I found the following keys: “keyHash”, “encKey”, and “encPrivateKey” in a file called data.json located in %AppData%\Bitwarden. My browser extension timeout option is “On Browser Restart”, and the Bitwarden App (Version 1.20.1) Log-out (NOT lock) option is “On Restart”. But all the encrypted data together with the “key” is still in the data.json even after computer reboot.
What does each of those keys mean? Are they the decryption key (that is, the 100,001 or as configured iteration of the Master Password)? If so, isn’t it unsafe to keep the key on the hard disk?
Also, how many bits is the encryption key? Is it 128-bits, or is it more, since SHA-256 keys seems longer than 128-bits?
Thank you very much! Any help is appreciated!