I would like an implementation of Shamir’s secret sharing to be built into Bitwarden so I can use it to set up recovery of my Bitwarden master password if I forget it (likely with the help of my friends).
I’m just imagining a standalone tool built into Bitwarden apps. It wouldn’t save anything in the password manager necessarily–just at least display the output of Shamir’s algorithm.
It’s worth the trouble to use Shamir’s–I could lose all of my passwords if I forget my master password, and I don’t want to put a plaintext master password on a piece of paper that can be seized by police (especially as an activist), or with a single friend who would then be subject to scrutiny any time I got hacked.
But there is no software to help me run Shamir’s secret sharing that I trust not to steal my password.
Also, many of the applications out there are just webpages, and “it’s really trivial to accidentally upload your unencrypted secrets somewhere, with [the] help of your browser['s] spellchecker, webpage translation extension and such.” - quoted from “Banana Split” implementation
Temporarily air gapping one’s device to protect against malicious or accidental leaks isn’t simple. You have to turn on airplane mode, ensure that WiFi is actually off (because you can configure airplane mode to apply only to mobile data), use an incognito tab (so nothing is saved to be sent later), close ALL incognito windows when you’re done (because tabs can talk to each other), and make sure that translation browser extension isn’t running. I don’t even know if that’s enough, and it seems error prone.
Ideally I would not need to trust any additional software. I already trust Bitwarden UIs not to steal my password every time I log in with it.
How this could be used in Bitwarden:
- User generates a secure memorable password e.g. EFF dice-generated password
- User enters password into Bitwarden built-in Shamir’s tool to create shares (without the pw even needing to enter the clipboard yet alone another app).
- User distributes the shares to friends and/or various geographic locations, possibly keeping track of this process in Bitwarden in a “notes” field or a better built-in way (see suggestion below).
- User updates Bitwarden master password to be this new password (or if they already did this, perhaps they had a temporary backup of the password which they can now destroy).
Perhaps Bitwarden could also help store the shares in a structured manner and even allow users to add more shares after the fact, which is possible with Shamir’s. There could also be individual notes fields for each share to help keep track of whether it has been communicated to the intended shareholder or printed and saved in some physical place.
If this was built into Bitwarden, it would make Shamir’s discoverable by and accessible to so many more people, thereby allowing them to recover their passwords without weaker recovery methods like a piece in their closet with the plaintext. And it would make the process of using Shamir’s more integrated and secure.