Support for bcrypt

Feature name

  • Currently bitwarden uses PBKDF2, but this has it’s flaws nowadays and isn’t that secure anymore
  • I propose to rather use bcrypt2, which is more secure

Feature function

  • What will this feature do differently?
    • Ideally: nothing visible other than another option in the settings (for which the menu already exists)
  • What benefits will this feature bring?
    • Stronger security, because it more resistant against brute-force
    • It’s recommended by OWASP for password storage and should be quite widely adopted (e.g. in most spring security samples I’ve seen it’s being used)
    • According to OWASP a work factor of minimum 10 and default 12 seems good

Related topics + references

  • If this where to be combined with being able to dictate some defaults/restrictions on this topic via organizations and/or self-hosted server settings this would be great
  • A pepper could be additionally used to increase security (but it might get hard to switch it on compromise?)
  • A possible alternative would be Argon2id, for which there already is a feature request or scrypt, which would allow to increase memory usage for countering GPU based hashing (used in some cryptocurrencies I think)

Also as a side note while argon2id and scrypt may be even more secure than bcrypt, bcrypt is a lot easier to use, because it only has a work factor and doesn’t require a lot of tuning: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#argon2id

1 Like

just joining this thread to say this is also something I would like to at least see addressed. Is there a reason why Bitwarden is using PBKDF2 instead of these more secure functions? Are there any previous blog posts about it?