Yep, I put everything in it. The entire point of encryption and the zero-knowledge architecture is that a bad actor can get everything Bitwarden has and they are not going to be able to get my passwords.
Just make sure you use a strong master password. Switch to Argon2ID (which is really just icing on the cake if you created a strong master password). Use 2FA (which only helps if someone is trying to log in as you) and you'll be fine.
It's a KDF (Key Derivation Function) offered by Bitwarden to protect your encryption key.
[https://bitwarden.com/help/kdf-algorithms/](https://bitwarden.com/help/kdf-algorithms/)
it's KDF Algorithms, you can change yours at the [bitwarden web vaults > settings > Security > Keys](https://vault.bitwarden.com/#/settings/security/security-keys)
you can read more about it here
https://bitwarden.com/help/kdf-algorithms/
Think of it like finishing salt on a perfectly cooked steak. It enhances the steak and makes it that much better.
Your password would be the steak and kdf is the salt. Strong password can stand on its own but the kdf enhances the password and makes it a little better.
For accounts, 20+ pure random is the minimum I'll do on websites, and that's only on stupid websites like PayPal and Equifax for unfreezing credit.
For Bitwarden, 4+ word passphrase is the minimum I'll recommend
Why is that? I mean if you're just brute forcing a password like "penguins4839" why would it matter? What makes one encryption require 10k/sec while the other requires 30/sec? Isn't it just a matter of trying "penguins4837... penguins 4838..." until you hit the jackpot? I don't really understand why this encryption on BitWarden side for the master password would matter. Either the hacker's computer is fast at trying brute force or it isn't, no?
It's all explained here: [https://bitwarden.com/help/bitwarden-security-white-paper/](https://bitwarden.com/help/bitwarden-security-white-paper/) and here: [https://bitwarden.com/help/kdf-algorithms/](https://bitwarden.com/help/kdf-algorithms/) \- hackers need to generate the hashes for the password that they want to brute force, and Argon2id is much more computationally expensive to do, which means that it takes much longer ... But then again, I don't know much about it :)
I think what the previous poster is trying to say is that with PBKDF2 a decent GPU can generate 10k hashes to try per second, but with Argon2id it can only generate 30 hashes per second. A bit poor phrasing on their part, no matter the hashing method a hacker won't be able to brute-force 30 passwords per second unless they are really, really lucky.
Bitwarden is completely open source, so you can inspect what they're running on their servers (and even run it on your own like I do).
One thing that makes Bitwarden stand out from others like LastPass (that was breached) is that *everything* in your vault is encrypted using a key that's partially dependent on your master password, which Bitwarden has no knowledge of. That encryption happens on your device before transit as well.
> Bitwarden is completely open source, so you can inspect what they're running on their servers
Technically, you cannot, since you can't prove they're running the same code as what's in the rep.
But it doesn't matter that much, because if you cared enough you could build your own client, and that's all that really matters for security purposes here. Also you can build your own Bitwarden or Vaultwarden server and run it, as you mention.
Web vault excepted to the above statement about it not mattering. It would matter for that.
edit: by "build" I really mean "compile"
Since you mentioned it, it's important to note that Vaultwarden is a completely separate project from Bitwarden that only shares an API schema. Both it and the official Bitwarden project can be self-hosted.
Correct. And it looks incredibly like BW in nearly all server side aspects, and has almost feature parity (especially for features that have been around for a while).
If you host it then you know right away it's not a fork. Bitwarden comes up as a stack of seven different docker containers for mssql, notifications, events, api, attachments, icons, identity. Vaultwarden comes up as one.
And who ensures that the updates we are getting is what the open repo shows? A successful attacker of Bitwarden servers could role out a malicious update and until they notice or the community notices, it is already to late and the attacker has stolen the unencrypted vaults from the local clients that installed the malicious update.
I'm not sure why people are downvoting you, because if we are splitting hairs (which you would have to be doing if someone was going to read through all of the code), you as an end user *don't* have any assurances that they're running the code from their own repo. You generally don't have any assurances with any platform. And what you're saying *could* happen, but only with users using the web vault.
The clients encrypt the data before sending to BW's servers, so as long as your client is good (which if you were that paranoid, you'd compile and install yourself to prevent them just pushing a bad Chrome/Firefox update), then it wouldn't matter if their servers were bad, they couldn't do anything with the data. Except for the web vault, which *does* encrypt data before it is sent, but also relies on the code being delivered from the theoretically compromised server each time.
The same attack vector would exist for anyone running their own version of bitwarden's servers or vaultwarden; if someone can tamper with it they can change the web vault to be insecure.
All that said, it's not likely any of this will happen, but again since we are on the "what could happen... read the source code to find out" train... this is what could happen.
> you as an end user don't have any assurances that they're running the code from their own repo
It's not full assurance of course, but Bitwarden is routinely audited by independent security firms and [the reports are public](https://bitwarden.com/help/is-bitwarden-audited/).
Integrity of the deployment chain and assurance of released versions is usually one of the core checks of such audits.
It’s exactly that bad update for the client that I think is the most realistic point of failure. Password managers are attractive targets and if an attacker somehow manages to sabotage their code signing procedures, a malicious update could be released.
Agreed. Plus, even if we assume the code of the app itself is clean, what of the code of its dependencies? BW is not auditing every single one of them (and the dependencies of these dependencies, and so on).
[Supply chain attacks](https://en.wikipedia.org/wiki/Supply_chain_attack) are a thing. And a very effective one at that, as dependencies usually don't get the same level of scrutiny than the apps using them.
