Reusing master password for file encryption

Hi! I couldn’t find much info about this question so I hope it’s okay to ask :slight_smile:

Reusing passwords is bad practice as compromise of one password compromises all services on which the password was reused. But what if multiple passwords protect essentially the same data/service? Specifically, reusing your bitwarden master password for the password encrypted export of said bitwarden vault. As they guard the same data, regardless of unique or reused passwords, compromise of one implies compromise of the other (the password too if that is stored in the vault).

Assuming your master passphrase is strong:

  • Is the above correct in that it is safe to reuse your master password for encrypted exports, or did I miss anything?
    • (Perhaps the risk changes if the encrypted files are stored e.g. on the cloud? Or maybe bitwarden’s encrypted export has lower security than the vault itself? I don’t know.)
  • If it does increase the risk, is this risk acceptable? (I consider the risk of forgetting the passphrase used for encryption of backups large, due to it being used less often)


1 Like

It’s not the best idea to re-use your master password for this purpose, but it’s probably not a terrible choice either. The main issues are:

  1. You are increasing your “attack surface”. To compromise your vault, an attacker needs to acquire a copy of your encrypted vault data, and also acquire or crack the decryption password. The more backup copies you make using the same master password, the more opportunities there are for an attacker to steal the encrypted vault data, and (theoretically) to crack the password. If the password is successfully cracked, then the attacker would not only get access to the data in the stolen backup file (which may be old), but they would also have a leg up on getting access to the current version of your vault (as they now only need to defeat your 2FA).

  2. If your master password is ever compromised (e.g., you inadvertently type it into an online form that is not the Bitwarden login form, or you fall victim to social engineering or shoulder surfing), then all old backup files become extremely vulnerable, since it is not possible to do a password change on an exported file. Therefore, you would need to keep track of every single vault backup that you ever make using the master password as a backup, to allow you to securely destroy all of these files (or wrap them with a second encryption layer) in case your master password is ever compromised.

If you have a sufficiently strong master password, then the probability of somebody cracking the password with today’s technology may be negligible. As computing technology improves, you can update your account’s KDF setting to minimize the risk of a successful brute-force attack against your vault. However, updates to your KDF settings do not apply retroactively to your backup files, so the older these files become, the more vulnerable they will be (e.g., a master password that is uncrackable today will probably become vulnerable to brute-force cracking in a few decades if the KDF settings are not updated).

That is why you need to create (and securely store) an Emergency Sheet, which should include (at a minimum) your master password, your 2FA reset code, and your backup file password.


Thank you for the detailed response!

Keeping track of vault backups is okay. I was planning to write when the backups were last updated in a secure note in the vault itself anyway, for keeping them up to date. I can expand on this to destroy old files and increase the security where necessary. I can also put the KDF settings at max just for creating the backups (it’s a bit of a hassle being logged out of everything, but might be worth it for the extra security).

Good point, I hadn’t considered writing the backup file password on the emergency sheet. That means the majority of backups can use a dedicated password (thus reducing the attack surface I think).

Unfortunately, I can only securely store my emergency sheet in one location. As far as I can tell, this leaves me one of these options if I want a backup on another location to remain accessible in case that emergency sheet is gone:

  1. 1 unencrypted backup in an insecure location
  2. 1 encrypted backup with a password I am likely to remember (i.e. master password)
  3. Secret sharing across multiple people, but not an option at the moment either

Hopefully with the above mitigations (reducing attack surface, increasing KDF settings, keeping track of backups) option 2 is sufficiently protected?

Sidenote, can this be avoided by using the browser extension to log into the web vault (since the browser extension isn’t vulnerable to this, and autofill with it checks the URL)?

Using a dedicated backup file password is a better strategy. And if you do, using a backup file password that is stronger than your master password is probably a better approach than temporarily maxing out your KDF settings (e.g., if your master password is a random 4-word passphrase, then make a new passphrase, but add one additional word for every 25 years of future-proofing required; optionally, double the number of words to make your backups resistant to Grover’s algorithm).

You still have to type your master password into the browser extension. Nothing to stop you from having a momentary lapse of attention and not realizing your cursor is in a completely different window.

1 Like