Disclaimer
I would like to contribute to this technical discussion, I hope to make an interesting view for most people. But I do not work for Bitwarden and have no connection with the company. In my case, I’m a Bitwarden user and would like to contribute with some ideas.
These ideas are not intended to endorse any position of the company or mine, they are just concepts about the feedbacks I read here. I am not a lawyer, judge, prosecutor, law student. So this text can be corrected or improved or improved by those who understand this subject. So if something is confusing or bad, look for your lawyer.
You all can agree or disagree with all or some points of view here, but leave your comment and opinion. I would be happy to hear all positive and negative opinions about these views.
I could be wrong, so don’t take all these views too seriously. I think we should add or think of more points of view. Before this feature is implemented or not.
Ideas
1. It would be interesting to include other network protocols like ‘dat’, ‘hypercore’, ‘ipfs’ etc. For example, in addition to the site in onion, solid-project, nostr, activityPub or i2p etc. It would be interesting to include decentralized storage, that is, instead of me storing my passwords in Microsoft Azure, I could tell Bitwarden to distribute my database of passwords on different servers, so that only I have access to a specific and exclusive key. This is similar to what the open source Anytype.io tool does to manage versioning via a random key. Also, there are requests to decentralize passwords on Bitwarden like these ones: Option to use P2P filesystem instead of server (IPFS), Offline Vault (P2P) or Require NFT for Login Option
2. For greater anonymity I think Bitwarden should include versions of the Bitwarden website and Bitwarden Login in things like: i2p, onion, nostr, freenet etc. This would be complex to maintain, manage with different types of users. But in the long term, this is interesting because it diversifies the portfolio of users who are more experienced in the area of information security and use some of these network protocols to send or receive information that is often confidential inside Bitwarden. In general, as there is no way to know the origin of the network that accessed the Bitwarden login, there would be greater digital security for any user and person using Bitwarden as a login.
3. I would like to highlight another interesting observation here. I would be happy as a user if there was an option for Bitwarden to offer password data sync options on things like protondrive, Tresorit or even offline as a Keepass plugin locally via jsonrpc or ajax calls. For even more strict users with digital security, local networks are generally more secure and restricted. Despite being susceptible to different attacks such as phishing, social engineering as common outside as within these types of communication network.