Plausible Deniability - A way to offer more protection over passwords

That requires to set a second password that creates a 2nd vault. The password prompt would ask for password as usual. If the user enters the “real” password, he’s given the “real” vault. If the user enters the “other” password, he’s given the second vault. The second vault can be filled by the user with right and/or wrong passwords. People who need Plausible Deniability know how to use it.

I think it can be a great addition to Bitwarden. And I don’t know of any password manager who has that. However, some security keys do have it.

1 Like

I was thinking of something similar. I use Bitwarden for most internet passwords. But not for financial accounts or to store Credit cards or passport etc. But I really want to when I go travelling soon.

For me this needs a greater layer of protection and privacy as I’d prefer that no-one ever thinks I have these online. That includes real people and any virus that might compromise computer and hence access Bitwarden when using my daily regular password.

And the way things are in the world I could see travelling somewhere in the future, and some airport official requiring access to ALL apps before entry.

A simple solution where if you gave a 2nd password on login and it gives you access to an entirely separate set of records. Plausible deniability, and an area I would access rarely so less likely my password would be captured - would for me be the killer feature.

1 Like

I don’t suggest this to argue the feature request here, which I think is an interesting one, but a less elegant but just as effective option already exists - simply create a second, free Bitwarden account with another password and populate it with some of your non-essential credentials. When you travel, simply login to that account before you leave and switch back after you arrive.

Or just delete the app altogether and reinstall on arrival.

1 Like

Feature name

Hidden/second account when logging into bitwarden using a special password.

Feature function

When logging into bitwarden there is a secret second password you can login with. This password is another vault entirely that you can setup just like the main legitimate account, but with fake login credentials.

It can be used to fool others into thinking they have the legitimate bitwarden credentials, when in reality they have a fake account.

You could be alerted that somebody logged into this account, giving you a heads up bad things are happening.

1 Like

I struggle to find any security benefit from this.

  1. This sounds like just making another Bitwarden account, but more complex. You have different vaults, different passwords, different login credentials (but the same e-mail address as far as I can tell)

  2. Let’s say you login into the fake vault to “fool or confuse” the potential hacker. Then you log in into your main vault, because…you must…all your passwords are there. You are still on the same computer, so if the hacker can figure out your “special” password, what’s stopping him figuring out your main master password…be it with somekind of virus, keylogger, or just looking over your shoulder.

  3. For me this somewhat defies the purpose of a password manager. They are supposed to make your life easy by storing your passwords, so that you have to remember only 1. Now I have to make a second vault and fill it with fake, believable credentials? It seems like too much hassle.

4 Likes

From the bitwarden FAQ

However, if for some reason Bitwarden were to get hacked and your data was exposed, your information is still protected. This is because Bitwarden uses strong encryption and one-way salted hashing. As long as you use a strong master password, your data is safe no matter who gets hold of it.

Hi! A fake master password which leads you to a second vault would be great security wise

1 Like

I don’t know how good this approach is; But what about having temporary master password

Is this what you are talking about?

I think this feature would be great.
Not for tricking any potenital hacker into believing he has the real password, more for keeping yourself secure.
You know, police, governments, bad people, etc. all around the globe could force you to enter your password into bitwarden to gain access to your accounts.
Having the option to not give out the real data but grant them access to a “fake vault” would be very good.
Something like the hidden partition inside VeraCrypt partitions.

1 Like

I think he is talking about something like this, but maybe more like my version of this request.
see here

I’m not a fan of this as it’s security by obscurity but if you want it here is an idea that works today. Since Gmail allows you to add letters to your username you can do this.

Real Vault:
[email protected]
MyMasterPassword

Fake Vault:
[email protected]
WhateverMasterPassword

If pressured to log in just use the fake vault details. The Bitwarden accounts are free so this is easy to do.

Hello.

I don’t know if other password managers have this, but if you do it, it will be great.

Now I will explain what I mean by double bottom.

For example, intruders have taken possession of your phone and, under physical violence, require a master password from you.

It would be great if you could set two master passwords for the main vault and the secret one. Thus, you can enter a master password, the one that contains not important data and thus satisfy the requirements of attackers and keep your important passwords on the second master password safe.

Perhaps one part of the storage could be encrypted with one master password and another with another. It is necessary that only the owner knows how many master passwords are in this storage. Decrypt only data that matches a specific master password.

I hope you get my point, thanks.

1 Like

Veracrypt allows this on virtual disks to mount. The space on Veracrypt is encrypted so to an observer the second partition appear as random chars. The good partition contains real records, the fake partition contains fake or less harmfull records. So if under physical violence you are able to reveal the fake password.

This is a great feature to save ourself from physical attack

1 Like

I got this idea when i use Veracrypt software, which you can build a hidden encrypted drive and encrypt with another key, if i’m forced to decrypt my vault, use the fake one and they would get the fake data, there are no way to prove that there are another vault which are still under protection, and everything will be fine.

I totally agree with this request. This feature HAS to be on BW right now. Any serious crypto wallet like Trezor, Ledger, Samourai wallet has this feature, since they are built to hold users money. If this is important to protect money, why is it not important to protect users passwords or credit cards?

This feature is not designed to confuse hackers but to confuse anyone that threatens users under physical violence.
It may not seem to have any benefits for you, but to understand it you must consider situations which may not be usual or probable for your case. For example, think about someone living in a country with an authoritarian government and a corrupt police officer forces him to unlock his mobile phone, discovers his password manager and makes him open his vault.
If that sounds too little probable, think this other example: a violent partner who is willing to beat his/her partner if he/she refuses to show all the passwrods he/she has.
Use cases may be a lot or a few, but the cost is only remembering two passwords instead of one. Not much, in my opinion. And, of course, if you don’t like it you wouldn’t have to use it, as it should be optional.

Just for fun, but also a good way to remember that security goes beyond the digital world and how this feature can help:

image

Feature name: Decoy Vault

Context: Suppose Mr. John Smith is being threatened to open his Vault under physical violence by somebody (maybe a violent partner, a racist TSA officer at the airport, someone armed who broke into his home, a police officer in a country with an authoritarian government and weak civil rights, etc.). Since this is the place where he keeps important information, it would be great to mitigate the damage. This could be done by open a decoy vault with some (real or fake) information so the aggressor thinks he got what he was looking for from John and lets him escape from that situation.

This is where The Decoy Vault comes in. The Decoy Vault is a second vault, similar to his real Vault, where John can create real or fake entries, ID’s or credit cards, etc. By typing a second password or PIN, different from the master password/PIN that leads to John’s real Vault on the UI unlock screen, instead of opening his real Vault John could open his Decoy Vault with his fake accounts passwords and fake credit card number, the aggressor could get what he wants and let John go away.

Example:
email: [email protected]
real Vault master password: johnsmithPassword19!
Decoy Vault password: decoyVaultpassword

Related topics + references:

It would also be cool to make entering a second password (for fake account) do some action (that you could decide). E.g. encrypting + saving a backup of your account and emailing you a day later, deleting your main account, etc.

I also want to note that I don’t think this feature should be premium. I think it should be available to all users

1 Like