Bitwarden Second Password (Secret Key)

anon54069917 · June 20, 2024, 2:54am

1Password has a secret key that is created when a user creates an account.

It would be cool if Bitwarden added this as an optional feature to secure a user’s account.

It is a feature that protects an entire Bitwarden account almost similar to a master password. With a different purpose and how it is designed and structured to work.The secret key is an additional, premade key that consists of letters and numbers.

The Secret Key is created on the user’s own device. Bitwarden would have no record of that Secret Key and can’t recover it.

The secret key should be about 128 bits of entropy.

Which means if someone attempts a brute-force attack on Bitwarden servers, those hackers would not be able to decrypt the user data without the user’s Secret Key, which Bitwarden would never have. As it is not stored in any database. As the secret key was created on the device.

Mulled7768 · June 20, 2024, 3:00am

Are you able to explain the what would be secured, how (and when, why) this would be used please? Your description is a little brief when I am unfamiliar with what 1Password does here.

anon54069917 · June 20, 2024, 3:00am

Ok I am going to have to think about how to rephrase it.

anon54069917 · June 20, 2024, 3:09am

Ok edited! Let me know what you think? If it needs any more revisions.

kpiris · June 20, 2024, 4:27am

This feature request is a recurrent one.

And Bitwarden already said in april that there are no plans to implement this.

anon54069917 · June 20, 2024, 1:23pm

Ok, thanks for the response. I will still leave it up. Just in case, maybe it could change some opinions on it being added.

grb · June 20, 2024, 4:36pm

Quoting @gtran from the old thread: