I disagree with the assessment of " BWN-01-010 – Changing the master password does not change encryption keys".
AFAIK, Bitwarden does not do any sort of certificate pinning, meaning that
- in an enterprise context where CAs are deployed by the way of policies
- when nation states or hackers use rogue CAs trusted by browsers (many examples in the past few years)
If such an MITM has had access to the master encryption key once, they can access the new vault data every time it transits over a network they control without the device itself being compromised.
As mentioned in the assessment report, a solution is in the process of being figured out.
@kspearrin No, the report is far from being as assertive as you are “An item has been added to the product back log to re-evaluate the current design to see if adding a key rotation function to Bitwarden would be feasible”
For me that means “maybe”, plus the whole assessment is worded in such a way as to downplay the impact of the issue.
But if you say that this will be fixed and you’re working on it, then that’s a different story.
IMO, performance for rekeying isn’t that bad.
people with huge attachments can just be told to wait. Of course warn them that they have to download and upload X MB.
LastPass iirc doesn’t even ask and will take forever if you change master password and have a lot of entries.
I can’t wait for this fix.
Key rotation was added as an option while changing your master password for next release.
when will this be deployed?
This is fantastic news! When the key rotation is occurring, is the decrypted vault data in memory, or file too? Trying to determine what concerns to have about either data loss or attack (like hypervisor cpu side channel if on a self-hosted but multi-tenant hypervisor).
This is now live in web vault 2.6.1.
@colohost - All decrypting is done in memory. Decrypted data is never written to disk (unless you export it).