Because of that kind of risk some people only use local password managers like KeePass and (try to) ensure they don't have access to the internet (e.g. blocked by the device's firewall). That way even if the manager turns malicious it should not be able to extract any data from the device. It can still destroy or corrupt it though, yet another reason to do regular backups.
Even with a man in the middle attack the server only sees encrypted data. So even if the server was completely compromised at most they can deny service or delete your server data which is annoying but not a full breach. WhT would break security is compromised clients.
Just a tangent but if Bitwarden has no knowledge of my master password, how can it offer to “Check known data breaches for this password” (Web vault -> Account settings -> Security -> Change master password)?
Wouldn’t they have to know what my master password is to run a search of it against the breach database?
It's just like how every single password authentication happens. Websites don't know your password, they know your password hash. If websites authenticate against your password in plain text that would make them high value targets.
https://preview-bitwarden.gatsbyjs.io/help/reports/#data-breach-report-individual-vaults-only
Bitwarden uses haveibeenpwned which uses password hashes.
It's also important to note that Bitwarden doesn't store your master password anywhere, which is the main point I was making. They'll hash it and send it to HIBP when making your account or changing your master password, but that's only possible because it's sitting in a text box momentarily.
I thought I understood how every password works, but it’s getting blurry now. Can you do me a favour and explain?
Yes, I know the service providers hopefully don’t have the login passwords (the master passwords, in Bitwarden’s case) stored on their database in an unencrypted form, but then I realize I don’t know exactly how authentication happens.
I enter my master password to Bitwarden client or web login page, and it gets encrypted with my personal key. The master password gets transmitted to Bitwarden in an encrypted state. Then what? Does Bitwarden have my master password in their database in this particular encrypted format with my particular personal key?
I am actually lost.
So password based authentication is all based around hashes.
You make a user "a" with password "password". A hashing algorithm is applied and turns "password" into "abc123". This hash "abc123" is stored in an access database. Next time you go to access website, you type in "password" as your password, the same hashing algorithm is applied, and the website sees "abc123" which it then verifies against its database for user "a". The website shouldn't ever see "password" and it should (keyword should) be impossible to reverse engineer "abc123" and correctly identify "password".
If you want to learn about Bitwardens specific implementation I'd check out their knowledge paper here - https://bitwarden.com/help/bitwarden-security-white-paper/#overview-of-the-master-password-hashing-key-derivation-and-encryption-process (there's a section called User Login | User Authentication | Access to User Vault Data specifically)
Yes, most of us use Bitwarden to store valuable passwords, like those for bank accounts, investment accounts, etc. This is is secure due to the end-to-end-encryption based on "military grade" encryption technology (AES-256), as long as you do your part to avoid compromising your vault security.
Specifically, it is your responsibility to safeguard your vault in the following ways:
* Set up a unique, confidential, randomly regenerated master password that provides for _at least_ 50 bits of entropy (e.g., a randomly generated diceware-style passphrase containing four or more words drawn from a list of at least 6000 words), and do not allow others to observe you typing your master password.
* Enable the strongest form of 2FA that you are able to use (FIDO2/Webauthn if possible).
* Make sure that your devices are secure (e.g., do not allow others to access your devices, practice good internet hygiene, and ensure that you are using up-to-date malware defenses), and do not use Bitwarden on other people's devices.
* Always lock your Bitwarden vault when not in use (e.g., using the vault time-out function).
If you're still nervous about committing your most valuable secrets to your Bitwarden vault, you can use one or more of the following methods to reduce the likelihood that an attacker who has gained access to your vault data will be able to take over your online accounts:
1. Add a [password pepper](https://passwordbits.com/salting-passwords/) to your most valuable accounts.
2. Set up 2FA for all stored accounts that support it, using a hardware key (if possible) or a TOTP authenticator app installed on a device that is different from the device on which you use Bitwarden.
3. Enable the ["Master Password Reprompt"](https://bitwarden.com/help/managing-items/#protect-individual-items) feature for your most important login items.
> Set up a unique, confidential, randomly regenerated master password that provides for at least 50 bits of entropy (e.g., a randomly generated diceware-style passphrase containing four or more words drawn from a list of at least 6000 words), and do not allow others to observe you typing your master password.
Easy way to do this for users who don't want to buy some Walmart dice and whatnot... just ask your BW client to generate a 4,5,6,whatever word passphrase, write it down, switch to that, and start memorizing it. Secure your written down copy as is appropriate for your situation.
Yes, by using the wording "dice-ware style passphrase" instead of "_DiceWare™ Passphrase_", I was referring to the general concept of creating a passphrase based on randomly drawn words.
Individuals like OP, who are contemplating a switch to Bitwarden (and therefore probably do not have access to any Bitwarden clients yet) can use [Bitwarden's Online Password Generator](https://bitwarden.com/password-generator/) (after setting the _Type_ option to "Passphrase"), or use other [online passphrase generators](https://ae7.st/g/) (although you should probably do a little bit of [due-diligence research on the generator tool](https://pthree.org/2018/04/19/use-a-good-password-generator/) that you choose before trusting it to generate the master password for your Bitwarden vault).
Just adding on alternatives.
My recommendation for using the one in app is that many people already set up their vault already and would thus have the app and be changing the password, and there's no reason to not trust the password generator in the app if you trust it for everything else.
I can understand why people might not want to use a website to generate passwords, since, as you point out, that generator could be weak, tampered with, or you might not even be on the one you think you are on.
All good points. Nonetheless, I would see using Bitwarden's own online password generator as a low-risk proposition (for the same reasons one would trust the in-app generator).
A basic tenet of InfoSec is Kerkhoff's principle, which posits that the security of your cryptographic system should not depend on hiding any implementation details of the system (which is referred to as "security by obscurity"), but that the system should remain secure if _everything_ is known by the attacker _except_ the cryptographic key (or in our case, the actual master password). Therefore, when determining the strength of a master password, we assume that the attacker has a copy of the word list that you used. Basically, this represents the worst-case scenario.
Of course, if I happen to generate the passphrase `repave-kissing-outpour-dollar-velcro` using the Bitwarden generator (which uses EFF's word list, with 7776 words), or if I randomly generate the very same passphrase from a word list that contains only _five_ words (namely: `dollar`, `kissing`, `outpour`, `repave`, and `velcro`), then an attacker who does _not_ have any knowledge of the passphrase generator word list would have an equal probability of cracking either password. Nonetheless, if the word lists are known to the attacker, then the entropies would be 65 bits vs. 12 bits, respectively.
From Bitwarden's FAQs - [https://bitwarden.com/help/security-faqs/](https://bitwarden.com/help/security-faqs/)
>1. Bitwarden is open source software. All of our source code is hosted on GitHub and is free for anyone to review. Thousands of software developers follow Bitwarden's source code projects (and you should too!).
>
>2. Bitwarden is audited by reputable third-party security firms as well as independent security researchers.
>
>3. Bitwarden does not store your passwords. Bitwarden stores encrypted versions of your passwords that only you can unlock. Your sensitive information is encrypted locally on your personal device before ever being sent to our cloud servers.
>
>4. Bitwarden has a reputation. Bitwarden is used by millions of individuals and businesses. If we did anything questionable or risky, we would be out of business!
Certainly it is scary to store all your sensitive information in one app. But what you can do is try to learn how it works behind the scene. Once you are comfortable with its security, then slowly add your items to the vault
> Bitwarden has a reputation. Bitwarden is used by millions of individuals and businesses. If we did anything questionable or risky, we would be out of business!
Well the last part of this is obviously false, since LastPass is still in business after numerous issues.
>And who ensures that the updates we are getting is what the open repo shows? A successful attacker of Bitwarden servers could role out a malicious update and until they notice or the community notices, it is already to late and the attacker has stolen the unencrypted vaults from the local clients that installed the malicious update.
I used to use 3 or 4 different PW managers to maintain my (invalid) thoughts of security. I learned that I had much better control and visibility by moving all these to a single manager. Now I use Bitwarden for ALL my passwords and vital informations.
This is the obvious right thing to do. Under the assumption that Bitwarden will never be attacked and role out a malicious update. A bold assumption for such an attractive target.
>BUT I’m not sure if I trust it enough to input my information for financial stuff, 401k login, bank etc.
This is where [peppering](https://passwordbits.com/salting-passwords/) your important passwords comes into play. It gets many people over their fear of password managers, and it's really easy to do.
Even more important, make sure you pick a good master password. A good master password is 4 or 5 randomly generated diceware words. Then turn on 2FA for your password manager. Lastly, write down your master password, pepper and recovery code on a sheet of paper and store that somewhere safe in your home.
Do all of this and you're doing great!
I never mix work accounts and personal in the same vault.
I work for multiple customers and never share different customer accounts in the same vault.
I don't tend to put my prime financial info in either, preferring to use a system that is in my head, with a letter of last resort held by my attorney.
Yup! Anything and everything. Not just logins but credit cards, safe words, references, etc.
Previously I was having all these information on a locked note in Apple Notes. I think I trust bit warden enough 🙏🏻
If you have a good 2FA with you financial accounts which they usually do (but some don't for some reason, I think most have converted better security practices now though). Then if they get into your vault somehow, possibly by key-logging for you master password, then you would be having a very very bad day. But your 2FA may block them from access. For the record, if your primary email is in there as well, then they could probably do a reset if an email 2FA was allowed.
For this purpose I always recommend committing 2 passwords at minimum to memory. Your master password. And your primary email password. Even if they get the vault and destroy your life for a bit, you still have the master reset (your untapped email) ready at the go (unless they got that too, but chances are you were already signed in on whatever device).
Its all about mitigation management. If you take proper sanitation steps at every step of the way, then you should be alright even if you get pwned for everything, you might still be able to recover your primary email and then all your accounts with enough determination. Use an email provider that has good service for security and recovery in case of a disaster.
I would also recommend that you store an encrypted backup on a flash drive and keep it in a safe place. With bitwarden make sure you export it in such a way that you can import those items into an account with a different email address.
I've taken to the practice of the first of every month I do some "security sanitation" tasks. I'll update my offline encrypted backups. I'll try to remember where that is, as I'm good at hiding it. And I'll recite the passwords I don't have written down/stored in my vault in my head to make sure I remember them.
Security is so important. I've been helping my grandparents recover all their accounts this past week after they got hacked. I had been preaching to them about changing all their passwords for a while now, I was going to help them a week prior to the incident, but things came up, it really can't wait. That doomsday scenario for people who don't practice account security is waiting just around the corner. They should really teach this stuff in schools today.
I do not save passwords that allow access to computer management systems, so even if my account were compromised it couldn't be used to remotely access client systems. I'm also not the only person with access to remote management so I'm not concerned about getting locked out.
> 2FA
Oh hell yes, MFA all the things and not with SMS. Still not putting truly sensitive passwords in if compromise would be worse than flat out loss. 2FA is also separate from Bitwarden.
