Perhaps this is not the best time to post this, but I recently came across an interesting article by security consultant Dmitry Chestnykh, who is also the author of Password Authentication for Web and Mobile Apps. In this 2020 blog article, Dmitry argues that server-side hashing as used by Bitwarden is of little value (i.e., the vault is protected only by the client-side PBKDF2-HMAC-SHA-256 iterations), and provides an outline for how to fix this problem. I am sharing the article below in case it is of interest to the community, and to potentially spur some discussion about possible improvements to Bitwarden’s hashing process.
Thanks @grb I’ll share with the team for review.
In the meantime, just want to include the link to the Bitwarden Security Whitepaper and confirm that the team is always monitoring the threat landscape and changing standards
@dwbit you use the above phrase a lot, but now I know it’s true.
We have been working with Dmitry Chestnykh recently, who is referenced in this article, on creating a feasible solution to the problem illustrated here. We have a few changes coming out in an upcoming release that will resolve these concerns, directly and indirectly.