I accessed my vault without Internet connection! Why?

I’ve experimented that just after a Windows boot.
Why is that possible?
I believed that the vault’s content was super encrypted and only in the cloud. It must be also on computer’s disk, then.
Encrypted, in clear? Thanks to tell me please.
I find this quite worrying.

Yet, I’ve read that :

Login / authentication

The first step is login and authentication. Bitwarden needs to confirm your identity using (…)
On(c)e you have authenticated with the Bitwarden Cloud or a self-hosted server, Bitwarden will transfer the contents of your encrypted vault to the client application"*
*Configuring Bitwarden Clients for Offline Access | Bitwarden Blog

It is possible (and quite normal), if you have not logged out of your Bitwarden account.

Whenever you log in to your Bitwarden account, the encrypted vault is downloaded to your device, and saved in persistent storage (in its encrypted form). This encrypted vault data file is only deleted from your device when you use the logout function in one of the clients.

To use the vault, it must also be unlocked, something that happens automatically when you first log in. Unlocking the vault decrypts the vault and stores a cleartext version of the vault contents in volatile memory (RAM) on your device. The data file in persistent storage on your device remains encrypted even while the vault is unlocked.

To safeguard your vault contents, you should lock the vault when not in use (e.g., using the vault time-out options). Locking the vault clears the decrypted data from device memory, but does not affect the encrypted vault file stored on your device.

If you are concerned about having an encrypted copy of your vault stored on your device, then you should log out of your Bitwarden account after using the vault. This can also be configured to happen automatically, in the vault time-out options.

1 Like

Oh, I see. Thank you!
All this is not really simple, furthermore English is not my mother language :slight_smile: