obj, (decObj: any) => {
+      if (obj == null) {
+        return null;
+      }
+
+      const record: Record<string, SymmetricCryptoKey> = {};
+      for (const id in decObj) {
+        record[id] = SymmetricCryptoKey.fromJSON(decObj[id]);
+      }
+      return record;
+    });
+  }
 }
 
 export class AccountProfile {
@@ -106,6 +190,14 @@ export class AccountProfile {
   keyHash?: string;
   kdfIterations?: number;
   kdfType?: KdfType;
+
+  static fromJSON(obj: Jsonify<AccountProfile>): AccountProfile {
+    if (obj == null) {
+      return null;
+    }
+
+    return Object.assign(new AccountProfile(), obj);
+  }
 }
 
 export class AccountSettings {
@@ -142,6 +234,21 @@ export class AccountSettings {
   vaultTimeout?: number;
   vaultTimeoutAction?: string = "lock";
   serverConfig?: ServerConfigData;
+
+  static fromJSON(obj: Jsonify<AccountSettings>): AccountSettings {
+    if (obj == null) {
+      return null;
+    }
+
+    return Object.assign(new AccountSettings(), obj, {
+      environmentUrls: EnvironmentUrls.fromJSON(obj?.environmentUrls),
+      pinProtected: EncryptionPair.fromJSON<string, EncString>(
+        obj?.pinProtected,
+        EncString.fromJSON
+      ),
+      serverConfig: ServerConfigData.fromJSON(obj?.serverConfig),
+    });
+  }
 }
 
 export type AccountSettingsSettings = {
@@ -150,9 +257,16 @@ export type AccountSettingsSettings = {
 
 export class AccountTokens {
   accessToken?: string;
-  decodedToken?: any;
   refreshToken?: string;
   securityStamp?: string;
+
+  static fromJSON(obj: Jsonify<AccountTokens>): AccountTokens {
+    if (obj == null) {
+      return null;
+    }
+
+    return Object.assign(new AccountTokens(), obj);
+  }
 }
 
 export class Account {
@@ -186,4 +300,17 @@ export class Account {
       },
     });
   }
+
+  static fromJSON(json: Jsonify<Account>): Account {
+    if (json == null) {
+      return null;
+    }
+
+    return Object.assign(new Account({}), json, {
+      keys: AccountKeys.fromJSON(json?.keys),
+      profile: AccountProfile.fromJSON(json?.profile),
+      settings: AccountSettings.fromJSON(json?.settings),
+      tokens: AccountTokens.fromJSON(json?.tokens),
+    });
+  }
 }
diff --git a/libs/common/src/models/domain/encryption-pair.spec.ts b/libs/common/src/models/domain/encryption-pair.spec.ts
new file mode 100644
index 000000000000..55fad76db035
--- /dev/null
+++ b/libs/common/src/models/domain/encryption-pair.spec.ts
@@ -0,0 +1,34 @@
+import { Utils } from "@bitwarden/common/misc/utils";
+
+import { EncryptionPair } from "./account";
+
+describe("EncryptionPair", () => {
+  describe("toJSON", () => {
+    it("should populate decryptedSerialized for buffer arrays", () => {
+      const pair = new EncryptionPair<string, ArrayBuffer>();
+      pair.decrypted = Utils.fromByteStringToArray("hello").buffer;
+      const json = pair.toJSON();
+      expect(json.decrypted).toEqual("hello");
+    });
+
+    it("should serialize encrypted and decrypted", () => {
+      const pair = new EncryptionPair<string, string>();
+      pair.encrypted = "hello";
+      pair.decrypted = "world";
+      const json = pair.toJSON();
+      expect(json.encrypted).toEqual("hello");
+      expect(json.decrypted).toEqual("world");
+    });
+  });
+
+  describe("fromJSON", () => {
+    it("should deserialize encrypted and decrypted", () => {
+      const pair = EncryptionPair.fromJSON({
+        encrypted: "hello",
+        decrypted: "world",
+      });
+      expect(pair.encrypted).toEqual("hello");
+      expect(pair.decrypted).toEqual("world");
+    });
+  });
+});
diff --git a/libs/common/src/models/domain/environmentUrls.ts b/libs/common/src/models/domain/environmentUrls.ts
index d4fd173c83ae..c78768bdc295 100644
--- a/libs/common/src/models/domain/environmentUrls.ts
+++ b/libs/common/src/models/domain/environmentUrls.ts
@@ -1,3 +1,5 @@
+import { Jsonify } from "type-fest";
+
 export class EnvironmentUrls {
   base: string = null;
   api: string = null;
@@ -7,4 +9,8 @@ export class EnvironmentUrls {
   events: string = null;
   webVault: string = null;
   keyConnector: string = null;
+
+  static fromJSON(obj: Jsonify<EnvironmentUrls>): EnvironmentUrls {
+    return Object.assign(new EnvironmentUrls(), obj);
+  }
 }
diff --git a/libs/common/src/models/domain/globalState.ts b/libs/common/src/models/domain/globalState.ts
index 422293fceda1..c907d3ecb5c4 100644
--- a/libs/common/src/models/domain/globalState.ts
+++ b/libs/common/src/models/domain/globalState.ts
@@ -37,4 +37,5 @@ export class GlobalState {
   alwaysShowDock?: boolean;
   enableBrowserIntegration?: boolean;
   enableBrowserIntegrationFingerprint?: boolean;
+  enableDuckDuckGoBrowserIntegration?: boolean;
 }
diff --git a/libs/common/src/models/domain/logInCredentials.ts b/libs/common/src/models/domain/logInCredentials.ts
index c1e23610e475..5f2035fd1566 100644
--- a/libs/common/src/models/domain/logInCredentials.ts
+++ b/libs/common/src/models/domain/logInCredentials.ts
@@ -1,3 +1,5 @@
+import { SymmetricCryptoKey } from "@bitwarden/common/models/domain/symmetricCryptoKey";
+
 import { AuthenticationType } from "../../enums/authenticationType";
 import { TokenRequestTwoFactor } from "../request/identityToken/tokenRequestTwoFactor";
 
@@ -29,3 +31,16 @@ export class ApiLogInCredentials {
 
   constructor(public clientId: string, public clientSecret: string) {}
 }
+
+export class PasswordlessLogInCredentials {
+  readonly type = AuthenticationType.Passwordless;
+
+  constructor(
+    public email: string,
+    public accessCode: string,
+    public authRequestId: string,
+    public decKey: SymmetricCryptoKey,
+    public localPasswordHash: string,
+    public twoFactor?: TokenRequestTwoFactor
+  ) {}
+}
diff --git a/libs/common/src/models/domain/state.spec.ts b/libs/common/src/models/domain/state.spec.ts
new file mode 100644
index 000000000000..64e71d7cb2cd
--- /dev/null
+++ b/libs/common/src/models/domain/state.spec.ts
@@ -0,0 +1,28 @@
+import { Account } from "./account";
+import { State } from "./state";
+
+describe("state", () => {
+  describe("fromJSON", () => {
+    it("should deserialize to an instance of itself", () => {
+      expect(State.fromJSON({})).toBeInstanceOf(State);
+    });
+
+    it("should always assign an object to accounts", () => {
+      const state = State.fromJSON({});
+      expect(state.accounts).not.toBeNull();
+      expect(state.accounts).toEqual({});
+    });
+
+    it("should build an account map", () => {
+      const accountsSpy = jest.spyOn(Account, "fromJSON");
+      const state = State.fromJSON({
+        accounts: {
+          userId: {},
+        },
+      });
+
+      expect(state.accounts["userId"]).toBeInstanceOf(Account);
+      expect(accountsSpy).toHaveBeenCalled();
+    });
+  });
+});
diff --git a/libs/common/src/models/domain/state.ts b/libs/common/src/models/domain/state.ts
index f5a2c046b54d..5450325d25c5 100644
--- a/libs/common/src/models/domain/state.ts
+++ b/libs/common/src/models/domain/state.ts
@@ -1,3 +1,5 @@
+import { Jsonify } from "type-fest";
+
 import { Account } from "./account";
 import { GlobalState } from "./globalState";
 
@@ -14,4 +16,30 @@ export class State<
   constructor(globals: TGlobalState) {
     this.globals = globals;
   }
+
+  // TODO, make Jsonify<State,TGlobalState,TAccount> work. It currently doesn't because Globals doesn't implement Jsonify.
+  static fromJSON<TGlobalState extends GlobalState, TAccount extends Account>(
+    obj: any
+  ): State<TGlobalState, TAccount> {
+    if (obj == null) {
+      return null;
+    }
+
+    return Object.assign(new State(null), obj, {
+      accounts: State.buildAccountMapFromJSON(obj?.accounts),
+    });
+  }
+
+  private static buildAccountMapFromJSON(
+    jsonAccounts: Jsonify<{ [userId: string]: Jsonify<Account> }>
+  ) {
+    if (!jsonAccounts) {
+      return {};
+    }
+    const accounts: { [userId: string]: Account } = {};
+    for (const userId in jsonAccounts) {
+      accounts[userId] = Account.fromJSON(jsonAccounts[userId]);
+    }
+    return accounts;
+  }
 }
diff --git a/libs/common/src/models/domain/storageOptions.ts b/libs/common/src/models/domain/storageOptions.ts
index 2db7e0ccf581..7e21b1943323 100644
--- a/libs/common/src/models/domain/storageOptions.ts
+++ b/libs/common/src/models/domain/storageOptions.ts
@@ -1,3 +1,5 @@
+import { Jsonify } from "type-fest";
+
 import { HtmlStorageLocation } from "../../enums/htmlStorageLocation";
 import { StorageLocation } from "../../enums/storageLocation";
 
