Also, on a device with sufficient processing power and with hardware-backed encryption available, the short password or PIN would also decrypt.
This will be available in the next version of the browser extension and desktop app. PIN can be any value that you want (unlike mobile app, which is 4 digits).
Ex:
PIN code usage will persist since it encrypts the master key on disk. If you ever fully log out of the application, the PIN code setting will reset, requiring you to set PIN back up again when logging back in. This shouldn’t be too big of an issue since most users never log out of the application.
5 invalid PIN attempts will log the user out (requiring master password).
4 Likes
Awesome news! 
I don’t get it. What does "it encrypts the master key on disk" mean? Will the master password be stored on the disk without a strict protection? Why? Why can’t you do it like in KeePass - EVERY TIME after you close a browser you must enter the master password but only once. Next unlocking is done via PIN.
I think five attempts are very bad for safety. I wouldn’t risk using a such unlock method. KeePass Quick Unlock give me one attempt only. I think it’s right.
it encrypts the master key on disk
It means that the PIN encrypts the master key. So yes, it is protected. By the PIN.
Protected by PIN ??? Are you kidding me? This will destroy the vault security!
And KeePass never stores the master password on a disk in any form. It stores the PIN inside the vault.
I don’t think you understand how locking works in Bitwarden. Whether the browser is restarted or the application locks due to a lock timeout, there is no difference. The application is locked, meaning all traces of the master key are purged from memory. Your proposed solution would not work.
If the vault is to be unlocked, the master key has to come from somewhere. In the case of unlocking with the master password it comes from what you are typing in. The the case of a PIN being entered, it comes from decrypting the master key that was previously encrypted while setting up the PIN. Your PIN should be strong enough to provide sufficient protection to the encrypted master key in the local environment.
kspearrin thank you, I understand how Bitwarden works. But I assumed this topic was about the fast unlock mechanism like the KeePass Quick Unlock. And the fact that you want to implement a different mechanism which I think is very dangerous.
The idea behind KeePass Quick Unlock is that you should enter the master password every time you start the program. After that, the master password is stored in memory (but not on a disk) and KeePass let you quick access to the password through the short PIN. It is convenient to combine this feature with automatic locking of the vault after 1-5 minutes of inactivity. When you close the program, the master password is deleted from memory and no one can access it.
In this way KeePass reliably protects the password database in your absence, but saves you the trouble of having to enter the master password multiple times during a single session of the program.
In this case I don’t understand the purpose of a PIN. I thought the goal was to free a user from entering a long password.
Based on what you are describing, it sounds like when KeePass is “locked”, it is only blocking an attacker from accessing secrets from the application’s UI. If the the encryption key is still available in memory, it would still be vulnerable to memory attacks.
Yes, this would be the goal. Some users have different threat models for online vs local attack vectors. If your threat model allows, a long master password should be used for logging in, while a shorter value could be used for a local PIN unlock. The PIN is essentially a local version of an alternate master password, which could be shorter for users.
As previously mentioned, if you log out of the application, all PIN settings are reset (meaning the encrypted master key is also deleted). Upon logging back in, PIN would have to be reconfigured.
2 Likes
kspearrin I have once again looked this discussion branch and as far as I can see the most of users have asked for the exact feature I wrote above (as in KeePass / Enpass). This is really not enough for desktop applications. Please think about it.
What about storing a version of the master key encrypted with the PIN code in memory instead of the hard disk? Wouldn’t that combine the advantages of both approaches?
Then we would have to persist the PIN somewhere on disk or else you’d have to re-setup PIN locking every time you restart the application.
kspearrin The PIN should be stored in the vault. Once you have entered the master password, the application can safely read the PIN.
Again, a master password would have to be entered to decrypt that data. When a Bitwarden vault is locked, the key derived from that master password is gone. Holding that in memory would mean the application is not locked. Providing a function to retain the master key in memory in some way is not what Bitwarden defines as a locked state and would be a definite security vulnerability.
KeePass contains two time intervals: for partial and full blocking. For example, after 5 minutes of inactivity the "quick lock" is enabled (the master password is still stored in memory but the PIN must be entered to access the storage). And after 60 minutes the storage is fully blocked and the password is deleted from the memory. If you enter the PIN incorrectly (at least once), the full blockt is also activated instantly.
Of course, the PIN reduces the security level a bit but I think that "quick blocking" with a PIN is much safer than leaving free access to the storage all day long. And in my opinion it creates much less risk than storing a password on a disk.
Perhaps we could support both ways. During PIN setup an option for “Require master password on restart” could enable it to work the way you are saying KeePass supports.
I’ve now added the option to “Lock with master password on browser restart” when enabling PIN locking. This option will use the “soft lock” flow described by @gutalin where the master key is held in memory until you perform an application/browser restart.
1 Like
Oh, thank you.
I’m just afraid that this formulation may cause confusion among users who used KeePass and Enpass. Maybe we should correct the option a little bit more clearly? For example: “Save the master password on disk” (sorry about my bad English, it’s an idea only).
We never save the master password to disk. As previously explained, it would save an encrypted version of the master key (which is derived from the master password, via PBKDF2) to disk.
2 Likes
last pass app can save password on disk with no encryption or PIN.
I like this idea of accessing saved encrypted master password with PIN.
it’s convenient. If I understood correctly, like in mobile app I don’t have to type master password again in extension.