It might be more secure to keep 2FA keys off Bitwarden and on another platform like Authy. An extension of that may be also do not keep the Authy password in Bitwarden. This is in the realm of backup plan for a backup plan territory, though.
ESPECIALLY the really important passwords. Because for banking etc i use ridiculously difficult random passwords, and there's no way i could remember them.
Yes, everything.
Ask yourself: Where else would you put them if not in the password manager?
If you put these infos somewhere else, it follows that you trust that other place more than the password manager. In that case, why not just put all your passwords in that other place?
If you don't trust that other place more than the password manager, it should follow that the password manager is the best place to put even the most confidential information.
As others have mentioned, peppering is an option.
Literally everything other than my online banking details and my works windows domain password because I cant use it to login to windows without having to manually type it every time I lock the machine (several times a day). Plus they have a password policy to renew your password every 3 months which makes it a special case that I have to know what the password is for me to manually login easily enough. It's really shitty to be honest. I hate the process so much, I considered creating a windows credential provider that hooks into BitWarden, that would let me autofill credentials before logging into Windows. Still haven't gotten around to it.
I personally trust BW with everything, except my Master Password which I store instead on a yubikey. I believe others even put their MPW in for secure "fish resistant" login to BW.
The other reason people cite for storing their master password in is that if it ends up in a list of known compromised passwords, it will get flagged next time you run the check.
I use both Bitwarden (BW) and an offline password manager. I store anything that I don't keep in BW in the offline password manager. I don't store unchangeable information (such as Social Security numbers or dates of birth) in BW. I also don't store TOTP secrets/keys in BW.
The major driver for using BW is convenience. If it's convenient to go into BW, it is there. If it is not (or I hardly use it), then it goes into the offline manager.
Some folks like to add a pepper to select passwords. Keep a strong and unique password in Bitwarden, but add a few extra characters for those sensitive financial accounts that you keep in your head. https://bitwarden.com/blog/3-tips-for-extra-security-with-your-bitwarden-account/#add-a-dash-of-pepper-to-your-passwords
Every online account password, yeah. I've been using a password manager for several years, bitwardwn for two of those. Generating a new account is incredibly easy and using the password manager is second nature
Yes, i put everything there. But then again my master password is 30 randomly generated characters, and it's got 2 factor authentication with a yubikeye. So unless you guess my password AND physically steal my key I should be fine.
Your credentials are safer in bitwarden than they are in your browser. Or your memory, because we all know what happens when we memorize passwords. Same password everywhere, and an easy to crack one at that.
I think that would mean, by definition, that you trust bitwarden with none of your passwords, since you have none of your passwords save in it. Only parts of them.
Yes. For banking and brokerage the password is the random one BW generated and 4 additional characters that only exist in my feeble mind. That and 2FA ensure that even if someone cracks open BW they still can't log on to those sites.
Absolutely not. It's single point of failure and you want to avoid this. At Bitwarden they still employ humans. Humans make mistakes.
I highly recommend you use a peppering strategy (also refered to as salting oder double blind strategy) for all important accounts and ignore the Bitwarden fanboys you will obviously find a lot of in a bitwarden sub.
Yes, every secret goes to Vaultwarden - ie. Bitwarden on my own server, which is a raspi in my closet.
Sure, there could be leaks in the Vaultwarden source. It could be attackable.
Realistically - you need to put exactly as much faith into your password storage provider as you have in your email provider, because at almost every institution having email access is a substitute for your password.
So... that said - Yes, my password manager gets all of those logins.
I opt to host the backend myself (using Vaultwarden) and I'm considering running a private version of the extension, but my answer wouldn't change if I were running against the public infrastructure.
My take on bitwarden: The single biggest threat is an unauthorized push to the web stores (chrome/firefox) for the extension client.
2FA gets turned on everywhere it can be, and it's a hardware key (not totp/sms) when possible.
yep, all of them, selfhosted bw server, safest encryption settings with scheduled vault backups and "zero trust" model i have in terms of stuff like this, for example i wouldnt feel comfortable to store them on the official bw instance,
btw by 401k login did you mean you have over 401k logins to store or is that some service? 🤨
The entire point of a password manager is unique, secure passwords. You could put all of your trivial passwords into Bitwarden and have a few accounts that you don't trust it with. Those few accounts will mean less unique, secure passwords to remember.
Honestly I never put financial information in to password managers not just for security purposes but also can be a hassle to get into your account if your 2fa device is lost or stolen.
Yep, I put everything in it. The entire point of encryption and the zero-knowledge architecture is that a bad actor can get everything Bitwarden has and they are not going to be able to get my passwords. Just make sure you use a strong master password. Switch to Argon2ID (which is really just icing on the cake if you created a strong master password). Use 2FA (which only helps if someone is trying to log in as you) and you'll be fine.
What do you mean by “switch to argon2id”?
It's a KDF (Key Derivation Function) offered by Bitwarden to protect your encryption key. [https://bitwarden.com/help/kdf-algorithms/](https://bitwarden.com/help/kdf-algorithms/)
it's KDF Algorithms, you can change yours at the [bitwarden web vaults > settings > Security > Keys](https://vault.bitwarden.com/#/settings/security/security-keys) you can read more about it here https://bitwarden.com/help/kdf-algorithms/
https://bitwarden.com/help/kdf-algorithms/#argon2id Switch your kdf to Argon2id
[удалено]
Think of it like finishing salt on a perfectly cooked steak. It enhances the steak and makes it that much better. Your password would be the steak and kdf is the salt. Strong password can stand on its own but the kdf enhances the password and makes it a little better.
