So I am considering downloading an encrypted backup of my vault, to use in case the servers are down or inaccessible.
How does one go about utilizing that encrypted backup, in that case? I mean, it’s just a file. Without an application to “drive” the password entry and 2FA, how do you retrieve the information?
My understanding is that the encrypted export can only be read by importing back into Bitwarden. To have a backup that can be read outside of Bitwarden you need an unencrypted export. Although for security you should do your own encryption on that export with a unique password/passphrase. Bitwarden recommends using PeaZip to create an encrypted 7z file.
@bwuser10000 It depends on what type of encrypted backup you make.
If you make an “account-restricted” encrypted backup, then it can only be imported into the original vault, and then only if you haven’t rotated the encryption key since making the backup. This type of backup is not recommended, as there are better options available.
If you make a “password-protected” encrypted backup, then it can be imported into any Bitwarden vault (e.g., you can make a new account and import the backup there).
If Bitwarden’s servers are down, then you can use a third-party tool (such as BitwardenDecrypt) to decrypt the password-protected export.
Personally, I prefer a different backup strategy based on backing up the locally cached vault (e.g., data.json files), as I have explained elsewhere. By the way, BitwardenDecrypt can also be used to decrypt data.json files, but as I explain in my other post, there is really no need to.