@@ -8,3 +10,5 @@ export type StorageOptions = {
   htmlStorageLocation?: HtmlStorageLocation;
   keySuffix?: string;
 };
+
+export type MemoryStorageOptions<T> = StorageOptions & { deserializer?: (obj: Jsonify<T>) => T };
diff --git a/libs/common/src/models/request/identityToken/tokenRequest.ts b/libs/common/src/models/request/identityToken/tokenRequest.ts
index 82a4a394c5dd..5e38d2069b07 100644
--- a/libs/common/src/models/request/identityToken/tokenRequest.ts
+++ b/libs/common/src/models/request/identityToken/tokenRequest.ts
@@ -4,6 +4,7 @@ import { TokenRequestTwoFactor } from "./tokenRequestTwoFactor";
 
 export abstract class TokenRequest {
   protected device?: DeviceRequest;
+  protected passwordlessAuthRequest: string;
 
   constructor(protected twoFactor: TokenRequestTwoFactor, device?: DeviceRequest) {
     this.device = device != null ? device : null;
@@ -18,6 +19,10 @@ export abstract class TokenRequest {
     this.twoFactor = twoFactor;
   }
 
+  setPasswordlessAccessCode(accessCode: string) {
+    this.passwordlessAuthRequest = accessCode;
+  }
+
   protected toIdentityToken(clientId: string) {
     const obj: any = {
       scope: "api offline_access",
@@ -32,6 +37,11 @@ export abstract class TokenRequest {
       // obj.devicePushToken = this.device.pushToken;
     }
 
+    //passswordless login
+    if (this.passwordlessAuthRequest) {
+      obj.authRequest = this.passwordlessAuthRequest;
+    }
+
     if (this.twoFactor.token && this.twoFactor.provider != null) {
       obj.twoFactorToken = this.twoFactor.token;
       obj.twoFactorProvider = this.twoFactor.provider;
diff --git a/libs/common/src/models/request/passwordlessCreateAuthRequest.ts b/libs/common/src/models/request/passwordlessCreateAuthRequest.ts
new file mode 100644
index 000000000000..df83c547775d
--- /dev/null
+++ b/libs/common/src/models/request/passwordlessCreateAuthRequest.ts
@@ -0,0 +1,12 @@
+import { AuthRequestType } from "../../enums/authRequestType";
+
+export class PasswordlessCreateAuthRequest {
+  constructor(
+    readonly email: string,
+    readonly deviceIdentifier: string,
+    readonly publicKey: string,
+    readonly type: AuthRequestType,
+    readonly accessCode: string,
+    readonly fingerprintPhrase: string
+  ) {}
+}
diff --git a/libs/common/src/models/response/authRequestResponse.ts b/libs/common/src/models/response/authRequestResponse.ts
new file mode 100644
index 000000000000..1a29a3da8568
--- /dev/null
+++ b/libs/common/src/models/response/authRequestResponse.ts
@@ -0,0 +1,26 @@
+import { DeviceType } from "@bitwarden/common/enums/deviceType";
+
+import { BaseResponse } from "./baseResponse";
+
+export class AuthRequestResponse extends BaseResponse {
+  id: string;
+  publicKey: string;
+  requestDeviceType: DeviceType;
+  requestIpAddress: string;
+  key: string;
+  masterPasswordHash: string;
+  creationDate: string;
+  requestApproved: boolean;
+
+  constructor(response: any) {
+    super(response);
+    this.id = this.getResponseProperty("Id");
+    this.publicKey = this.getResponseProperty("PublicKey");
+    this.requestDeviceType = this.getResponseProperty("RequestDeviceType");
+    this.requestIpAddress = this.getResponseProperty("RequestIpAddress");
+    this.key = this.getResponseProperty("Key");
+    this.masterPasswordHash = this.getResponseProperty("MasterPasswordHash");
+    this.creationDate = this.getResponseProperty("CreationDate");
+    this.requestApproved = this.getResponseProperty("RequestApproved");
+  }
+}
diff --git a/libs/common/src/models/response/notificationResponse.ts b/libs/common/src/models/response/notificationResponse.ts
index f23de8fe8be1..1e2a50450635 100644
--- a/libs/common/src/models/response/notificationResponse.ts
+++ b/libs/common/src/models/response/notificationResponse.ts
@@ -37,6 +37,10 @@ export class NotificationResponse extends BaseResponse {
       case NotificationType.SyncSendDelete:
         this.payload = new SyncSendNotification(payload);
         break;
+      case NotificationType.AuthRequest:
+      case NotificationType.AuthRequestResponse:
+        this.payload = new AuthRequestPushNotification(payload);
+        break;
       default:
         break;
     }
@@ -96,3 +100,14 @@ export class SyncSendNotification extends BaseResponse {
     this.revisionDate = new Date(this.getResponseProperty("RevisionDate"));
   }
 }
+
+export class AuthRequestPushNotification extends BaseResponse {
+  id: string;
+  userId: string;
+
+  constructor(response: any) {
+    super(response);
+    this.id = this.getResponseProperty("Id");
+    this.userId = this.getResponseProperty("UserId");
+  }
+}
diff --git a/libs/common/src/services/anonymousHub.service.ts b/libs/common/src/services/anonymousHub.service.ts
new file mode 100644
index 000000000000..13b5898b18b2
--- /dev/null
+++ b/libs/common/src/services/anonymousHub.service.ts
@@ -0,0 +1,60 @@
+import { Injectable } from "@angular/core";
+import {
+  HttpTransportType,
+  HubConnection,
+  HubConnectionBuilder,
+  IHubProtocol,
+} from "@microsoft/signalr";
+import { MessagePackHubProtocol } from "@microsoft/signalr-protocol-msgpack";
+
+import { AnonymousHubService as AnonymousHubServiceAbstraction } from "../abstractions/anonymousHub.service";
+import { AuthService } from "../abstractions/auth.service";
+import { EnvironmentService } from "../abstractions/environment.service";
+import { LogService } from "../abstractions/log.service";
+
+import {
+  AuthRequestPushNotification,
+  NotificationResponse,
+} from "./../models/response/notificationResponse";
+
+@Injectable()
+export class AnonymousHubService implements AnonymousHubServiceAbstraction {
+  private anonHubConnection: HubConnection;
+  private url: string;
+
+  constructor(
+    private environmentService: EnvironmentService,
+    private authService: AuthService,
+    private logService: LogService
+  ) {}
+
+  async createHubConnection(token: string) {
+    this.url = this.environmentService.getNotificationsUrl();
+
+    this.anonHubConnection = new HubConnectionBuilder()
+      .withUrl(this.url + "/anonymousHub?Token=" + token, {
+        skipNegotiation: true,
+        transport: HttpTransportType.WebSockets,
+      })
+      .withHubProtocol(new MessagePackHubProtocol() as IHubProtocol)
+      .build();
+
+    this.anonHubConnection.start().catch((error) => this.logService.error(error));
+
+    this.anonHubConnection.on("AuthRequestResponseRecieved", (data: any) => {
+      this.ProcessNotification(new NotificationResponse(data));
+    });
+  }
+
+  stopHubConnection() {
+    if (this.anonHubConnection) {
+      this.anonHubConnection.stop();
+    }
+  }
+
+  private async ProcessNotification(notification: NotificationResponse) {
+    await this.authService.authResponsePushNotifiction(
+      notification.payload as AuthRequestPushNotification
+    );
+  }
+}
diff --git a/libs/common/src/services/api.service.ts b/libs/common/src/services/api.service.ts
index 0b96a11831c0..a4648e25045c 100644
--- a/libs/common/src/services/api.service.ts
+++ b/libs/common/src/services/api.service.ts
@@ -54,6 +54,7 @@ import { OrganizationUserUpdateGroupsRequest } from "../models/request/organizat
 import { OrganizationUserUpdateRequest } from "../models/request/organizationUserUpdateRequest";
 import { PasswordHintRequest } from "../models/request/passwordHintRequest";
 import { PasswordRequest } from "../models/request/passwordRequest";
+import { PasswordlessCreateAuthRequest } from "../models/request/passwordlessCreateAuthRequest";
 import { PaymentRequest } from "../models/request/paymentRequest";
 import { PreloginRequest } from "../models/request/preloginRequest";
 import { ProviderAddOrganizationRequest } from "../models/request/provider/providerAddOrganizationRequest";
@@ -92,6 +93,7 @@ import { VerifyEmailRequest } from "../models/request/verifyEmailRequest";
 import { ApiKeyResponse } from "../models/response/apiKeyResponse";
 import { AttachmentResponse } from "../models/response/attachmentResponse";
 import { AttachmentUploadDataResponse } from "../models/response/attachmentUploadDataResponse";
+import { AuthRequestResponse } from "../models/response/authRequestResponse";
 import { RegisterResponse } from "../models/response/authentication/registerResponse";
 import { BillingHistoryResponse } from "../models/response/billingHistoryResponse";
 import { BillingPaymentResponse } from "../models/response/billingPaymentResponse";
@@ -265,6 +267,17 @@ export class ApiService implements ApiServiceAbstraction {
     }
   }
 
+  async postAuthRequest(request: PasswordlessCreateAuthRequest): Promise<AuthRequestResponse> {
+    const r = await this.send("POST", "/auth-requests/", request, false, true);
+    return new AuthRequestResponse(r);
+  }
+
+  async getAuthResponse(id: string, accessCode: string): Promise<AuthRequestResponse> {
+    const path = `/auth-requests/${id}/response?code=${accessCode}`;
+    const r = await this.send("GET", path, null, false, true);
+    return new AuthRequestResponse(r);
+  }
+
   // Account APIs
 
   async getProfile(): Promise<ProfileResponse> {
diff --git a/libs/common/src/services/auth.service.ts b/libs/common/src/services/auth.service.ts
index 6f77bca20b34..3807eee3d69b 100644
--- a/libs/common/src/services/auth.service.ts
+++ b/libs/common/src/services/auth.service.ts
@@ -1,3 +1,5 @@
+import { Observable, Subject } from "rxjs";
+
 import { ApiService } from "../abstractions/api.service";
 import { AppIdService } from "../abstractions/appId.service";
 import { AuthService as AuthServiceAbstraction } from "../abstractions/auth.service";
@@ -17,17 +19,20 @@ import { KdfType } from "../enums/kdfType";
 import { KeySuffixOptions } from "../enums/keySuffixOptions";
 import { ApiLogInStrategy } from "../misc/logInStrategies/apiLogin.strategy";
 import { PasswordLogInStrategy } from "../misc/logInStrategies/passwordLogin.strategy";
+import { PasswordlessLogInStrategy } from "../misc/logInStrategies/passwordlessLogin.strategy";
 import { SsoLogInStrategy } from "../misc/logInStrategies/ssoLogin.strategy";
 import { AuthResult } from "../models/domain/authResult";
 import {
   ApiLogInCredentials,
   PasswordLogInCredentials,
   SsoLogInCredentials,
+  PasswordlessLogInCredentials,
 } from "../models/domain/logInCredentials";
 import { SymmetricCryptoKey } from "../models/domain/symmetricCryptoKey";
 import { TokenRequestTwoFactor } from "../models/request/identityToken/tokenRequestTwoFactor";
 import { PreloginRequest } from "../models/request/preloginRequest";
 import { ErrorResponse } from "../models/response/errorResponse";
+import { AuthRequestPushNotification } from "../models/response/notificationResponse";
 
 const sessionTimeoutLength = 2 * 60 * 1000; // 2 minutes
 
@@ -42,9 +47,15 @@ export class AuthService implements AuthServiceAbstraction {
       : null;
   }
 
