This thread got a bit heated, and I feel the need to chime in.
THIS IS NOT THE CASE, because vault can be access via this data in Windows Credential Manager.
No. The decrypted vault data cannot be accessed with what’s in Windows Credential Manager alone.
What’s stored in credential manager (or in mac keychain on mac, or gnome-keyring / kwallet on linux) is:
- Access token + Refresh token
- Biometrics key encrypted userkey
The access token plus refresh token are indeed enough to authenticate to the servers and download encrypted vault contents. This is not something that is considered a vulnerability currently however, and there are valid reasons for requiring the access token while in a locked state. This may be changed in the future.
As for getting access to decrypted vault contents:
On windows, assuming you have “Require masterpassword on app restart” enabled, biometrics works by:
- Use windows hello to derive a system wide osKeyHalf, by signing a static challenge
- Windows hello does not provide a means to encrypt data. It’s authorization only, or signing currently.
- Decrypt the clientKeyHalf using the userkey the first time you unlock, and hold it in memory
The above keyhalves combine to form the encryption key that encrypts the userkey, that is stored in Windows credential manager. So, to decrypt it you would need to at least bypass Windows Hello, and get a memory dump of Bitwarden.
If require masterpassword on restart is not checked, then only the osKeyHalf is used to protect the userkey stored in Windows credential manager. Thus, any application calling the Windows hello API, and authenticating can get the osKeyHalf.
There is also a lot of misinformed claims made about what TPMs and Windows Hello can be used to provide on windows made in this thread. The API surface provided is significantly less useful than Keychain on MacOS which does allow binding biometrics to a protected credential.
The TPM is exposed through a few means (such as credential manager, and the Windows Hello Signing API), but using the TPM directly is just not tied to Windows Hello in any way that would usefully protect you against an attacker with access to your unlocked device. What it does do is help protect scenarios in which your bootloader or operating system is tampered with.
Thus, the cloud database is protected by two layers of encryption, while the user key is protected by four layers of encryption.
@grb, they were clearly referring to the vault contents as downloaded by using access tokens. Those vault contents have just one encryption layer - the userkey. You are referring to the encryption as stored in the physical database servers. Whichever encryption layers exist on the server side are stripped before the vault is returned by the API. I just want to clarify this because it may cause confusion in this discussion.