Add (optional) Secret Key functionality (Like 1Password) or keyfile (Like Keepass)

Rather unlikely, given the fact that it is an advanced feature that requires extra effort that someone who doesn’t know what they are doing wouldn’t take. On the other hand, it would give people who are vary about uploading their stuff to a cloud very good additional protection.

I‘m also in favor of this solution. I don‘t really know why there‘re people arguing against it. It doesn‘t hurt them when it‘s opt in.

But I don‘t think it will ever be implemented.

1 Like

 

Personally, my contributions to the current (and the previous, now deleted) discussion are mostly for the purpose correcting misunderstandings about how this feature works (especially misconceptions that can lead to security vulnerabilities for users, as @222 has pointed out). Furthermore, keeping in mind that Bitwarden does not have unlimited resources to speedily implement all feature requests from the community, much of the push-back is evidently from users who feel that the limited development resources should be prioritized elsewhere.

3 Likes

Ah sure, I completely ignored the part that they can‘t do everything at the same time :sweat_smile:

1 Like

It’s a bit far-fetched to call “tricks people into thinking they can keep a weak password making them vulnerable to local attacks” a vulnerability that has any relevance. Logically, you could argue against any server-side enhancement with this “vulnerability”:

  • Providing 2FA option can trick users to choose weak password.
  • Enabling server-side encryption could trick users to choose weak password.
  • Even adding Adgon2 support could trick users to choose weak password.

In terms of local attacks, I’d argue that you shouldn’t use any password manager if you think that your local machine might be compromised. Bitwarden in particular doesn’t do very good job protecting users against local attacks as the vault and master passworkd is stored plain-text in memory (even after locking the vault). Also, providing users an option to use short PIN code ro unlock the vault doesn’t really promote good protection against local attacks.

2 Likes

@deviator, I think @222 may have used that wording (about people being “tricked” into using weak master passwords) because in the previous (now deleted) version of this discussion, proponents of the secret key would frequently argue that the feature was essential precisely because it would protect users who choose weak master passwords.

I would also like to state my perspective on three points that you had raised in your response, although it is not really my intention to engage in debate on these issues (as I agree with the sentiment expressed by @tomtom above):

Unlike the other examples given, the Argon2 hashing would provide real protection of both the local vault and cloud vault against brute-force attacks, and therefore could in theory be used to accommodate a slightly weaker master password (depending on configuration of hashing costs).

 

While this is a valid point, it doesn’t negate the concern that a secret key combined with a weak master password creates a security vulnerability. This is because others may gain access to your local vault if your device is ever lost, stolen, or confiscated, or even if it is sold or discarded without taking special precautions to securely eliminate all traces of data (which is notoriously difficult on an SSD).

 

Many other password managers have been shown to be affected by the same vulnerability. Bitwarden was in fact resistant against this type of issue when the vulnerability was initially discovered in five major password managers in 2019, but there was a code regression at some point, and the bug was rediscovered (by yours truly) in July, 2022. Two months later, Bitwarden released a fix that patches the vulnerability in most cases, although it still “occasionally” manifests “in some clients”; they are continuing to work on solutions that would immediately clear memory on all clients. For these reasons, I don’t think it is fair assessment to single out Bitwarden by claiming that “Bitwarden in particular doesn’t do very good job protecting users against local attacks”.


Edit: Extended the final quote to include the words “…against local attacks”.

2 Likes

@grb is correct. Also in the other thread I pointed out that implementing this as an “option” for “advanced users” doesn’t actually mitigate the key risks. Why? Because “Advanced Users” are least likely to benefit from it -especially the type who frequent this forum- as they already have a strong master password. The people with the weakest passwords are who would benefit from it the most yet are least likely to opt in. So, Bitwarden ends up with a combination of vaults that have strong and weak passwords (what they have now), meaning the risk of an enterprise-level hack to their reputational damage remains. So, you are back at square one.

It would also mean you have two security models existing in parallel. Why would a company with limited resources do that? Pick one model and do it better than everyone else. This is why I believe Bitwarden and 1Password are both good security products; they both know what they are and are committed to it. This is good for consumers, allowing them to pick their preferred security model and give that company their hard earned dollars.

The secret share/keyfile model only really works if there is mandatory, full adoption. And this means Bitwarden moving to a different security model that was originally developed to address local password management. Frankly, I don’t want a password service generating my secret key to protect my vault, dropping it into an emergency kit, which they then drop into a saved password item, which is what 1PW does (yes, I can erase that last step they create for me). I want to create my password myself so it was never generated by the corporate entity.

I think the train has left the station on this feature request from 2018. Bitwarden has just acquired passwordless.dev and is working toward a WebAuthn passwordless world, hopefully carving out space for an independent, open source product where WE can own our own keys in a space that will be dominated by Google, Apple and M$. Go set it up on a site like eBay and try it out. It’s seamless and easy and will be broadly adopted. Now try to export that key. Passwordless solutions are the future and I would like to see Bitwarden have a toehold in that space so I can own my own keys. But, that means targeted, strategic use of their scarce resources.

I have an honest, genuine curiosity so please accept my question in that spirit: for the folks who really want to see a keyfile security model adopted by Bitwarden, why haven’t you simply moved to 1Password or a KeePass variant? I have used both and can attest that they are good solutions. What’s the value proposition that keeps you committed to Bitwarden? I suspect we have much more in common than we realize.

1 Like

For Android, iOS and Chromebooks, such local attacks are ineffective because the secret key usually sits behind biometrics for the phone’s unlock. Additionally, phones are one of the most secure devices you can have because users find out almost immediately whether they lost them and they have remote wipe capability. The only case where a secret cannot be adequately protected is on Windows, Linux, and potentially Macs, which are inherently insecure.