-  private logInStrategy: ApiLogInStrategy | PasswordLogInStrategy | SsoLogInStrategy;
+  private logInStrategy:
+    | ApiLogInStrategy
+    | PasswordLogInStrategy
+    | SsoLogInStrategy
+    | PasswordlessLogInStrategy;
   private sessionTimeout: any;
 
+  private pushNotificationSubject = new Subject<string>();
+
   constructor(
     protected cryptoService: CryptoService,
     protected apiService: ApiService,
@@ -61,52 +72,78 @@ export class AuthService implements AuthServiceAbstraction {
   ) {}
 
   async logIn(
-    credentials: ApiLogInCredentials | PasswordLogInCredentials | SsoLogInCredentials
+    credentials:
+      | ApiLogInCredentials
+      | PasswordLogInCredentials
+      | SsoLogInCredentials
+      | PasswordlessLogInCredentials
   ): Promise<AuthResult> {
     this.clearState();
 
-    let strategy: ApiLogInStrategy | PasswordLogInStrategy | SsoLogInStrategy;
-
-    if (credentials.type === AuthenticationType.Password) {
-      strategy = new PasswordLogInStrategy(
-        this.cryptoService,
-        this.apiService,
-        this.tokenService,
-        this.appIdService,
-        this.platformUtilsService,
-        this.messagingService,
-        this.logService,
-        this.stateService,
-        this.twoFactorService,
-        this
-      );
-    } else if (credentials.type === AuthenticationType.Sso) {
-      strategy = new SsoLogInStrategy(
-        this.cryptoService,
-        this.apiService,
-        this.tokenService,
-        this.appIdService,
-        this.platformUtilsService,
-        this.messagingService,
-        this.logService,
-        this.stateService,
-        this.twoFactorService,
-        this.keyConnectorService
-      );
-    } else if (credentials.type === AuthenticationType.Api) {
-      strategy = new ApiLogInStrategy(
-        this.cryptoService,
-        this.apiService,
-        this.tokenService,
-        this.appIdService,
-        this.platformUtilsService,
-        this.messagingService,
-        this.logService,
-        this.stateService,
-        this.twoFactorService,
-        this.environmentService,
-        this.keyConnectorService
-      );
+    let strategy:
+      | ApiLogInStrategy
+      | PasswordLogInStrategy
+      | SsoLogInStrategy
+      | PasswordlessLogInStrategy;
+
+    switch (credentials.type) {
+      case AuthenticationType.Password:
+        strategy = new PasswordLogInStrategy(
+          this.cryptoService,
+          this.apiService,
+          this.tokenService,
+          this.appIdService,
+          this.platformUtilsService,
+          this.messagingService,
+          this.logService,
+          this.stateService,
+          this.twoFactorService,
+          this
+        );
+        break;
+      case AuthenticationType.Sso:
+        strategy = new SsoLogInStrategy(
+          this.cryptoService,
+          this.apiService,
+          this.tokenService,
+          this.appIdService,
+          this.platformUtilsService,
+          this.messagingService,
+          this.logService,
+          this.stateService,
+          this.twoFactorService,
+          this.keyConnectorService
+        );
+        break;
+      case AuthenticationType.Api:
+        strategy = new ApiLogInStrategy(
+          this.cryptoService,
+          this.apiService,
+          this.tokenService,
+          this.appIdService,
+          this.platformUtilsService,
+          this.messagingService,
+          this.logService,
+          this.stateService,
+          this.twoFactorService,
+          this.environmentService,
+          this.keyConnectorService
+        );
+        break;
+      case AuthenticationType.Passwordless:
+        strategy = new PasswordlessLogInStrategy(
+          this.cryptoService,
+          this.apiService,
+          this.tokenService,
+          this.appIdService,
+          this.platformUtilsService,
+          this.messagingService,
+          this.logService,
+          this.stateService,
+          this.twoFactorService,
+          this
+        );
+        break;
     }
 
     const result = await strategy.logIn(credentials as any);
@@ -202,7 +239,21 @@ export class AuthService implements AuthServiceAbstraction {
     return this.cryptoService.makeKey(masterPassword, email, kdf, kdfIterations);
   }
 
-  private saveState(strategy: ApiLogInStrategy | PasswordLogInStrategy | SsoLogInStrategy) {
+  async authResponsePushNotifiction(notification: AuthRequestPushNotification): Promise<any> {
+    this.pushNotificationSubject.next(notification.id);
+  }
+
+  getPushNotifcationObs$(): Observable<any> {
+    return this.pushNotificationSubject.asObservable();
+  }
+
+  private saveState(
+    strategy:
+      | ApiLogInStrategy
+      | PasswordLogInStrategy
+      | SsoLogInStrategy
+      | PasswordlessLogInStrategy
+  ) {
     this.logInStrategy = strategy;
     this.startSessionTimeout();
   }
diff --git a/libs/common/src/services/cipher.service.ts b/libs/common/src/services/cipher.service.ts
index 40440ea8bf70..62d849d41769 100644
--- a/libs/common/src/services/cipher.service.ts
+++ b/libs/common/src/services/cipher.service.ts
@@ -393,7 +393,7 @@ export class CipherService implements CipherServiceAbstraction {
         : firstValueFrom(this.settingsService.settings$).then(
             (settings: AccountSettingsSettings) => {
               let matches: any[] = [];
-              settings.equivalentDomains.forEach((eqDomain: any) => {
+              settings.equivalentDomains?.forEach((eqDomain: any) => {
                 if (eqDomain.length && eqDomain.indexOf(domain) >= 0) {
                   matches = matches.concat(eqDomain);
                 }
diff --git a/libs/common/src/services/encrypt.service.ts b/libs/common/src/services/encrypt.service.ts
index 0b3f9731ca74..fef33a3f9c3e 100644
--- a/libs/common/src/services/encrypt.service.ts
+++ b/libs/common/src/services/encrypt.service.ts
@@ -98,7 +98,7 @@ export class EncryptService implements AbstractEncryptService {
       }
     }
 
-    return this.cryptoFunctionService.aesDecryptFast(fastParams);
+    return await this.cryptoFunctionService.aesDecryptFast(fastParams);
   }
 
   async decryptToBytes(encThing: IEncrypted, key: SymmetricCryptoKey): Promise<ArrayBuffer> {
diff --git a/libs/common/src/services/memoryStorage.service.ts b/libs/common/src/services/memoryStorage.service.ts
index d1616c6029f7..1634b67b051a 100644
--- a/libs/common/src/services/memoryStorage.service.ts
+++ b/libs/common/src/services/memoryStorage.service.ts
@@ -1,6 +1,12 @@
-import { AbstractStorageService } from "@bitwarden/common/abstractions/storage.service";
+import {
+  AbstractStorageService,
+  MemoryStorageServiceInterface,
+} from "@bitwarden/common/abstractions/storage.service";
 
-export class MemoryStorageService implements AbstractStorageService {
+export class MemoryStorageService
+  extends AbstractStorageService
+  implements MemoryStorageServiceInterface
+{
   private store = new Map<string, any>();
 
   get<T>(key: string): Promise<T> {
diff --git a/libs/common/src/services/state.service.ts b/libs/common/src/services/state.service.ts
index d5aabb3490ac..1f52a27ad672 100644
--- a/libs/common/src/services/state.service.ts
+++ b/libs/common/src/services/state.service.ts
@@ -3,14 +3,16 @@ import { BehaviorSubject, concatMap } from "rxjs";
 import { LogService } from "../abstractions/log.service";
 import { StateService as StateServiceAbstraction } from "../abstractions/state.service";
 import { StateMigrationService } from "../abstractions/stateMigration.service";
-import { AbstractStorageService } from "../abstractions/storage.service";
+import {
+  MemoryStorageServiceInterface,
+  AbstractStorageService,
+} from "../abstractions/storage.service";
 import { HtmlStorageLocation } from "../enums/htmlStorageLocation";
 import { KdfType } from "../enums/kdfType";
 import { StorageLocation } from "../enums/storageLocation";
 import { ThemeType } from "../enums/themeType";
 import { UriMatchType } from "../enums/uriMatchType";
 import { StateFactory } from "../factories/stateFactory";
-import { Utils } from "../misc/utils";
 import { CipherData } from "../models/data/cipherData";
 import { CollectionData } from "../models/data/collectionData";
 import { EncryptedOrganizationKeyData } from "../models/data/encryptedOrganizationKeyData";
@@ -56,6 +58,8 @@ const partialKeys = {
   masterKey: "_masterkey",
 };
 