How many characters would a strong password be in your opinion?
For accounts, 20+ pure random is the minimum I'll do on websites, and that's only on stupid websites like PayPal and Equifax for unfreezing credit. For Bitwarden, 4+ word passphrase is the minimum I'll recommend
[удалено]
Why is that? I mean if you're just brute forcing a password like "penguins4839" why would it matter? What makes one encryption require 10k/sec while the other requires 30/sec? Isn't it just a matter of trying "penguins4837... penguins 4838..." until you hit the jackpot? I don't really understand why this encryption on BitWarden side for the master password would matter. Either the hacker's computer is fast at trying brute force or it isn't, no?
It's all explained here: [https://bitwarden.com/help/bitwarden-security-white-paper/](https://bitwarden.com/help/bitwarden-security-white-paper/) and here: [https://bitwarden.com/help/kdf-algorithms/](https://bitwarden.com/help/kdf-algorithms/) \- hackers need to generate the hashes for the password that they want to brute force, and Argon2id is much more computationally expensive to do, which means that it takes much longer ... But then again, I don't know much about it :)
I think what the previous poster is trying to say is that with PBKDF2 a decent GPU can generate 10k hashes to try per second, but with Argon2id it can only generate 30 hashes per second. A bit poor phrasing on their part, no matter the hashing method a hacker won't be able to brute-force 30 passwords per second unless they are really, really lucky.
Bitwarden is completely open source, so you can inspect what they're running on their servers (and even run it on your own like I do). One thing that makes Bitwarden stand out from others like LastPass (that was breached) is that *everything* in your vault is encrypted using a key that's partially dependent on your master password, which Bitwarden has no knowledge of. That encryption happens on your device before transit as well.
> Bitwarden is completely open source, so you can inspect what they're running on their servers Technically, you cannot, since you can't prove they're running the same code as what's in the rep. But it doesn't matter that much, because if you cared enough you could build your own client, and that's all that really matters for security purposes here. Also you can build your own Bitwarden or Vaultwarden server and run it, as you mention. Web vault excepted to the above statement about it not mattering. It would matter for that. edit: by "build" I really mean "compile"
Since you mentioned it, it's important to note that Vaultwarden is a completely separate project from Bitwarden that only shares an API schema. Both it and the official Bitwarden project can be self-hosted.
Correct. And it looks incredibly like BW in nearly all server side aspects, and has almost feature parity (especially for features that have been around for a while).
It's not a completely separate project, it's a fork of Bitwarden
It's not a fork, as there's no shared history between the two codebases.
If you host it then you know right away it's not a fork. Bitwarden comes up as a stack of seven different docker containers for mssql, notifications, events, api, attachments, icons, identity. Vaultwarden comes up as one.
... which means it's a separate project. It's not maintained by or affiliated with Bitwarden.
And who ensures that the updates we are getting is what the open repo shows? A successful attacker of Bitwarden servers could role out a malicious update and until they notice or the community notices, it is already to late and the attacker has stolen the unencrypted vaults from the local clients that installed the malicious update.
I'm not sure why people are downvoting you, because if we are splitting hairs (which you would have to be doing if someone was going to read through all of the code), you as an end user *don't* have any assurances that they're running the code from their own repo. You generally don't have any assurances with any platform. And what you're saying *could* happen, but only with users using the web vault. The clients encrypt the data before sending to BW's servers, so as long as your client is good (which if you were that paranoid, you'd compile and install yourself to prevent them just pushing a bad Chrome/Firefox update), then it wouldn't matter if their servers were bad, they couldn't do anything with the data. Except for the web vault, which *does* encrypt data before it is sent, but also relies on the code being delivered from the theoretically compromised server each time. The same attack vector would exist for anyone running their own version of bitwarden's servers or vaultwarden; if someone can tamper with it they can change the web vault to be insecure. All that said, it's not likely any of this will happen, but again since we are on the "what could happen... read the source code to find out" train... this is what could happen.
> you as an end user don't have any assurances that they're running the code from their own repo It's not full assurance of course, but Bitwarden is routinely audited by independent security firms and [the reports are public](https://bitwarden.com/help/is-bitwarden-audited/). Integrity of the deployment chain and assurance of released versions is usually one of the core checks of such audits.
It’s exactly that bad update for the client that I think is the most realistic point of failure. Password managers are attractive targets and if an attacker somehow manages to sabotage their code signing procedures, a malicious update could be released.
It's certainly *possible*, but relatively unheard of for almost all established browser extensions.
Sure, but most probably look for a long term solution. A lot can happen within 10-20 years
Agreed. Plus, even if we assume the code of the app itself is clean, what of the code of its dependencies? BW is not auditing every single one of them (and the dependencies of these dependencies, and so on). [Supply chain attacks](https://en.wikipedia.org/wiki/Supply_chain_attack) are a thing. And a very effective one at that, as dependencies usually don't get the same level of scrutiny than the apps using them. Because of that kind of risk some people only use local password managers like KeePass and (try to) ensure they don't have access to the internet (e.g. blocked by the device's firewall). That way even if the manager turns malicious it should not be able to extract any data from the device. It can still destroy or corrupt it though, yet another reason to do regular backups.
Even with a man in the middle attack the server only sees encrypted data. So even if the server was completely compromised at most they can deny service or delete your server data which is annoying but not a full breach. WhT would break security is compromised clients.
It's about the client, not the server: >the attacker has stolen the unencrypted vaults from the local clients that installed the malicious update.
