Login with Passkey, "Use for vault encryption"

@soluschristus The gory details are available here (clicking the link below will take you directly to the section about passkeys):

To clarify, your vault contents were never encrypted using your master password — Bitwarden uses a randomly generated 256-bit symmetric encryption key for encryption and decryption of your vault.

To make sure that only authorized users can access this account encryption key, the key is itself encrypted. This produces a “protected” key, which is useless by itself, but which can be decrypted to generate the account encryption key.

With master password login, the master password is used to decrypt the protected key. With passkey login, the PRF public key (what you’re calling a “secret key”) is used to decrypt the protected key.

In a brute-force attack, an attacker would need to correctly guess either your master password or your PRF public key. Since the PRF is a 32-byte random number, its entropy is 256 bits. To get an equivalent master password entropy, it would need to be a randomly generated passphrase containing twenty words.

However, one weakness of passkeys is that if someone gets their hand on the hardware that is storing your Bitwarden passkey (e.g., if your YubiKey is lost or stolen), then it may be possible to brute-force guess the FIDO2 access PIN for the hardware, which will be considerably easier than brute-force guessing a 256-bit random key. I have recently discussed this potential pitfall, in the following forum post:

1 Like