+const DDG_SHARED_KEY = "DuckDuckGoSharedKey";
+
 export class StateService<
   TGlobalState extends GlobalState = GlobalState,
   TAccount extends Account = Account
@@ -76,7 +80,7 @@ export class StateService<
   constructor(
     protected storageService: AbstractStorageService,
     protected secureStorageService: AbstractStorageService,
-    protected memoryStorageService: AbstractStorageService,
+    protected memoryStorageService: AbstractStorageService & MemoryStorageServiceInterface,
     protected logService: LogService,
     protected stateMigrationService: StateMigrationService,
     protected stateFactory: StateFactory<TGlobalState, TAccount>,
@@ -150,6 +154,9 @@ export class StateService<
       return;
     }
     await this.updateState(async (state) => {
+      if (state.accounts == null) {
+        state.accounts = {};
+      }
       state.accounts[userId] = this.createAccount();
       const diskAccount = await this.getAccountFromDisk({ userId: userId });
       state.accounts[userId].profile = diskAccount.profile;
@@ -494,11 +501,11 @@ export class StateService<
     );
   }
 
-  @withPrototype(SymmetricCryptoKey, SymmetricCryptoKey.fromJSON)
   async getCryptoMasterKey(options?: StorageOptions): Promise<SymmetricCryptoKey> {
-    return (
-      await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
-    )?.keys?.cryptoMasterKey;
+    const account = await this.getAccount(
+      this.reconcileOptions(options, await this.defaultInMemoryOptions())
+    );
+    return account?.keys?.cryptoMasterKey;
   }
 
   async setCryptoMasterKey(value: SymmetricCryptoKey, options?: StorageOptions): Promise<void> {
@@ -604,23 +611,6 @@ export class StateService<
     await this.saveSecureStorageKey(partialKeys.biometricKey, value, options);
   }
 
-  async getDecodedToken(options?: StorageOptions): Promise<any> {
-    return (
-      await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
-    )?.tokens?.decodedToken;
-  }
-
-  async setDecodedToken(value: any, options?: StorageOptions): Promise<void> {
-    const account = await this.getAccount(
-      this.reconcileOptions(options, await this.defaultInMemoryOptions())
-    );
-    account.tokens.decodedToken = value;
-    await this.saveAccount(
-      account,
-      this.reconcileOptions(options, await this.defaultInMemoryOptions())
-    );
-  }
-
   @withPrototypeForArrayMembers(CipherView, CipherView.fromJSON)
   async getDecryptedCiphers(options?: StorageOptions): Promise<CipherView[]> {
     return (
@@ -657,11 +647,11 @@ export class StateService<
     );
   }
 
-  @withPrototype(SymmetricCryptoKey, SymmetricCryptoKey.fromJSON)
   async getDecryptedCryptoSymmetricKey(options?: StorageOptions): Promise<SymmetricCryptoKey> {
-    return (
-      await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
-    )?.keys?.cryptoSymmetricKey?.decrypted;
+    const account = await this.getAccount(
+      this.reconcileOptions(options, await this.defaultInMemoryOptions())
+    );
+    return account?.keys?.cryptoSymmetricKey?.decrypted;
   }
 
   async setDecryptedCryptoSymmetricKey(
@@ -678,14 +668,13 @@ export class StateService<
     );
   }
 
-  @withPrototypeForMap(SymmetricCryptoKey, SymmetricCryptoKey.fromJSON)
   async getDecryptedOrganizationKeys(
     options?: StorageOptions
   ): Promise<Map<string, SymmetricCryptoKey>> {
     const account = await this.getAccount(
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
     );
-    return account?.keys?.organizationKeys?.decrypted;
+    return this.recordToMap(account?.keys?.organizationKeys?.decrypted);
   }
 
   async setDecryptedOrganizationKeys(
@@ -695,7 +684,7 @@ export class StateService<
     const account = await this.getAccount(
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
     );
-    account.keys.organizationKeys.decrypted = value;
+    account.keys.organizationKeys.decrypted = this.mapToRecord(value);
     await this.saveAccount(
       account,
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
@@ -725,7 +714,6 @@ export class StateService<
     );
   }
 
-  @withPrototype(EncString)
   async getDecryptedPinProtected(options?: StorageOptions): Promise<EncString> {
     return (
       await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
@@ -762,14 +750,9 @@ export class StateService<
   }
 
   async getDecryptedPrivateKey(options?: StorageOptions): Promise<ArrayBuffer> {
-    const privateKey = (
+    return (
       await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
-    )?.keys?.privateKey;
-    let result = privateKey?.decrypted;
-    if (result == null && privateKey?.decryptedSerialized != null) {
-      result = Utils.fromByteStringToArray(privateKey.decryptedSerialized);
-    }
-    return result;
+    )?.keys?.privateKey.decrypted;
   }
 
   async setDecryptedPrivateKey(value: ArrayBuffer, options?: StorageOptions): Promise<void> {
@@ -777,21 +760,19 @@ export class StateService<
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
     );
     account.keys.privateKey.decrypted = value;
-    account.keys.privateKey.decryptedSerialized =
-      value == null ? null : Utils.fromBufferToByteString(value);
     await this.saveAccount(
       account,
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
     );
   }
 
-  @withPrototypeForMap(SymmetricCryptoKey, SymmetricCryptoKey.fromJSON)
   async getDecryptedProviderKeys(
     options?: StorageOptions
   ): Promise<Map<string, SymmetricCryptoKey>> {
-    return (
-      await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
-    )?.keys?.providerKeys?.decrypted;
+    const account = await this.getAccount(
+      this.reconcileOptions(options, await this.defaultInMemoryOptions())
+    );
+    return this.recordToMap(account?.keys?.providerKeys?.decrypted);
   }
 
   async setDecryptedProviderKeys(
@@ -801,7 +782,7 @@ export class StateService<
     const account = await this.getAccount(
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
     );
-    account.keys.providerKeys.decrypted = value;
+    account.keys.providerKeys.decrypted = this.mapToRecord(value);
     await this.saveAccount(
       account,
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
@@ -1029,6 +1010,24 @@ export class StateService<
     );
   }
 
+  async getDuckDuckGoSharedKey(options?: StorageOptions): Promise<string> {
+    options = this.reconcileOptions(options, await this.defaultSecureStorageOptions());
+    if (options?.userId == null) {
+      return null;
+    }
+    return await this.secureStorageService.get<string>(DDG_SHARED_KEY, options);
+  }
+
+  async setDuckDuckGoSharedKey(value: string, options?: StorageOptions): Promise<void> {
+    options = this.reconcileOptions(options, await this.defaultSecureStorageOptions());
+    if (options?.userId == null) {
+      return;
+    }
+    value == null
+      ? await this.secureStorageService.remove(DDG_SHARED_KEY, options)
+      : await this.secureStorageService.save(DDG_SHARED_KEY, value, options);
+  }
+
   async getEmail(options?: StorageOptions): Promise<string> {
     return (
       await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
@@ -1187,6 +1186,27 @@ export class StateService<
     );
   }
 
+  async getEnableDuckDuckGoBrowserIntegration(options?: StorageOptions): Promise<boolean> {
+    return (
+      (await this.getGlobals(this.reconcileOptions(options, await this.defaultOnDiskOptions())))
+        ?.enableDuckDuckGoBrowserIntegration ?? false
+    );
+  }
+
+  async setEnableDuckDuckGoBrowserIntegration(
+    value: boolean,
+    options?: StorageOptions
+  ): Promise<void> {
+    const globals = await this.getGlobals(
+      this.reconcileOptions(options, await this.defaultOnDiskOptions())
+    );
+    globals.enableDuckDuckGoBrowserIntegration = value;
+    await this.saveGlobals(
+      globals,
+      this.reconcileOptions(options, await this.defaultOnDiskOptions())
+    );
+  }
+
   async getEnableFullWidth(options?: StorageOptions): Promise<boolean> {
     return (
       (
@@ -1538,7 +1558,6 @@ export class StateService<
     );
   }
 
-  @withPrototype(EnvironmentUrls)
   async getEnvironmentUrls(options?: StorageOptions): Promise<EnvironmentUrls> {
     if ((await this.state())?.activeUserId == null) {
       return await this.getGlobalEnvironmentUrls(options);
@@ -2021,11 +2040,7 @@ export class StateService<
     const keys = (
       await this.getAccount(this.reconcileOptions(options, await this.defaultInMemoryOptions()))
     )?.keys;
-    let result = keys?.publicKey;
-    if (result == null && keys?.publicKeySerialized != null) {
-      result = Utils.fromByteStringToArray(keys.publicKeySerialized);
-    }
-    return result;
+    return keys?.publicKey;
   }
 
   async setPublicKey(value: ArrayBuffer, options?: StorageOptions): Promise<void> {
@@ -2033,7 +2048,6 @@ export class StateService<
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
     );
     account.keys.publicKey = value;
-    account.keys.publicKeySerialized = value == null ? null : Utils.fromBufferToByteString(value);
     await this.saveAccount(
       account,
       this.reconcileOptions(options, await this.defaultInMemoryOptions())
@@ -2741,8 +2755,11 @@ export class StateService<
       : await this.secureStorageService.save(`${options.userId}${key}`, value, options);
   }
 