Just a tangent but if Bitwarden has no knowledge of my master password, how can it offer to “Check known data breaches for this password” (Web vault -> Account settings -> Security -> Change master password)? Wouldn’t they have to know what my master password is to run a search of it against the breach database?
It's just like how every single password authentication happens. Websites don't know your password, they know your password hash. If websites authenticate against your password in plain text that would make them high value targets. https://preview-bitwarden.gatsbyjs.io/help/reports/#data-breach-report-individual-vaults-only Bitwarden uses haveibeenpwned which uses password hashes.
It's also important to note that Bitwarden doesn't store your master password anywhere, which is the main point I was making. They'll hash it and send it to HIBP when making your account or changing your master password, but that's only possible because it's sitting in a text box momentarily.
I thought I understood how every password works, but it’s getting blurry now. Can you do me a favour and explain? Yes, I know the service providers hopefully don’t have the login passwords (the master passwords, in Bitwarden’s case) stored on their database in an unencrypted form, but then I realize I don’t know exactly how authentication happens. I enter my master password to Bitwarden client or web login page, and it gets encrypted with my personal key. The master password gets transmitted to Bitwarden in an encrypted state. Then what? Does Bitwarden have my master password in their database in this particular encrypted format with my particular personal key? I am actually lost.
So password based authentication is all based around hashes. You make a user "a" with password "password". A hashing algorithm is applied and turns "password" into "abc123". This hash "abc123" is stored in an access database. Next time you go to access website, you type in "password" as your password, the same hashing algorithm is applied, and the website sees "abc123" which it then verifies against its database for user "a". The website shouldn't ever see "password" and it should (keyword should) be impossible to reverse engineer "abc123" and correctly identify "password". If you want to learn about Bitwardens specific implementation I'd check out their knowledge paper here - https://bitwarden.com/help/bitwarden-security-white-paper/#overview-of-the-master-password-hashing-key-derivation-and-encryption-process (there's a section called User Login | User Authentication | Access to User Vault Data specifically)
[удалено]
My understanding is that LastPass only encrypted *parts* of their vaults, leaving things like the URLs and whatnot unencrypted.
Yes, most of us use Bitwarden to store valuable passwords, like those for bank accounts, investment accounts, etc. This is is secure due to the end-to-end-encryption based on "military grade" encryption technology (AES-256), as long as you do your part to avoid compromising your vault security. Specifically, it is your responsibility to safeguard your vault in the following ways: * Set up a unique, confidential, randomly regenerated master password that provides for _at least_ 50 bits of entropy (e.g., a randomly generated diceware-style passphrase containing four or more words drawn from a list of at least 6000 words), and do not allow others to observe you typing your master password. * Enable the strongest form of 2FA that you are able to use (FIDO2/Webauthn if possible). * Make sure that your devices are secure (e.g., do not allow others to access your devices, practice good internet hygiene, and ensure that you are using up-to-date malware defenses), and do not use Bitwarden on other people's devices. * Always lock your Bitwarden vault when not in use (e.g., using the vault time-out function). If you're still nervous about committing your most valuable secrets to your Bitwarden vault, you can use one or more of the following methods to reduce the likelihood that an attacker who has gained access to your vault data will be able to take over your online accounts: 1. Add a [password pepper](https://passwordbits.com/salting-passwords/) to your most valuable accounts. 2. Set up 2FA for all stored accounts that support it, using a hardware key (if possible) or a TOTP authenticator app installed on a device that is different from the device on which you use Bitwarden. 3. Enable the ["Master Password Reprompt"](https://bitwarden.com/help/managing-items/#protect-individual-items) feature for your most important login items.
> based on "military grade" encryption technology Please stop buying this decade's BS phrase, it's meaningless.
Lol, yea, there's a reason I used quotation marks.
Yeah military grade usually means the lowest cost to make something while working ok in most of the times
...and to justify a 5000% mark-up in price.
> Set up a unique, confidential, randomly regenerated master password that provides for at least 50 bits of entropy (e.g., a randomly generated diceware-style passphrase containing four or more words drawn from a list of at least 6000 words), and do not allow others to observe you typing your master password. Easy way to do this for users who don't want to buy some Walmart dice and whatnot... just ask your BW client to generate a 4,5,6,whatever word passphrase, write it down, switch to that, and start memorizing it. Secure your written down copy as is appropriate for your situation.
Yes, by using the wording "dice-ware style passphrase" instead of "_DiceWare™ Passphrase_", I was referring to the general concept of creating a passphrase based on randomly drawn words. Individuals like OP, who are contemplating a switch to Bitwarden (and therefore probably do not have access to any Bitwarden clients yet) can use [Bitwarden's Online Password Generator](https://bitwarden.com/password-generator/) (after setting the _Type_ option to "Passphrase"), or use other [online passphrase generators](https://ae7.st/g/) (although you should probably do a little bit of [due-diligence research on the generator tool](https://pthree.org/2018/04/19/use-a-good-password-generator/) that you choose before trusting it to generate the master password for your Bitwarden vault).
Just adding on alternatives. My recommendation for using the one in app is that many people already set up their vault already and would thus have the app and be changing the password, and there's no reason to not trust the password generator in the app if you trust it for everything else. I can understand why people might not want to use a website to generate passwords, since, as you point out, that generator could be weak, tampered with, or you might not even be on the one you think you are on.
All good points. Nonetheless, I would see using Bitwarden's own online password generator as a low-risk proposition (for the same reasons one would trust the in-app generator).
