There may be scenarios when someone gets access to someone’s bitwarden account and deletes the account. In that case, there is currently no way to recover the account. There must be some way that if in case the account is deleted, it should be possible to recover the account within some duration, like 2 weeks or a month. This feature is present in major services which have user accounts like Google, Facebook, etc.
I think this should be a setting. Depending on security threat model, some users might actually WANT data to be deleted immediately. Deleted and unrecoverable data is the safest data.
Now, if this was a toggable setting against the account, then malicious actor could change the setting, so it’s no good.
I can’t see how we could have 2 passwords, for full immediate deletion and for delete-but-keep-a-copy-for-a-month, as this can be compromised too.
The only way I see this is to differentiate type of deletion during account creation, and as one time for existing users, should something like this be introduced. This would allow bitwarden users to consider their needs and make this setting bulletproof regarding future changes. If user would like to change it, they’d need to export data, delete account, recreate account (using same or different email address, depending on old deletion setting, and set deletion method again), then re-import data.
I agree with your logic. Do keep in mind that, currently, export is not comprehensive (you can’t export and then import and have all your data back.) See Export cards and identities
Or perhaps you can change the setting, but you have to wait the same duration for it to apply, so the net effect would be the same in case of an attack.
(The user would have to be notified via email about the setting change, of course.)