-  protected state(): Promise<State<TGlobalState, TAccount>> {
-    return this.memoryStorageService.get<State<TGlobalState, TAccount>>(keys.state);
+  protected async state(): Promise<State<TGlobalState, TAccount>> {
+    const state = await this.memoryStorageService.get<State<TGlobalState, TAccount>>(keys.state, {
+      deserializer: (s) => State.fromJSON(s),
+    });
+    return state;
   }
 
   private async setState(state: State<TGlobalState, TAccount>): Promise<void> {
@@ -2761,6 +2778,14 @@ export class StateService<
       await this.setState(updatedState);
     });
   }
+
+  private mapToRecord<V>(map: Map<string, V>): Record<string, V> {
+    return map == null ? null : Object.fromEntries(map);
+  }
+
+  private recordToMap<V>(record: Record<string, V>): Map<string, V> {
+    return record == null ? null : new Map(Object.entries(record));
+  }
 }
 
 export function withPrototype<T>(
@@ -2893,52 +2918,3 @@ function withPrototypeForObjectValues<T>(
     };
   };
 }
-
-function withPrototypeForMap<T>(
-  valuesConstructor: new (...args: any[]) => T,
-  valuesConverter: (input: any) => T = (i) => i
-): (
-  target: any,
-  propertyKey: string | symbol,
-  descriptor: PropertyDescriptor
-) => { value: (...args: any[]) => Promise<Map<string, T>> } {
-  return (target: any, propertyKey: string | symbol, descriptor: PropertyDescriptor) => {
-    const originalMethod = descriptor.value;
-
-    return {
-      value: function (...args: any[]) {
-        const originalResult: Promise<any> = originalMethod.apply(this, args);
-
-        if (!(originalResult instanceof Promise)) {
-          throw new Error(
-            `Error applying prototype to stored value -- result is not a promise for method ${String(
-              propertyKey
-            )}`
-          );
-        }
-
-        return originalResult.then((result) => {
-          if (result == null) {
-            return null;
-          } else if (result instanceof Map) {
-            return result;
-          } else {
-            for (const key in Object.keys(result)) {
-              result[key] =
-                result[key] == null ||
-                result[key].constructor.name === valuesConstructor.prototype.constructor.name
-                  ? valuesConverter(result[key])
-                  : valuesConverter(
-                      Object.create(
-                        valuesConstructor.prototype,
-                        Object.getOwnPropertyDescriptors(result[key])
-                      )
-                    );
-            }
-            return new Map<string, T>(Object.entries(result));
-          }
-        });
-      },
-    };
-  };
-}
diff --git a/libs/common/src/services/stateMigration.service.ts b/libs/common/src/services/stateMigration.service.ts
index 359b4acec469..e936860657a5 100644
--- a/libs/common/src/services/stateMigration.service.ts
+++ b/libs/common/src/services/stateMigration.service.ts
@@ -12,7 +12,13 @@ import { OrganizationData } from "../models/data/organizationData";
 import { PolicyData } from "../models/data/policyData";
 import { ProviderData } from "../models/data/providerData";
 import { SendData } from "../models/data/sendData";
-import { Account, AccountSettings, AccountSettingsSettings } from "../models/domain/account";
+import {
+  Account,
+  AccountSettings,
+  AccountSettingsSettings,
+  EncryptionPair,
+} from "../models/domain/account";
+import { EncString } from "../models/domain/encString";
 import { EnvironmentUrls } from "../models/domain/environmentUrls";
 import { GeneratedPasswordHistory } from "../models/domain/generatedPasswordHistory";
 import { GlobalState } from "../models/domain/globalState";
@@ -314,10 +320,10 @@ export class StateMigrationService<
       passwordGenerationOptions:
         (await this.get<any>(v1Keys.passwordGenerationOptions)) ??
         defaultAccount.settings.passwordGenerationOptions,
-      pinProtected: {
+      pinProtected: Object.assign(new EncryptionPair<string, EncString>(), {
         decrypted: null,
         encrypted: await this.get<string>(v1Keys.pinProtected),
-      },
+      }),
       protectedPin: await this.get<string>(v1Keys.protectedPin),
       settings:
         userId == null
diff --git a/libs/common/src/services/token.service.ts b/libs/common/src/services/token.service.ts
index 0922fa87518e..5b6ffe6d889c 100644
--- a/libs/common/src/services/token.service.ts
+++ b/libs/common/src/services/token.service.ts
@@ -93,11 +93,6 @@ export class TokenService implements TokenServiceAbstraction {
   // ref https://github.com/auth0/angular-jwt/blob/master/src/angularJwt/services/jwt.js
 
   async decodeToken(token?: string): Promise<any> {
-    const storedToken = await this.stateService.getDecodedToken();
-    if (token === null && storedToken != null) {
-      return storedToken;
-    }
-
     token = token ?? (await this.stateService.getAccessToken());
 