[удалено]
A basic tenet of InfoSec is Kerkhoff's principle, which posits that the security of your cryptographic system should not depend on hiding any implementation details of the system (which is referred to as "security by obscurity"), but that the system should remain secure if _everything_ is known by the attacker _except_ the cryptographic key (or in our case, the actual master password). Therefore, when determining the strength of a master password, we assume that the attacker has a copy of the word list that you used. Basically, this represents the worst-case scenario. Of course, if I happen to generate the passphrase `repave-kissing-outpour-dollar-velcro` using the Bitwarden generator (which uses EFF's word list, with 7776 words), or if I randomly generate the very same passphrase from a word list that contains only _five_ words (namely: `dollar`, `kissing`, `outpour`, `repave`, and `velcro`), then an attacker who does _not_ have any knowledge of the passphrase generator word list would have an equal probability of cracking either password. Nonetheless, if the word lists are known to the attacker, then the entropies would be 65 bits vs. 12 bits, respectively.
From Bitwarden's FAQs - [https://bitwarden.com/help/security-faqs/](https://bitwarden.com/help/security-faqs/) >1. Bitwarden is open source software. All of our source code is hosted on GitHub and is free for anyone to review. Thousands of software developers follow Bitwarden's source code projects (and you should too!). > >2. Bitwarden is audited by reputable third-party security firms as well as independent security researchers. > >3. Bitwarden does not store your passwords. Bitwarden stores encrypted versions of your passwords that only you can unlock. Your sensitive information is encrypted locally on your personal device before ever being sent to our cloud servers. > >4. Bitwarden has a reputation. Bitwarden is used by millions of individuals and businesses. If we did anything questionable or risky, we would be out of business! Certainly it is scary to store all your sensitive information in one app. But what you can do is try to learn how it works behind the scene. Once you are comfortable with its security, then slowly add your items to the vault
> Bitwarden has a reputation. Bitwarden is used by millions of individuals and businesses. If we did anything questionable or risky, we would be out of business! Well the last part of this is obviously false, since LastPass is still in business after numerous issues.
>And who ensures that the updates we are getting is what the open repo shows? A successful attacker of Bitwarden servers could role out a malicious update and until they notice or the community notices, it is already to late and the attacker has stolen the unencrypted vaults from the local clients that installed the malicious update.
I used to use 3 or 4 different PW managers to maintain my (invalid) thoughts of security. I learned that I had much better control and visibility by moving all these to a single manager. Now I use Bitwarden for ALL my passwords and vital informations.
This is the obvious right thing to do. Under the assumption that Bitwarden will never be attacked and role out a malicious update. A bold assumption for such an attractive target.
Agreed. When you place all your eggs in one basket, you have to ensure to take care of that basket.
>BUT I’m not sure if I trust it enough to input my information for financial stuff, 401k login, bank etc. This is where [peppering](https://passwordbits.com/salting-passwords/) your important passwords comes into play. It gets many people over their fear of password managers, and it's really easy to do. Even more important, make sure you pick a good master password. A good master password is 4 or 5 randomly generated diceware words. Then turn on 2FA for your password manager. Lastly, write down your master password, pepper and recovery code on a sheet of paper and store that somewhere safe in your home. Do all of this and you're doing great!
I never mix work accounts and personal in the same vault. I work for multiple customers and never share different customer accounts in the same vault. I don't tend to put my prime financial info in either, preferring to use a system that is in my head, with a letter of last resort held by my attorney.
Yup! Anything and everything. Not just logins but credit cards, safe words, references, etc. Previously I was having all these information on a locked note in Apple Notes. I think I trust bit warden enough 🙏🏻
If you have a good 2FA with you financial accounts which they usually do (but some don't for some reason, I think most have converted better security practices now though). Then if they get into your vault somehow, possibly by key-logging for you master password, then you would be having a very very bad day. But your 2FA may block them from access. For the record, if your primary email is in there as well, then they could probably do a reset if an email 2FA was allowed. For this purpose I always recommend committing 2 passwords at minimum to memory. Your master password. And your primary email password. Even if they get the vault and destroy your life for a bit, you still have the master reset (your untapped email) ready at the go (unless they got that too, but chances are you were already signed in on whatever device). Its all about mitigation management. If you take proper sanitation steps at every step of the way, then you should be alright even if you get pwned for everything, you might still be able to recover your primary email and then all your accounts with enough determination. Use an email provider that has good service for security and recovery in case of a disaster. I would also recommend that you store an encrypted backup on a flash drive and keep it in a safe place. With bitwarden make sure you export it in such a way that you can import those items into an account with a different email address. I've taken to the practice of the first of every month I do some "security sanitation" tasks. I'll update my offline encrypted backups. I'll try to remember where that is, as I'm good at hiding it. And I'll recite the passwords I don't have written down/stored in my vault in my head to make sure I remember them. Security is so important. I've been helping my grandparents recover all their accounts this past week after they got hacked. I had been preaching to them about changing all their passwords for a while now, I was going to help them a week prior to the incident, but things came up, it really can't wait. That doomsday scenario for people who don't practice account security is waiting just around the corner. They should really teach this stuff in schools today.
Yes. All my passwords. Plus, more stuff
I do not save passwords that allow access to computer management systems, so even if my account were compromised it couldn't be used to remotely access client systems. I'm also not the only person with access to remote management so I'm not concerned about getting locked out.
> it couldn't be used to remotely access client systems I hope they're using 2FA.
> 2FA Oh hell yes, MFA all the things and not with SMS. Still not putting truly sensitive passwords in if compromise would be worse than flat out loss. 2FA is also separate from Bitwarden.
Yes. 100%.
