Currently users data on Bitwarden servers and cached copies on disk are only in essense protected by users passphrase. Lets improve this.
I recall some password manager (1password? What?) has this security system, where the data at the servers and local cached copies are encrypted using a key, but that key is encrypted with a key created using both users passphrase & securitytoken1 (256bit random data essentially). This security token is never stored in the servers, not even in encrypted form and only exists in local password manager(s). When user signs into password manager, existing password manager must accept this sign-in and give a copy of this security token to that password manager, so it can decrypt the database (with users passphrase ofcourse). This is done in secure manner providing a challenge-response mechanism to ensure user is really giving the token to the proper password manager in encrypted form to prevent hackers and even Bitwarden from sniffing it from the traffic. In local cached copies / password managers that have been locked, the security token is encrypted using users passphrase, so its only needed once per database cache/device is activated.
This basically gives 2FA + prevents password manager company from sniffing out your passphrase, if you sign in via their website, so that they could decrypt your database (incase of request from police etc.). Anyone getting your password cant decrypt any databases from the servers if they hack them, since they need the token too.
A great feature we should add to Bitwarden, but let me make it a bit better:
How about ALSO having a securitytoken2 that would be stored only in Bitwarden servers and only given to the app during the opening of the app (if user can identify to the servers, meaning that everything is ok) when its locked? This token, nor its encrypted copies would NEVER be stored in app or caches, only in programs memory for a brief moment when needed (and Bitwarden servers).
This basically means that cached copies of the database stored in computer, phones, etc would be unusable to any hacker who gets access to them, even if they knew the passphrase, unless they can also properly authenticate to the Bitwarden servers. User, who has their computer of phone stolen, could easily simply sign into Bitwarden and revoke access to those computers/phones, giving 100% assurance, that even if the attacker has he’s passphrase, they can not decrypt the cached copy stored in the device.
So…
How about combining these 2 (or 3 to be more exact) different things together to create ultimate security solution?
1) The key that is only stored in servers and never in the devices (only in device memory for a brief time it is needed)
2) The key that is only stored in devices and never in the servers.
3) Users passphrase
All 3 would be needed to decrypt database that is stored in the Bitwarden servers, but could only be decrypt in devices (since Bitwarden servers never have access to key 2).
Key1 would give 100% protection against local attacks against local cached copies, even if attacker would have key2 and key3, since attacker cant login to Bitwarden servers to get key1. Key2 would give 100% protection against Bitwarden servers compromise and even authorities forcing Bitwarden to comply to get users data unencrypted + it would act as a 2FA for new logins. Key3 would be users passphrase, unknown and unsaved to anyone.
Ofcourse this would prevent offline use of Bitwarden, since without key1 = online status you could not open the database. So this could be optional feature advanced users might want to enable.