Hi to all
I’m a new BW user and I have tons of question, hoping someone could reply here:
can I use BW in off-line mode, in example, on a PC not connected to internet ?
how does web vault work ? I know that BW is encrypting/decrypting on our local device, but Vault is on cloud, the whole encrypt/decrypt is made by javascript (so, on the local browser)? In which ways data are fetched from BW cloud ?
how can I backup a BW database ?
Let’s assume a brand new pc. To use BW I have to login or, in some way, i’ll be able to restore a DB and open it manually (like with keepass, just open the encrypted file…)
which is the database format used by BW ? Is something I can manually backup to Dropbox or similiar ? (like keepass)
You can use existing credentials but you can’t add or edit any. In order to sync and get the latest version of your vault, you will need to connect to the internet or at least to a network that has access to the BW instance you sync with (internet if not self hosted)
Data is fetched encrypted from the server and is only decrypted locally in your browser.
You’ll have to log in, then the sync process will fetch all your data in the app you synced whether it’s the browser extension or the desktop app. I don’t know how the CLI works.
I have tried with airplane mode and there is no way to use BW as is asking for login, login that is always unsuccessful because there is no connection to the server
How can i access My passwords in case of emergency? (no internet access, BW server down and so on)
I know, as long as you don’t do disconnect, a new login is not needed. But:
why a login is needed (connecting to BW server) to access my local data?
Murphy’s law is known, when you need your data, for whatever reason, you have to login again and you don’t have an internet connection available. Thus, you are locked out of your data even if datas are already existent on your device.
why a login is needed (connecting to BW server) to access my local data?
When you log out, all data is cleared. When you log back in, data is redownloaded and decrypted.
Murphy’s law is known, when you need your data, for whatever reason, you have to login again and you don’t have an internet connection available. Thus, you are locked out of your data even if datas are already existent on your device.
You should keep a backup copy on paper for this eventuality (or maybe store it in an offline password manager like KeePass, on a USB stick).
Keeping password list on paper (that you have to keep with you) its exactly what a password manager is trying to avoid
You don’t keep it with you. You keep it in your fireproof safe. It’s for emergencies.
Keeping the same on keepass doesn’t make sense. In that case, just use keepass. There is no need to also use BW
Using a password manager to store password stored in another password manager doesn’t make sense.
It does make sense, because it’s for emergencies. You keep the USB stick in the safe, too (and preferably someplace like a safe deposit box). Treat it like your 2FA backup codes.
If data are stored locally, why forcing users to login remotely? Just load the existing local data without syncing remotely…
If you don’t log out, your data will not be cleared.
I can’t use KeePass because it lacks any native sync feature across multiple devices.
For work, I’m often in areas without internet connection and without WiFI (some remote villages surrounded by high mountains). In this areas I have to use BW (or any password manager) even if, for whatever reason, I’m logged out.
Usually, I don’t logoff manually, but as you can imagine, on emergency, I can’t say to my boss: I’m sorry, I can’t access to your server because my password manager doesn’t work without internet.
Or, if you have to fix internet (I manage tons of firewall/routers), you can’t use a password manager that could not work offline.
There are multiple reasons why you could be logged out of BW. Ever for a mistake. You press the wrong button and then your are cut off your data and no internet access.
There’s a difference between logout and locking the vault.
When you log out, all the data is wiped and this is a feature since you may want to hand off the device to someone else or not use it for a while.
Locking the app means you’ll have to type again your master password or use biometrics like TouchID or FaceID on iPhones to authenticate again, but it doesn’t require connection to BW servers.
Plus, your problems seem to have a solution: don’t log-off from Bitwarden app on your phone, or your computer, and then you can access your data without internet connetion. If you are afraid of logging-off accidentally, then export your bitwarden data onto some encrypted storage (usb, etc.), and use keepass to access your data.
Without logout, BW stay logged with no expire?
Usually, any session (in almost all software) could expire after a while. In BW a session will last forever?
I think the option you’re looking for is called ‘lock’.
Lock = closes the database, doesn’t delete anything, will work even if you’re offline
Logout = closes the database, deletes all local data, hence won’t work when offline. Resync (re-login) required to access it again
@kspearrin will have to answer that more specifically, but my personal experience on Android is I don’t even remember the last time I logged on to the Bitwarden app. (not unlock, I do that all the time)