     if (token == null) {
diff --git a/libs/common/src/types/deep-jsonify.ts b/libs/common/src/types/deep-jsonify.ts
new file mode 100644
index 000000000000..a83b8e4549f2
--- /dev/null
+++ b/libs/common/src/types/deep-jsonify.ts
@@ -0,0 +1,44 @@
+import {
+  PositiveInfinity,
+  NegativeInfinity,
+  JsonPrimitive,
+  TypedArray,
+  JsonValue,
+} from "type-fest";
+import { NotJsonable } from "type-fest/source/jsonify";
+
+/**
+ * Extracted from type-fest and extended with Jsonification of objects returned from `toJSON` methods.
+ */
+export type DeepJsonify<T> =
+  // Check if there are any non-JSONable types represented in the union.
+  // Note: The use of tuples in this first condition side-steps distributive conditional types
+  // (see https://github.com/microsoft/TypeScript/issues/29368#issuecomment-453529532)
+  [Extract<T, NotJsonable | bigint>] extends [never]
+    ? T extends PositiveInfinity | NegativeInfinity ? null
+    : T extends JsonPrimitive
+      ? T // Primitive is acceptable
+      : T extends number ? number
+      : T extends string ? string
+      : T extends boolean ? boolean
+      : T extends Map<any, any> | Set<any> ? Record<string, unknown> // {}
+      : T extends TypedArray ? Record<string, number>
+      : T extends Array<infer U>
+        ? Array<DeepJsonify<U extends NotJsonable ? null : U>> // It's an array: recursive call for its children
+        : T extends object
+          ? T extends { toJSON(): infer J }
+            ? (() => J) extends () => JsonValue // Is J assignable to JsonValue?
+              ? J // Then T is Jsonable and its Jsonable value is J
+              : {[P in keyof J as P extends symbol
+                ? never
+                : J[P] extends NotJsonable
+                ? never
+                : P]: DeepJsonify<Required<J>[P]>;
+                } // Not Jsonable because its toJSON() method does not return JsonValue
+            : {[P in keyof T as P extends symbol
+              ? never
+              : T[P] extends NotJsonable
+              ? never
+              : P]: DeepJsonify<Required<T>[P]>} // It's an object: recursive call for its children
+    : never // Otherwise any other non-object is removed
+  : never; // Otherwise non-JSONable type union was found not empty
diff --git a/libs/components/src/tabs/index.ts b/libs/components/src/tabs/index.ts
index 9b45ff1d43b5..e89b42944599 100644
--- a/libs/components/src/tabs/index.ts
+++ b/libs/components/src/tabs/index.ts
@@ -1,3 +1,5 @@
 export * from "./tabs.module";
-export * from "./tab-group.component";
-export * from "./tab-item.component";
+export * from "./tab-group/tab-group.component";
+export * from "./tab-group/tab.component";
+export * from "./tab-nav-bar/tab-nav-bar.component";
+export * from "./tab-nav-bar/tab-link.component";
diff --git a/libs/components/src/tabs/shared/tab-header.component.ts b/libs/components/src/tabs/shared/tab-header.component.ts
new file mode 100644
index 000000000000..4712df0549a7
--- /dev/null
+++ b/libs/components/src/tabs/shared/tab-header.component.ts
@@ -0,0 +1,14 @@
+import { Component } from "@angular/core";
+
+/**
+ * Component used for styling the tab header/background for both content and navigation tabs
+ */
+@Component({
+  selector: "bit-tab-header",
+  host: {
+    class:
+      "tw-h-16 tw-pl-4 tw-bg-background-alt tw-flex tw-items-end tw-border-0 tw-border-b tw-border-solid tw-border-secondary-300",
+  },
+  template: `<ng-content></ng-content>`,
+})
+export class TabHeaderComponent {}
diff --git a/libs/components/src/tabs/shared/tab-list-container.directive.ts b/libs/components/src/tabs/shared/tab-list-container.directive.ts
new file mode 100644
index 000000000000..1cf8a762d580
--- /dev/null
+++ b/libs/components/src/tabs/shared/tab-list-container.directive.ts
@@ -0,0 +1,12 @@
+import { Directive } from "@angular/core";
+
+/**
+ * Directive used for styling the container for bit tab labels
+ */
+@Directive({
+  selector: "[bitTabListContainer]",
+  host: {
+    class: "tw-inline-flex tw-flex-wrap tw-leading-5",
+  },
+})
+export class TabListContainerDirective {}
diff --git a/libs/components/src/tabs/shared/tab-list-item.directive.ts b/libs/components/src/tabs/shared/tab-list-item.directive.ts
new file mode 100644
index 000000000000..d96b7adbc84c
--- /dev/null
+++ b/libs/components/src/tabs/shared/tab-list-item.directive.ts
@@ -0,0 +1,85 @@
+import { FocusableOption } from "@angular/cdk/a11y";
+import { Directive, ElementRef, HostBinding, Input } from "@angular/core";
+
+/**
+ * Directive used for styling tab header items for both nav links (anchor tags)
+ * and content tabs (button tags)
+ */
+@Directive({ selector: "[bitTabListItem]" })
+export class TabListItemDirective implements FocusableOption {
+  @Input() active: boolean;
+  @Input() disabled: boolean;
+
+  @HostBinding("attr.disabled")
+  get disabledAttr() {
+    return this.disabled || null; // native disabled attr must be null when false
+  }
+
+  constructor(private elementRef: ElementRef) {}
+
+  focus() {
+    this.elementRef.nativeElement.focus();
+  }
+
+  click() {
+    this.elementRef.nativeElement.click();
+  }
+
+  @HostBinding("class")
+  get classList(): string[] {
+    return this.baseClassList
+      .concat(this.active ? this.activeClassList : [])
+      .concat(this.disabled ? this.disabledClassList : []);
+  }
+
+  get baseClassList(): string[] {
+    return [
+      "tw-block",
+      "tw-relative",
+      "tw-py-2",
+      "tw-px-4",
+      "tw-font-semibold",
+      "tw-transition",
+      "tw-rounded-t",
+      "tw-border-0",
+      "tw-border-x",
+      "tw-border-t-4",
+      "tw-border-transparent",
+      "tw-border-solid",
+      "tw-bg-transparent",
+      "tw-text-main",
+      "hover:tw-underline",
+      "hover:tw-text-main",
+      "focus-visible:tw-z-10",
+      "focus-visible:tw-outline-none",
+      "focus-visible:tw-ring-2",
+      "focus-visible:tw-ring-primary-700",
+    ];
+  }
+
+  get disabledClassList(): string[] {
+    return [
+      "!tw-bg-secondary-100",
+      "!tw-text-muted",
+      "hover:!tw-text-muted",
+      "!tw-no-underline",
+      "tw-cursor-not-allowed",
+    ];
+  }
+
+  get activeClassList(): string[] {
+    return [
+      "tw--mb-px",
+      "tw-border-x-secondary-300",
+      "tw-border-t-primary-500",
+      "tw-border-b",
+      "tw-border-b-background",
+      "tw-bg-background",
+      "!tw-text-primary-500",
+      "hover:tw-border-t-primary-700",
+      "hover:!tw-text-primary-700",
+      "focus-visible:tw-border-t-primary-700",
+      "focus-visible:!tw-text-primary-700",
+    ];
+  }
+}
diff --git a/libs/components/src/tabs/tab-group.component.html b/libs/components/src/tabs/tab-group.component.html
deleted file mode 100644
index f4b0ced5c4c0..000000000000
--- a/libs/components/src/tabs/tab-group.component.html
+++ /dev/null
@@ -1,6 +0,0 @@
-<div
-  role="tablist"
-  class="tw-inline-flex tw-flex-wrap tw-border-0 tw-border-b tw-border-solid tw-border-secondary-300 tw-leading-5"
->
-  <ng-content></ng-content>
-</div>
diff --git a/libs/components/src/tabs/tab-group.component.ts b/libs/components/src/tabs/tab-group.component.ts
deleted file mode 100644
index 856ab1f1e225..000000000000
--- a/libs/components/src/tabs/tab-group.component.ts
+++ /dev/null
@@ -1,7 +0,0 @@
-import { Component } from "@angular/core";
-
-@Component({
-  selector: "bit-tab-group",
-  templateUrl: "./tab-group.component.html",
-})
-export class TabGroupComponent {}
diff --git a/libs/components/src/tabs/tab-group/tab-body.component.html b/libs/components/src/tabs/tab-group/tab-body.component.html
new file mode 100644
index 000000000000..8134baf2a02e
--- /dev/null
+++ b/libs/components/src/tabs/tab-group/tab-body.component.html
@@ -0,0 +1 @@
+<ng-template [cdkPortalOutlet]="tabContent"></ng-template>
diff --git a/libs/components/src/tabs/tab-group/tab-body.component.ts b/libs/components/src/tabs/tab-group/tab-body.component.ts
new file mode 100644
index 000000000000..18baa49ed064
--- /dev/null
+++ b/libs/components/src/tabs/tab-group/tab-body.component.ts
@@ -0,0 +1,45 @@
+import { TemplatePortal } from "@angular/cdk/portal";
+import { Component, HostBinding, Input } from "@angular/core";
+
+@Component({
+  selector: "bit-tab-body",
+  templateUrl: "tab-body.component.html",
+})
+export class TabBodyComponent {
+  private _firstRender: boolean;
+
+  @Input() content: TemplatePortal;
+  @Input() preserveContent = false;
+
+  @HostBinding("attr.hidden") get hidden() {
+    return !this.active || null;
+  }
+
+  @Input()
+  get active() {
+    return this._active;
+  }
+  set active(value: boolean) {
+    this._active = value;
+    if (this._active) {
+      this._firstRender = true;
+    }
+  }
+  private _active: boolean;
+
+  /**
+   * The tab content to render.
+   * Inactive tabs that have never been rendered/active do not have their
+   * content rendered by default for performance. If `preserveContent` is `true`
+   * then the content persists after the first time content is rendered.
+   */
+  get tabContent() {
+    if (this.active) {
+      return this.content;
+    }
+    if (this.preserveContent && this._firstRender) {
+      return this.content;
+    }
+    return null;
+  }
+}
diff --git a/libs/components/src/tabs/tab-group/tab-group.component.html b/libs/components/src/tabs/tab-group/tab-group.component.html
new file mode 100644
index 000000000000..dbe71fb4b99b
--- /dev/null
+++ b/libs/components/src/tabs/tab-group/tab-group.component.html
@@ -0,0 +1,44 @@
+<bit-tab-header>
+  <div
+    bitTabListContainer
+    role="tablist"
+    [attr.aria-label]="label"
+    (keydown)="keyManager.onKeydown($event)"
+  >
+    <button
+      bitTabListItem
+      *ngFor="let tab of tabs; let i = index"
+      type="button"
+      role="tab"
+      [id]="getTabLabelId(i)"
+      [active]="tab.isActive"
+      [disabled]="tab.disabled"
+      [attr.aria-selected]="selectedIndex === i"
+      [attr.tabindex]="selectedIndex === i ? 0 : -1"
+      (click)="selectTab(i)"
+    >
+      <ng-container [ngTemplateOutlet]="content"></ng-container>
+
+      <ng-template #content>
+        <ng-template [ngIf]="tab.templateLabel" [ngIfElse]="tabTextLabel">
+          <ng-container [ngTemplateOutlet]="tab.templateLabel.templateRef"></ng-container>
+        </ng-template>
+
+        <ng-template #tabTextLabel>{{ tab.textLabel }}</ng-template>
+      </ng-template>
+    </button>
+  </div>
+</bit-tab-header>
+<div class="tw-px-4 tw-pt-5">
+  <bit-tab-body
+    role="tabpanel"
+    *ngFor="let tab of tabs; let i = index"
+    [id]="getTabContentId(i)"
+    [attr.tabindex]="selectedIndex === i ? 0 : -1"
+    [attr.labeledby]="getTabLabelId(i)"
+    [active]="tab.isActive"
+    [content]="tab.content"
+    [preserveContent]="preserveContent"
+  >
+  </bit-tab-body>
+</div>
diff --git a/libs/components/src/tabs/tab-group/tab-group.component.ts b/libs/components/src/tabs/tab-group/tab-group.component.ts
new file mode 100644
index 000000000000..76859976dcc1
--- /dev/null
+++ b/libs/components/src/tabs/tab-group/tab-group.component.ts
@@ -0,0 +1,187 @@
+import { FocusKeyManager } from "@angular/cdk/a11y";
+import { coerceNumberProperty } from "@angular/cdk/coercion";
+import {
+  AfterContentChecked,
+  AfterContentInit,
+  AfterViewInit,
+  Component,
+  ContentChildren,
+  EventEmitter,
+  Input,
+  OnDestroy,
+  Output,
+  QueryList,
+  ViewChildren,
+} from "@angular/core";
+import { Subject, takeUntil } from "rxjs";
+
+import { TabListItemDirective } from "../shared/tab-list-item.directive";
+
+import { TabComponent } from "./tab.component";
+
+/** Used to generate unique ID's for each tab component */
+let nextId = 0;
+
+@Component({
+  selector: "bit-tab-group",
+  templateUrl: "./tab-group.component.html",
+})
+export class TabGroupComponent
+  implements AfterContentChecked, AfterContentInit, AfterViewInit, OnDestroy
+{
+  private readonly _groupId: number;
+  private readonly destroy$ = new Subject<void>();
+  private _indexToSelect: number | null = 0;
+
+  /**
+   * Aria label for the tab list menu
+   */
+  @Input() label = "";
+
+  /**
+   * Keep the content of off-screen tabs in the DOM.
+   * Useful for keeping <audio> or <video> elements from re-initializing
+   * after navigating between tabs.
+   */
+  @Input() preserveContent = false;
+
+  @ContentChildren(TabComponent) tabs: QueryList<TabComponent>;
+  @ViewChildren(TabListItemDirective) tabLabels: QueryList<TabListItemDirective>;
+
+  /** The index of the active tab. */
+  @Input()
+  get selectedIndex(): number | null {
+    return this._selectedIndex;
+  }
+  set selectedIndex(value: number) {
+    this._indexToSelect = coerceNumberProperty(value, null);
+  }
+  private _selectedIndex: number | null = null;
+
+  /** Output to enable support for two-way binding on `[(selectedIndex)]` */
+  @Output() readonly selectedIndexChange: EventEmitter<number> = new EventEmitter<number>();
+
+  /** Event emitted when the tab selection has changed. */
+  @Output() readonly selectedTabChange: EventEmitter<BitTabChangeEvent> =
+    new EventEmitter<BitTabChangeEvent>();
+
+  /**
+   * Focus key manager for keeping tab controls accessible.
+   * https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Roles/tablist_role#keyboard_interactions
+   */
+  keyManager: FocusKeyManager<TabListItemDirective>;
+
+  constructor() {
+    this._groupId = nextId++;
+  }
+
+  protected getTabContentId(id: number): string {
+    return `bit-tab-content-${this._groupId}-${id}`;
+  }
+
+  protected getTabLabelId(id: number): string {
+    return `bit-tab-label-${this._groupId}-${id}`;
+  }
+
+  selectTab(index: number) {
+    this.selectedIndex = index;
+  }
+
+  /**
+   * After content is checked, the tab group knows what tabs are defined and which index
+   * should be currently selected.
+   */
+  ngAfterContentChecked(): void {
+    const indexToSelect = (this._indexToSelect = this._clampTabIndex(this._indexToSelect));
+
+    if (this._selectedIndex != indexToSelect) {
+      const isFirstRun = this._selectedIndex == null;
+
+      if (!isFirstRun) {
+        this.selectedTabChange.emit({
+          index: indexToSelect,
+          tab: this.tabs.toArray()[indexToSelect],
+        });
+      }
+
+      // These values need to be updated after change detection as
+      // the checked content may have references to them.
+      Promise.resolve().then(() => {
+        this.tabs.forEach((tab, index) => (tab.isActive = index === indexToSelect));
+
+        if (!isFirstRun) {
+          this.selectedIndexChange.emit(indexToSelect);
+        }
+      });
+
+      // Manually update the _selectedIndex and keyManager active item
+      this._selectedIndex = indexToSelect;
+      if (this.keyManager) {
+        this.keyManager.setActiveItem(indexToSelect);
+      }
+    }
+  }
+
+  ngAfterViewInit(): void {
+    this.keyManager = new FocusKeyManager(this.tabLabels)
+      .withHorizontalOrientation("ltr")
+      .withWrap()
+      .withHomeAndEnd();
+  }
+
+  ngAfterContentInit() {
+    // Subscribe to any changes in the number of tabs, in order to be able
+    // to re-render content when new tabs are added or removed.
+    this.tabs.changes.pipe(takeUntil(this.destroy$)).subscribe(() => {
+      const indexToSelect = this._clampTabIndex(this._indexToSelect);
+
+      // If the selected tab didn't explicitly change, keep the previously
+      // selected tab selected/active
+      if (indexToSelect === this._selectedIndex) {
+        const tabs = this.tabs.toArray();
+        let selectedTab: TabComponent | undefined;
+
+        for (let i = 0; i < tabs.length; i++) {
+          if (tabs[i].isActive) {
+            // Set both _indexToSelect and _selectedIndex to avoid firing a change
+            // event which could cause an infinite loop if adding a tab within the
+            // selectedIndexChange event
+            this._indexToSelect = this._selectedIndex = i;
+            selectedTab = tabs[i];
+            break;
+          }
+        }
+
+        // No active tab found and a tab does exist means the active tab
+        // was removed, so a new active tab must be set manually
+        if (!selectedTab && tabs[indexToSelect]) {
+          tabs[indexToSelect].isActive = true;
+          this.selectedTabChange.emit({
+            index: indexToSelect,
+            tab: tabs[indexToSelect],
+          });
+        }
+      }
+    });
+  }
+
+  ngOnDestroy() {
+    this.destroy$.next();
+    this.destroy$.complete();
+  }
+
+  private _clampTabIndex(index: number): number {
+    return Math.min(this.tabs.length - 1, Math.max(index || 0, 0));
+  }
+}
+
+export class BitTabChangeEvent {
+  /**
+   * The currently selected tab index
+   */
+  index: number;
+  /**
+   * The currently selected tab
+   */
+  tab: TabComponent;
+}
diff --git a/libs/components/src/tabs/tab-group/tab-label.directive.ts b/libs/components/src/tabs/tab-group/tab-label.directive.ts
new file mode 100644
index 000000000000..45da163631b3
--- /dev/null
+++ b/libs/components/src/tabs/tab-group/tab-label.directive.ts
@@ -0,0 +1,22 @@
+import { Directive, TemplateRef } from "@angular/core";
+
+/**
+ * Used to identify template based tab labels (allows complex labels instead of just plaintext)
+ *
+ * @example
+ * ```
+ * <bit-tab>
+ *   <ng-template bitTabLabel>
+ *     <i class="bwi bwi-search"></i> Search
+ *   </ng-template>
+ *
+ *   <p>Tab Content</p>
+ * </bit-tab>
+ * ```
+ */
+@Directive({
+  selector: "[bitTabLabel]",
+})
+export class TabLabelDirective {
+  constructor(public templateRef: TemplateRef<unknown>) {}
+}
diff --git a/libs/components/src/tabs/tab-group/tab.component.html b/libs/components/src/tabs/tab-group/tab.component.html
new file mode 100644
index 000000000000..cd48c06b9917
--- /dev/null
+++ b/libs/components/src/tabs/tab-group/tab.component.html
@@ -0,0 +1 @@
+<ng-template><ng-content></ng-content></ng-template>
diff --git a/libs/components/src/tabs/tab-group/tab.component.ts b/libs/components/src/tabs/tab-group/tab.component.ts
new file mode 100644
index 000000000000..05e61ffacc28
--- /dev/null
+++ b/libs/components/src/tabs/tab-group/tab.component.ts
@@ -0,0 +1,42 @@
+import { TemplatePortal } from "@angular/cdk/portal";
+import {
+  Component,
+  ContentChild,
+  Input,
+  OnInit,
+  TemplateRef,
+  ViewChild,
+  ViewContainerRef,
+} from "@angular/core";
+
+import { TabLabelDirective } from "./tab-label.directive";
+
+@Component({
+  selector: "bit-tab",
+  templateUrl: "./tab.component.html",
+  host: {
+    role: "tabpanel",
+  },
+})
+export class TabComponent implements OnInit {
+  @Input() disabled = false;
+
+  @Input("label") textLabel = "";
+
+  @ViewChild(TemplateRef, { static: true }) implicitContent: TemplateRef<unknown>;
+  @ContentChild(TabLabelDirective) templateLabel: TabLabelDirective;
+
+  private _contentPortal: TemplatePortal | null = null;
+
+  get content(): TemplatePortal | null {
+    return this._contentPortal;
+  }
+
+  isActive: boolean;
+
+  constructor(private _viewContainerRef: ViewContainerRef) {}
+
+  ngOnInit(): void {
+    this._contentPortal = new TemplatePortal(this.implicitContent, this._viewContainerRef);
+  }
+}
diff --git a/libs/components/src/tabs/tab-item.component.html b/libs/components/src/tabs/tab-item.component.html
deleted file mode 100644
index 951cfb3be189..000000000000
--- a/libs/components/src/tabs/tab-item.component.html
+++ /dev/null
@@ -1,26 +0,0 @@
-<ng-container [ngSwitch]="disabled">
-  <a
-    *ngSwitchCase="false"
-    role="tab"
-    [class]="baseClassList"
-    [routerLink]="route"
-    [routerLinkActive]="activeClassList"
-    #rla="routerLinkActive"
-    [attr.aria-selected]="rla.isActive"
-  >
-    <ng-container [ngTemplateOutlet]="content"></ng-container>
-  </a>
-  <button
-    *ngSwitchCase="true"
-    type="button"
-    role="tab"
-    [class]="baseClassList"
-    disabled
-    aria-disabled="true"
-  >
-    <ng-container [ngTemplateOutlet]="content"></ng-container>
-  </button>
-</ng-container>
-<ng-template #content>
-  <ng-content></ng-content>
-</ng-template>
diff --git a/libs/components/src/tabs/tab-item.component.ts b/libs/components/src/tabs/tab-item.component.ts
deleted file mode 100644
index aa339b713e96..000000000000
--- a/libs/components/src/tabs/tab-item.component.ts
+++ /dev/null
@@ -1,54 +0,0 @@
-import { Component, Input } from "@angular/core";
-
-@Component({
-  selector: "bit-tab-item",
-  templateUrl: "./tab-item.component.html",
-})
-export class TabItemComponent {
-  @Input() route: string; // ['/route']
-  @Input() disabled = false;
-
-  get baseClassList(): string[] {
-    return [
-      "tw-block",
-      "tw-relative",
-      "tw-py-2",
-      "tw-px-4",
-      "tw-font-semibold",
-      "tw-transition",
-      "tw-rounded-t",
-      "tw-border-0",
-      "tw-border-x",
-      "tw-border-t-4",
-      "tw-border-transparent",
-      "tw-border-solid",
-      "!tw-text-main",
-      "hover:tw-underline",
-      "hover:!tw-text-main",
-      "focus-visible:tw-z-10",
-      "focus-visible:tw-outline-none",
-      "focus-visible:tw-ring-2",
-      "focus-visible:tw-ring-primary-700",
-      "disabled:tw-bg-transparent",
-      "disabled:!tw-text-muted/60",
-      "disabled:tw-no-underline",
-      "disabled:tw-cursor-not-allowed",
-    ];
-  }
-
-  get activeClassList(): string {
-    return [
-      "tw--mb-px",
-      "tw-border-x-secondary-300",
-      "tw-border-t-primary-500",
-      "tw-border-b",
-      "tw-border-b-background",
-      "tw-bg-background",
-      "!tw-text-primary-500",
-      "hover:tw-border-t-primary-700",
-      "hover:!tw-text-primary-700",
-      "focus-visible:tw-border-t-primary-700",
-      "focus-visible:!tw-text-primary-700",
-    ].join(" ");
-  }
-}
diff --git a/libs/components/src/tabs/tab-nav-bar/tab-link.component.html b/libs/components/src/tabs/tab-nav-bar/tab-link.component.html
new file mode 100644
index 000000000000..3b0ad6b22c54
--- /dev/null
+++ b/libs/components/src/tabs/tab-nav-bar/tab-link.component.html
@@ -0,0 +1,13 @@
+<a
+  bitTabListItem
+  [routerLink]="disabled ? null : route"
+  routerLinkActive
+  #rla="routerLinkActive"
+  [active]="rla.isActive"
+  [disabled]="disabled"
+  [attr.aria-disabled]="disabled"
+  ariaCurrentWhenActive="page"
+  role="link"
+>
+  <ng-content></ng-content>
+</a>
diff --git a/libs/components/src/tabs/tab-nav-bar/tab-link.component.ts b/libs/components/src/tabs/tab-nav-bar/tab-link.component.ts
new file mode 100644
index 000000000000..fc067fb69f81
--- /dev/null
+++ b/libs/components/src/tabs/tab-nav-bar/tab-link.component.ts
@@ -0,0 +1,51 @@
+import { FocusableOption } from "@angular/cdk/a11y";
+import { AfterViewInit, Component, HostListener, Input, OnDestroy, ViewChild } from "@angular/core";
+import { RouterLinkActive } from "@angular/router";
+import { Subject, takeUntil } from "rxjs";
+
+import { TabListItemDirective } from "../shared/tab-list-item.directive";
+
+import { TabNavBarComponent } from "./tab-nav-bar.component";
+
+@Component({
+  selector: "bit-tab-link",
+  templateUrl: "tab-link.component.html",
+})
+export class TabLinkComponent implements FocusableOption, AfterViewInit, OnDestroy {
+  private destroy$ = new Subject<void>();
+
+  @ViewChild(TabListItemDirective) tabItem: TabListItemDirective;
+  @ViewChild("rla") routerLinkActive: RouterLinkActive;
+
+  @Input() route: string;
+  @Input() disabled = false;
+
+  @HostListener("keydown", ["$event"]) onKeyDown(event: KeyboardEvent) {
+    if (event.code === "Space") {
+      this.tabItem.click();
+    }
+  }
+
+  get active() {
+    return this.routerLinkActive?.isActive ?? false;
+  }
+
+  constructor(private _tabNavBar: TabNavBarComponent) {}
+
+  focus(): void {
+    this.tabItem.focus();
+  }
+
+  ngAfterViewInit() {
+    // The active state of tab links are tracked via the routerLinkActive directive
+    // We need to watch for changes to tell the parent nav group when the tab is active
+    this.routerLinkActive.isActiveChange
+      .pipe(takeUntil(this.destroy$))
+      .subscribe((_) => this._tabNavBar.updateActiveLink());
+  }
+
+  ngOnDestroy() {
+    this.destroy$.next();
+    this.destroy$.complete();
+  }
+}
diff --git a/libs/components/src/tabs/tab-nav-bar/tab-nav-bar.component.html b/libs/components/src/tabs/tab-nav-bar/tab-nav-bar.component.html
new file mode 100644
index 000000000000..2bc6a8d3b4a4
--- /dev/null
+++ b/libs/components/src/tabs/tab-nav-bar/tab-nav-bar.component.html
@@ -0,0 +1,5 @@
+<bit-tab-header>
+  <nav bitTabListContainer [attr.aria-label]="label" (keydown)="keyManager.onKeydown($event)">
+    <ng-content></ng-content>
+  </nav>
+</bit-tab-header>
diff --git a/libs/components/src/tabs/tab-nav-bar/tab-nav-bar.component.ts b/libs/components/src/tabs/tab-nav-bar/tab-nav-bar.component.ts
new file mode 100644
index 000000000000..0dd65922f68e
--- /dev/null
+++ b/libs/components/src/tabs/tab-nav-bar/tab-nav-bar.component.ts
@@ -0,0 +1,43 @@
+import { FocusKeyManager } from "@angular/cdk/a11y";
+import {
+  AfterContentInit,
+  Component,
+  ContentChildren,
+  forwardRef,
+  Input,
+  QueryList,
+} from "@angular/core";
+
+import { TabLinkComponent } from "./tab-link.component";
+
+@Component({
+  selector: "bit-tab-nav-bar",
+  templateUrl: "tab-nav-bar.component.html",
+})
+export class TabNavBarComponent implements AfterContentInit {
+  @ContentChildren(forwardRef(() => TabLinkComponent)) tabLabels: QueryList<TabLinkComponent>;
+  @Input() label = "";
+
+  /**
+   * Focus key manager for keeping tab controls accessible.
+   * https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Roles/tablist_role#keyboard_interactions
+   */
+  keyManager: FocusKeyManager<TabLinkComponent>;
+
+  ngAfterContentInit(): void {
+    this.keyManager = new FocusKeyManager(this.tabLabels)
+      .withHorizontalOrientation("ltr")
+      .withWrap()
+      .withHomeAndEnd();
+  }
+
+  updateActiveLink() {
+    // Keep the keyManager in sync with active tabs
+    const items = this.tabLabels.toArray();
+    for (let i = 0; i < items.length; i++) {
+      if (items[i].active) {
+        this.keyManager.updateActiveItem(i);
+      }
+    }
+  }
+}
diff --git a/libs/components/src/tabs/tabs.module.ts b/libs/components/src/tabs/tabs.module.ts
index 016bde504a55..fee1a8a7d089 100644
--- a/libs/components/src/tabs/tabs.module.ts
+++ b/libs/components/src/tabs/tabs.module.ts
@@ -1,13 +1,37 @@
+import { PortalModule } from "@angular/cdk/portal";
 import { CommonModule } from "@angular/common";
 import { NgModule } from "@angular/core";
 import { RouterModule } from "@angular/router";
 
