As a general rule, web apps are not safe enough for applications where you don’t trust service provider, such as password managers or e2ee messaging apps*. For this reason, I would like Bitwarden to not have web version at all. But if there is a web version, at least these two things should be done:
Users must be warned that web apps are less safe than the native apps.
Native apps should have full functionality. I noticed that there is no ability to change master password or its hint on the native apps, as well as account deletion and password reporters (premium). These are the features I am requesting.
*Reason for this is that in web apps code is re-delivered every time the app loads, thus it can be undetectably backdoored.
Hi @kamran - you state above that the “native apps” for Bitwarden do not allow password changes. That’s not quite true. The desktop apps for Windows, MacOS, and Linux all provide this feature, as does the Android mobile app.
Also, I don’t think it is fair to say that Bitwarden apps can be “undetectably backdoored” - in fact, the Bitwarden code is entirely opensource, meaning that everyone who would like to monitor changes to the code has the ability to do so, making it quite transparent (and it likely has many more sets of eyes on it than the popular, proprietary commercial alternatives).
There is a wealth of information about the security measures in place with Bitwarden that you might find useful on the help pages starting with:
Even more so is fact that Bitwarden is security focused at its core, they have undergone regular audits and security testing by 3rd party firms.
Everything from an extensive code audit, to penetration testing, etc. all being open and disclosed to the public to view, which is extremely rare.
Audits aren’t cheap, and they are rarely ever disclosed publicly either.
Here is what I get when I try to change master password on desktop app:
And the same thing happens in mobile app, but it does not allow me to take screenshot.
I do appreciate the fact that Bitwarden is open source and audited. I was simply saying that this is not enough (but it is necessary) to protect from backdoors. Web apps in general are only secure against third parties, not against service provider. And the reason is that if a backdoor added to production code (not to GitHub), it is detectable in native app since it is enough to download it once. But web app gets downloaded from Bitwarden server every time, while it is not possible to check for backdoors in every usage.
While I agree this may arguably be a useful feature, and in an ideal world, anything that can be done in the web interface would also be able to be done on desktop version and even mobile apps and browser extensions.
I am a bit confused with
Could you provide some more detail in what you mean here? Is the service provider your ISP, the Microsoft Azure data centre, or Bitwarden as the provider of the applications?
I guess I am trying to understand the scenario you are trying to protect against and your threat model here. As well as further understand any concerns you may have.
GitHub is where the Bitwarden production code lives, all in the public eye of opensource. If the theory is that the code running the app (either web or mobile) has been changed or somehow altered from the source code in GitHub, then arguably at that point anything could have been changed regardless of if it was mobile or web.