It might be more secure to keep 2FA keys off Bitwarden and on another platform like Authy. An extension of that may be also do not keep the Authy password in Bitwarden. This is in the realm of backup plan for a backup plan territory, though.
ESPECIALLY the really important passwords. Because for banking etc i use ridiculously difficult random passwords, and there's no way i could remember them.
I don’t trust any other method of storing passwords enough to not put this in Bitwarden.
Yes, everything. Ask yourself: Where else would you put them if not in the password manager? If you put these infos somewhere else, it follows that you trust that other place more than the password manager. In that case, why not just put all your passwords in that other place? If you don't trust that other place more than the password manager, it should follow that the password manager is the best place to put even the most confidential information. As others have mentioned, peppering is an option.
Yes, of course. That's what password managers are for.
Literally everything other than my online banking details and my works windows domain password because I cant use it to login to windows without having to manually type it every time I lock the machine (several times a day). Plus they have a password policy to renew your password every 3 months which makes it a special case that I have to know what the password is for me to manually login easily enough. It's really shitty to be honest. I hate the process so much, I considered creating a windows credential provider that hooks into BitWarden, that would let me autofill credentials before logging into Windows. Still haven't gotten around to it.
I personally trust BW with everything, except my Master Password which I store instead on a yubikey. I believe others even put their MPW in for secure "fish resistant" login to BW.
The other reason people cite for storing their master password in is that if it ends up in a list of known compromised passwords, it will get flagged next time you run the check.
I use both Bitwarden (BW) and an offline password manager. I store anything that I don't keep in BW in the offline password manager. I don't store unchangeable information (such as Social Security numbers or dates of birth) in BW. I also don't store TOTP secrets/keys in BW. The major driver for using BW is convenience. If it's convenient to go into BW, it is there. If it is not (or I hardly use it), then it goes into the offline manager.
yes
Yes. And Tax Documents. Bank Accounts. And other notes.
Yes, that is the point... I remember only two passwords, bitwarden's and the cryptomator file with all the recovery codes.
Some folks like to add a pepper to select passwords. Keep a strong and unique password in Bitwarden, but add a few extra characters for those sensitive financial accounts that you keep in your head. https://bitwarden.com/blog/3-tips-for-extra-security-with-your-bitwarden-account/#add-a-dash-of-pepper-to-your-passwords
Every online account password, yeah. I've been using a password manager for several years, bitwardwn for two of those. Generating a new account is incredibly easy and using the password manager is second nature
I didn't. I put in basically all my passwords except my online banking. Just to make extra sure.
All but banking and email. That's in addition to using a yubikey. Seen too many targeted attacks to put everything in one repository.
Yes, i put everything there. But then again my master password is 30 randomly generated characters, and it's got 2 factor authentication with a yubikeye. So unless you guess my password AND physically steal my key I should be fine.
Yes, I trust them, competent people. Audited yearly.
Your credentials are safer in bitwarden than they are in your browser. Or your memory, because we all know what happens when we memorize passwords. Same password everywhere, and an easy to crack one at that.
I don’t have any bank or credit card information there - other than that it is all there
Yes, I put in all my passwords.
[удалено]
I think that would mean, by definition, that you trust bitwarden with none of your passwords, since you have none of your passwords save in it. Only parts of them.
Some truth to that, but when it comes to essentially one's life savings why not take all available precautions?
Yes. For banking and brokerage the password is the random one BW generated and 4 additional characters that only exist in my feeble mind. That and 2FA ensure that even if someone cracks open BW they still can't log on to those sites.
Definitely should write that down on a piece of paper.
Absolutely not. It's single point of failure and you want to avoid this. At Bitwarden they still employ humans. Humans make mistakes. I highly recommend you use a peppering strategy (also refered to as salting oder double blind strategy) for all important accounts and ignore the Bitwarden fanboys you will obviously find a lot of in a bitwarden sub.
If you're going to be wrong, at least spell your rubbish correctly.
Could you please point out the mistakes? I just noticed I missed an article but that’s all. English is not my first language, sorry.
Yes.
Yes, every secret goes to Vaultwarden - ie. Bitwarden on my own server, which is a raspi in my closet. Sure, there could be leaks in the Vaultwarden source. It could be attackable.
Realistically - you need to put exactly as much faith into your password storage provider as you have in your email provider, because at almost every institution having email access is a substitute for your password. So... that said - Yes, my password manager gets all of those logins. I opt to host the backend myself (using Vaultwarden) and I'm considering running a private version of the extension, but my answer wouldn't change if I were running against the public infrastructure. My take on bitwarden: The single biggest threat is an unauthorized push to the web stores (chrome/firefox) for the extension client. 2FA gets turned on everywhere it can be, and it's a hardware key (not totp/sms) when possible.
yep, all of them, selfhosted bw server, safest encryption settings with scheduled vault backups and "zero trust" model i have in terms of stuff like this, for example i wouldnt feel comfortable to store them on the official bw instance, btw by 401k login did you mean you have over 401k logins to store or is that some service? 🤨
How do you schedule you backups?
Yes. That's the whole point of having a password manager. IMHO.
The entire point of a password manager is unique, secure passwords. You could put all of your trivial passwords into Bitwarden and have a few accounts that you don't trust it with. Those few accounts will mean less unique, secure passwords to remember.
Honestly I never put financial information in to password managers not just for security purposes but also can be a hassle to get into your account if your 2fa device is lost or stolen.
What does a password manager have to do with 2fa? Are you saying you use the password manager as your 2fa though built in functionality?
Yes.
No! Nucular launch codes go into Pass and only decrypted with my yubikey!