There are a few issues with that statement:

  • What about the rest?
  • Can you make it more specific? How many bits of entropy constitute a “strong password”?
  • I don’t see how that can help against someone looking at what you type.
1 Like

I‘d like to if I‘m being completely honest, but none provides that what Bitwarden has to offer. Usable open source software.

1p is closed source and kee pass plugins are hell on earth - unmaintained, badly documented, working 3/4 of the time.

1 Like

What makes you think that secret key functionality would automatically make people choose weak passwords? I’m using 1Password at work and there’s absolutely no indication in the account setup flow that would make me think that it’s ok to pick a weak master password because of the security key.

I find the current ‘Unlock with PIN’ functionality substantially more dangerous in this regard as user can pick a 4-digit PIN which can be brute-forced in seconds. For the record, 1Password does not provide similar functionality as the vault is always locked with master password or Windows Hello.

Wow, nicely misquoted. I wrote “Bitwarden in particular doesn’t do very good job protecting users against local attacks”.

Now that you’re referring to this 4-year-old research article that doesn’t even include Bitwarden, it’s good to point out that 1Password responded to these concerns in their support article and updated it throughout the investigation unlike Bitwarden which has been completely silent regarding this issue. No support article, no security advisory, nothing.

I don’t think that, and I didn’t write that. The part of my comment that you quoted describes the security vulnerability that exists for the subset of users who use a weak vault password.

 

This was not deliberate. I terminated the quote at the earliest logical stopping point because the part of the quote that was relevant to my point was the beginning of your statement (“Bitwarden in particular”). To address your concern, I have now revised my post to extend the quote by three words.

Agreed. “Please don’t put airbags in cars, or people will stop using seatbelts…”. I’d rather have both, thank you very much :slight_smile:

This I can understand and respect. Like @tomtom I also think it’s unlikely this will be implemented anytime soon, and I can surely live without it. But I think it would be a really nice thing to have :heart_eyes: (especially if you are vary about cloud syncs).

2 Likes

Personally, I always disliked that feature of 1password. I think it’s advertised in a way that makes people think that it adds more security but it just makes the password stronger which can be done by the users themselves.

For example, a 6-word passphrase combined with 600000 pbkdf2 iterations gives an essential entropy of 96.7 bits which, I believe, is simply unbreakable. If not, add one more word to be absolutely sure.

If 6-7 words are too many to have an unbreakable password, I can understand, but if a user is so concerned with making their password totally uncrackable, they’d still need to do it to protect themselves from local attacks.

It seems to me that this feature aims mostly to protect users with weak passwords (and by extension the company’s reputation) in case of a database breach but it doesn’t do anything the users can’t do themselves, security-wise.

1 Like

Not “just”. It becomes a form of 2FA (something that you have (the device with the secret) + something that you know (the password)). It also becomes something that you don’t type so it can’t be snooped by casually looking at what you type.

Most people (including me) aren’t happy typing a 6-word passphrase on their cell phones. Passphrases are also easier to remember when observing someone else that is typing them.

It’d be nice if everyone that says “I can have a strong password” just considered themselves out of scope for this feature request. This feature request is primarily for people that understand that either themselves or someone they know, won’t have strong passwords.

The fact that you can have a strong password and that you can protect it from other people’s eyes and that you are happy typing a long password, doesn’t mean that everyone is. Especially in a corporate environment or a household, where the majority of people aren’t technical.

Why don’t you use biometrics or a PIN to unlock instead? Your cloud vault would still be securely protected by the 6-word passphrase, and you yourself said that phones are one of the most secure devices you can have, so is there a reason that this existing feature does not solve your usability issue?    genuine question, not rhetorical

 

I think that @deviator (another proponent of this feature) would disagree that the secret key is primarily for users who have weak vault passwords.

Haha at first I was a little disappointed that the huge thread with all those replies got deleted, but it’s amazing to see how quickly this discussion has come full circle with the exact same arguments as before. Both pro and against :smile:

Here’s my take: I really appreciate the simplicity of how Bitwarden works. In fact it was one of the reasons I left 1Password (apart from them going with a pricy subscription model) was the requirement to download and safeguard that security kit.

So I’m hoping that IF Bitwarden implements this feature, it’ll be in a better/more efficient way and who knows, they might even come up with a quantum computer defying method no one has come up with yet :laughing:

3 Likes

If we’re talking about authentication, those can be achieved with regular 2FA which actually is opt-in. What differentiates this feature is that the secret key participates in encryption, which is important only if someone has access to your vault. In this scenario having a strong password would do the same.

I belong to another category of users that would dislike the hassle of keeping the secret key safe and secret, and having to find it if I wanted to use Bitwarden on a new device.

But the point of my post was not that it should be forbidden for other users. Of course, every user has different needs. It’s mostly why I wouldn’t use it, and why I don’t believe that it should have high priority, given the limited resources of Bitwarden’s team. Also, if it is ever implemented, I hope it will be an opt-in feature unlike how it works in 1password.

1 Like

And this is to protect weak passwords similarly to what a keyfile would achieve?

I would think it’s intended to protect all vaults whether you have a strong or weak password. They will be encrypting the hash of your master password. It’s another locked gate a hacker needs to breach before they can even access the encrypted vault. Even if you have a very weak password protecting your vault, that outer layer of protection is going to provide you with a solid additional layer of protection.

If it’s done for for strong passwords too then the encryption of the vault is being doubted. It’s security by obscurity.

1 Like