TL;DR: Let users create a password protected / encrypted folder inside vaults.
I suggest that Bitwarden adds a feature so users can create encrypted folders (protected by a “folder password”). The folder stays encrypted until the folder password is entered which decrypts it (much like the how the general vault functions today). By being able to have an encrypted folder inside your encrypted vault creates an extra layer of protection. This can be used in different ways obviously.
I can see different use cases for why this is vaulable:
It can be used to protect extra sensitive / important passwords or documents. It could for example be bank information, passport documents or something else you consider important to keep save (e.g. facebook, google, mails) but you rarely use or log into so it is unnecessary expose it when you decrypt your general vault. A protected folder would “solve” this.
You can have your “non-important stuff”/“Stuff used often” in the general vault which only requires you to lock into the vault to decrypt while the important stuff is secure.
It can be designed by the individual user in a vivid of ways (level of importance, by topic, by frequency of use… etc).
Protected folders make the vault much more “flexible” and removes any need to create several accounts/vaults to different things (and it removes the “fiction” by having to log in and out of different accounts).
In this way you can avoid have “two sets of password managers” as suggested in this acticle.
@pakellywood
I don’t understand why this would be needed? Honestly, the entire vault is heavily encrypted and the encryption key is your master pass, the ability for a hacker or somebody to decrypt your vault would be nearly impossible especially if you have BitWarden setup with all the proper security settings like 2FA and high enough KDF Iterations to prevent brute force.
I have my KDF set to 1,000,000 and I could technically go higher, as my computer has no issues with it being at 1,000,000 I also have 2FA enabled.
I’d like to store my 2FA backup codes in my vault, by storing them with my passwords, it ruins the whole point of having 2FA. With an encrypted folder, I could store them on that instead of creating a new account. Maybe a better option would be having multiple vaults on one account? That way this wouldn’t break the existing security checks and whatever.
I am really looking for functionality like this. I own an iPhone 11 pro and have a pretty lengthy complicated main vault code that I never store digitally. However, going through this max level functionality restrains for some website I have nothing to loose if breached, it makes me not want to use the app at all.
I would appreciate some some more easy going access to most of my stored passwords. So I have arranged folders by severity of possible negative effects if breached (number of f’s given).
The no f’s given folder I want autofilled upon Face-ID, and not have to go through the master vault login. A level higher just the pincode. Next PIN + 2fa. And a 3rd level full on alphanumerical pass and one 2fa. You could basically set like 5 levels of inconvenience the more sensitive the info gets.
Go to vault.bitwarden.com
Login with your account.
Click on settings
Scroll down to Encryption Key Settings under My Account. Here you can change your PKBDF value
A pin should be used for general low-impact accounts.
A pin + 2FA should be used for high-impact accounts such as sensitive identity information, federated login accounts (i.e. Google/Facebook and email accounts), crypto credentials, possibly bank accounts, etc.
If your device gets compromised with virus/malware, you can be assured that only your frequently-used low-impact accounts have been affected.
@Mark_C I moved your post to this thread and adjusted the title to reflect that the encrypted state should offer both an additional encryption key as well as additional 2FA.
I’m bumping this back to the top as it would be a very nice feature to have.
Not only for storing 2FA codes, passports, and such but also for storing crypto seed phrases too. A vault inside your vault would be a huge feature to have.
Locking it behind 2FA would not make sense as 2FA needs auth with a server but a password or PIN encrypted folder would be nice.
@Ablac
If your computer gets infected and somebody gets a master key and your database file all your passwords are compromised regardless of KDF value you set and 2FA.
I prefer to have part of my Vault protected and encrypted by a separate password.
I’ll unlock this extra part in the environment I trust, e.g. on a dedicated secure machine.
I also have some passwords related to my job. I use them when I’m in office only.
2FA doesn’t provide extra encryption.
If they or virus get your database file and a master password they can decode all your passwords in vault I guess.
Hello!
I know of the numerous discussions whether it is okay to store OTP-data together with the static passwords used for a service. Bitwarden offers this possibility.
May I propose to implement an option to either add a simple password or PIN check before showing or copying OTP values or -even better- to encrypt the OTP secrets with a different key in the database?
I am aware this would not solve the concerns some people arise, but it could mitigate them.
Tanks!
This is a reasonable proposal. I know you can set a master password prompt for specific files, but this doesn’t solve the issue as it’s presented here by the OP.
For high value information (crypto seeds which should never be electronic, of course, but just an example of high value info); banking and CC access; main email access as people forget that you can reset most passwords once a hacker gains access to your email account; OTP/2FA keys that you want to segregate from your password (good example for this proposal).
The other solution, of course, is to set a second free Bitwarden account (or different password manager) that only contains your critical info and leave your main account for your low risk accounts and info. You can even set it up under a separate email account or general email account sub-address (e.g. [email protected] vs [email protected]) greater security by reducing phishing of known email addresses.
This biggest risk to this proposal is that the high risk encrypted vault won’t be as regularly used and more people will therefore likely forget this password and then be in a real pickle.
If I understand correctly, the current default (as in, for new users migrating to Bitwarden) is 100,000 iterations on the client side, plus 100,000 on the server side. So effectively you have 200,000 iterations with the default settings… is my understanding correct?
More to the point of the OP, I think you’re really looking for an encrypted cloud storage solution rather than trying to embed an encrypted folder within your password vault.
This is a good point. How often have many wished that Google drive would permit password protected encrypted folders and individual files. Google has never implemented this. Likely for the same that password managers don’t allow it. In both cases, I would still prefer it as an option.
What’s the maximum number of iterations do you guys use? Curious how high it can be before you have limited return on the increasing number and it starts causing systems to be sluggish.
I set mine at 350,000 and don’t seem to be having any problems at all.
This is completely hardware dependent. It will be a lot slower on a phone or tablet than on a liquid-cooled 32-GB Intel Core i9-13900K gaming rig. Do your own testing, and up to number of iterations gradually (I think the recommendation is 50,000 at a time) so that you don’t accidentally lock yourself out of your vault (because your devices are going to need a month to complete the KDF iterations).
This is technically true (well, actually, it is 200,001 iterations), but because of certain attack vectors that are available in Bitwarden’s encryption scheme, someone with access to the Bitwarden database or to your local vault will actually only need to run the client-side iterations to crack your master password.
OWASP currently recommends 310,000 iterations for PBKDF2-HMAC-SHA-256 (which is the hashing algorithm used by Bitwarden). Thus, my suggestion is to just ignore the 100,000 server-side iterations, and set your client site iterations to 310,000 (assuming that this doesn’t slow your devices down too much).