-import { TabGroupComponent } from "./tab-group.component";
-import { TabItemComponent } from "./tab-item.component";
+import { TabHeaderComponent } from "./shared/tab-header.component";
+import { TabListContainerDirective } from "./shared/tab-list-container.directive";
+import { TabListItemDirective } from "./shared/tab-list-item.directive";
+import { TabBodyComponent } from "./tab-group/tab-body.component";
+import { TabGroupComponent } from "./tab-group/tab-group.component";
+import { TabLabelDirective } from "./tab-group/tab-label.directive";
+import { TabComponent } from "./tab-group/tab.component";
+import { TabLinkComponent } from "./tab-nav-bar/tab-link.component";
+import { TabNavBarComponent } from "./tab-nav-bar/tab-nav-bar.component";
 
 @NgModule({
-  imports: [CommonModule, RouterModule],
-  exports: [TabGroupComponent, TabItemComponent],
-  declarations: [TabGroupComponent, TabItemComponent],
+  imports: [CommonModule, RouterModule, PortalModule],
+  exports: [
+    TabGroupComponent,
+    TabComponent,
+    TabLabelDirective,
+    TabNavBarComponent,
+    TabLinkComponent,
+  ],
+  declarations: [
+    TabGroupComponent,
+    TabComponent,
+    TabLabelDirective,
+    TabListContainerDirective,
+    TabListItemDirective,
+    TabHeaderComponent,
+    TabNavBarComponent,
+    TabLinkComponent,
+    TabBodyComponent,
+  ],
 })
 export class TabsModule {}
diff --git a/libs/components/src/tabs/tabs.stories.ts b/libs/components/src/tabs/tabs.stories.ts
index 15ee57fa7d58..a520b50e17a8 100644
--- a/libs/components/src/tabs/tabs.stories.ts
+++ b/libs/components/src/tabs/tabs.stories.ts
@@ -3,8 +3,8 @@ import { Component } from "@angular/core";
 import { RouterModule } from "@angular/router";
 import { Meta, moduleMetadata, Story } from "@storybook/angular";
 
-import { TabGroupComponent } from "./tab-group.component";
-import { TabItemComponent } from "./tab-item.component";
+import { TabGroupComponent } from "./tab-group/tab-group.component";
+import { TabsModule } from "./tabs.module";
 
 @Component({
   selector: "bit-tab-active-dummy",
@@ -36,8 +36,6 @@ export default {
   decorators: [
     moduleMetadata({
       declarations: [
-        TabGroupComponent,
-        TabItemComponent,
         ActiveDummyComponent,
         ItemTwoDummyComponent,
         ItemThreeDummyComponent,
@@ -45,6 +43,7 @@ export default {
       ],
       imports: [
         CommonModule,
+        TabsModule,
         RouterModule.forRoot(
           [
             { path: "", redirectTo: "active", pathMatch: "full" },
@@ -66,19 +65,63 @@ export default {
   },
 } as Meta;
 
-const TabGroupTemplate: Story<TabGroupComponent> = (args: TabGroupComponent) => ({
+const ContentTabGroupTemplate: Story<TabGroupComponent> = (args: any) => ({
   props: args,
   template: `
-    <bit-tab-group>
-      <bit-tab-item [route]="['active']">Active</bit-tab-item>
-      <bit-tab-item [route]="['item-2']">Item 2</bit-tab-item>
-      <bit-tab-item [route]="['item-3']">Item 3</bit-tab-item>
-      <bit-tab-item [route]="['disabled']" [disabled]="true">Disabled</bit-tab-item>
+    <bit-tab-group label="Main Content Tabs" class="tw-text-main">
+        <bit-tab label="First Tab">First Tab Content</bit-tab>
+        <bit-tab label="Second Tab">Second Tab Content</bit-tab>
+        <bit-tab>
+          <ng-template bitTabLabel>
+            <i class="bwi bwi-search tw-pr-1"></i> Template Label
+          </ng-template>
+          Template Label Content
+        </bit-tab>
+        <bit-tab [disabled]="true" label="Disabled">
+          Disabled Content
+        </bit-tab>
     </bit-tab-group>
-    <div class="tw-bg-transparent tw-text-semibold tw-text-center !tw-text-main tw-py-10">
+  `,
+});
+
+export const ContentTabs = ContentTabGroupTemplate.bind({});
+
+const NavTabGroupTemplate: Story<TabGroupComponent> = (args: TabGroupComponent) => ({
+  props: args,
+  template: `
+    <bit-tab-nav-bar label="Main">
+      <bit-tab-link [route]="['active']">Active</bit-tab-link>
+      <bit-tab-link [route]="['item-2']">Item 2</bit-tab-link>
+      <bit-tab-link [route]="['item-3']">Item 3</bit-tab-link>
+      <bit-tab-link [route]="['disable']" [disabled]="true">Disabled</bit-tab-link>
+    </bit-tab-nav-bar>
+    <div class="tw-bg-transparent tw-text-semibold tw-text-center tw-text-main tw-py-10">
       <router-outlet></router-outlet>
     </div>
   `,
 });
 
-export const TabGroup = TabGroupTemplate.bind({});
+export const NavigationTabs = NavTabGroupTemplate.bind({});
+
+const PreserveContentTabGroupTemplate: Story<TabGroupComponent> = (args: any) => ({
+  props: args,
+  template: `
+    <bit-tab-group label="Preserve Content Tabs" [preserveContent]="true" class="tw-text-main">
+        <bit-tab label="Text Tab">
+          <p>
+            Play the video in the other tab and switch back to hear the video is still playing.
+          </p>
+        </bit-tab>
+        <bit-tab label="Video Tab">
+          <iframe
+              width="560"
+              height="315"
+              src="https://www.youtube.com/embed/H0-yWbe5XG4"
+             allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
+             allowfullscreen></iframe>
+        </bit-tab>
+    </bit-tab-group>
+  `,
+});
+
+export const PreserveContentTabs = PreserveContentTabGroupTemplate.bind({});
diff --git a/package-lock.json b/package-lock.json
index eb2ea47d6b3e..a0f5a037f804 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -233,7 +233,7 @@
     },
     "apps/web": {
       "name": "@bitwarden/web-vault",
-      "version": "2022.9.1"
+      "version": "2022.9.2"
     },
     "libs/angular": {
       "name": "@bitwarden/angular",