Add an option to the vault export feature to allow users to choose a folder to save the download.
This would permit saving sensitive downloads directly to a thumb drive, for example. It would prevent the necessity of copying the file to removable storage and then deleting it from the computer download folder. It would also reduce the chance of forgetting to sanitize the download and trash folder.
@SeniorTech Welcome to the forum!
Which browser and operating system are you using?
Typically, you would configure your browser settings to have it ask you where to save downloads. Are you saying that making this configuration change in the browser settings doesn’t meet your needs, and if so, can you explain why not?
Thank you for the memory jog. I had the Chrome switch set to always download to the Download Folder.
So are you happy with making this change in the Chrome settings (chrome://settings/downloads), or do you still wish to keep open this feature request to propose that Bitwarden implement a UI option to change this browser setting for you?
FYI, if your operating system is Windows, then even if you enable the option “Ask where to save each file before downloading”, your Bitwarden exports will always first be saved in the default Downloads folder, and then moved to your specified save location. If you are concerned about recoverable traces of your data being left behind on the hard drive even after the temporary file is deleted, then you need to edit the browser’s default Downloads location instead of using the “Ask where to save” option.
Suppose you could offer an option to bypass the “download folder” altogether. That would enhance the security of all BitWarden users and prevent sensitive data from being left behind by mistake.
The members in my SeniorTechGroup.com group are probably typical unsophisticated users who may only sometimes sanitize sensitive files in the download folder.
My understanding is that it is an interaction between JavaScript and the Windows operating system that causes the temporary file to be created, so it would be difficult for Bitwarden to do anything about this. However, if the computer used has a solid state drive (SSD), then at least in theory, sanitation of deleted (e.g., temporary) files should be happening automatically, through the magic of TRIM operations.
In addition, if the computer uses whole-disk encryption (e.g., BitLocker is enabled in Windows), then the security risk associated with deleted temporary files is exceptionally small, and can probably be neglected.
Finally, for non-tech-savvy users, the easiest and safest way to export vault data is to select “.json (Encrypted)” as the file format, and then (very important) specify “Password Protected” as the Export Type. This allows you to set a file password on the exported file, and the resulting download can be securely stored anywhere on your computer without needing to delete it (as long as your file password is adequately strong — e.g., a random 5-word passphrase, which you should write down on your Emergency Sheet, so that you don’t have to memorize it).
This may be too specific for your needs. I conquer this concern by setting up another profile in my browser (FireFox in this case). That profile can have a target for all downloads to anywhere you want to designate. Virtual drive would be a great place because when its closed anything in it is invisible to your OS.
In my case I use a special virtual machine that never sees workspace outside of BitWarden Vault for this exact purpose. Also a VM can be snapshot’d back to perfect after every “adventure”, LOL! The snapshot assures NO cookies/clipboard concerns exist either. That is likely over the top for most but its easy to setup.
I’m wondering, whether as a result of wear leveling by the SSD, it is possible for remnants of the VM contents to leak to the host SSD (i.e., when you restore the snapshot, the restored version of the VM is not actually using the same SSD blocks as it did when you were exporting and/or copying Bitwarden data).
It is also possible to download through the desktop app rather than the browser. The app will ask where to put the file, with no default or temporary location (on MacOS though I expect Windows is the same). I write directly to an encrypted USB, meaning there is still a password to be recorded. With CPUs of the last decade, encrypting one’s disk should be the default.
As a side note to MacOS users, the USB name finishes “.noindex” to keep it out of Spotlight’s clutches.
No, in Windows, it will create a temporary file in the default Downloads folder.
Weird. Browser I can understand but also with any desktop application? CLI? Never mind, thank you for the information.
Bitwarden’s “Desktop” app is actually running in a Chromium browser (Electron). I haven’t tested the CLI, but I wouldn’t be surprised if it is able to bypass the Downloads folder when exporting.
1 Like
For my own benefit, I created a script to flag any change in my Downloads folder then exported an encrypted .json to a USB. No temporary file was spotted when using the app. Configurations are normally stored in a .plist file, which I found contained no reference to any term or location I dreamed up that sounded relevant to a default location.
Given I also encrypt my computer’s main volumes I am not fussed; technically curious rather than operationally paranoid. For the latter group, CLI will definitely work. It is discussed on the Bitwarden Help pages
Yes, I do this every week, to save a copy of all my PW info. I DL it directly into an encrypted folder. Open the folder, DL, then re-encrypt the folder.
It asks every time where to save it.
That’s fine as long as you don’t have a Windows system.
I understand about the temp files created. I was referencing the ability to pick a DL folder, even in Windows. As long as you use the App, not the extensions. I should have been more clear,
You can pick a folder when exporting from the browser extension, as well, if you configure your browser settings to ask you where to save downloaded files.
1 Like
@Davis768 Welcome to the forum!
Typically, you would configure your browser’s settings to have it ask you where to save downloads.
1 Like
I’m sure many are not aware of this and how the export is handled. My export scheme has been to export (unencrpyted formats) to a folder, then encrypt the files, but now as you stated, I find that a copy of my deleted data could still be contained in the windows download folder. I will change my export method to eliminate this threat, but I am surprised BW doesn’t provide a warning on their export help page since there is this potential for vault data exposure in the download folder. Since you can export an encrypted .json file, why is there not the same option available for csv files?
Also, would you suggest running windows Cipher.exe /w on the download folder to eliminate the deleted copy of vault data?
I suppose its possible but I do wipe the free space of the used VM before closing down and restoring the snapshot. Bleachbit only takes a few minutes on a VM using a Ryzen 9 for horsepower.
Without a doubt the absolute best way, and it would be child’s play for me/us, is to use a linux live disk and perform this basic function solely in RAM. I could configure my Tails disk, which I have ready to go, and simply add BW credentials as needed. Also, a way to keep it all in RAM. Simple if your threat level warrannts it.