Note that this leaks the vault with secrets encrypted - a leak of the cyphertext.
> This vulnerability has been disclosed to Bitwarden and has since then been fixed. Bitwarden issued a US$6000 bounty, which is the highest bounty they issued on their HackerOne program.
If you want to play the long game and collect a lot of encrypted data now, you can simply wait until it is possible to trivially decrypt, and/or start cracking now and let the years work on it.
Most encryption decisions are framed as a tradeoff of the time and resources it would currently take to brute-force your way through it, and how many years before a simple attack becomes feasible, vs. your $5 wrench attacks in the present day.
BW now uses Argon2 over PBKDF. I can’t remember if that is by default, opt-in, or new accounts. But barring an argon vuln, this is even less of a concern.
Also, I think BW has been using more than 100k for some time now. Last I saw 600K was the recommendation.
All the replies have given random statistics, but these don't shed much light on the length of time it may take an attacker to brute-force a password, or find a chink in the armor of the vault's encryption algorithm.
Now as I said, a significant threat actor with lots of time in their future plans can collect encrypted stuff such as vaults and bide their time. Someday, the decryption may be cost-effectively cheap. Someday, a flaw may be uncovered in the cryptography. Someday, a vault owner's secret key(s) may leak and can be correlated.
As I said, it's just a question of time, and the ability to hold on to your cards for long enough that they can be played in the proper manner. It may take 5 years, 10 or 20, but if the payoff is valuable enough, it's worth the wait for the threat actor.
> There is practically zero scenarios where hacking ANY bitwarden account 20 years from now nets you anything useful.
Bitwarden is a password manager, yes? What about cloud accounts of someone's employer, like an AWS account that runs $1,000,000 of monthly assets? That wouldn't be valuable in 20 years?
What about VPN credentials for some big tech intranet? Yeah, hopefully they use MFA and they expire passwords before 20 years, but just in case, right?
I can certainly see nation-state actors hanging on to juicy encrypted password manager vaults, just on the off-chance they could hit the jackpot. I can think of plenty of accounts that would still be valuable and enabled 20 years from now.
a password vault contains a lot of long-lived secrets protected by a human-provided key, so it's really not something you want out there, even encrypted.
I would assume most people that are doing self-hosted are securing it behind a VPN like Wireguard instead of opening it to the whole web. (at least I hope so)
I am not. Working well so far. My instance is behind Caddy, behind a secret URL path. To talk to the instance, this “pre-shares secret” needs to be known first. So far I haven’t seen any abnormal hits. I’m closing in on 3 years of using it in this setup, via Vaultwarden.
I’m aware that this is security through obscurity. The instance’s accounts use strong passwords and MFA.
Yeah, the full URL can be specified in Bitwarden clients (browser extension, mobile app) and then never touched again. The secret path only leaks if users use Bitwarden's sharing feature. It's not a "pre-shared secret" in that sense, as it can publicly leak by design.
I'm afraid not. I've seen some really dumb setups of BW when helping selfhosted.
I do think that while selfhosting is admirable, in the case of your password vault, it's not. It's one thing where I'd always advice against selfhosting or DIY, because the downside risk is just too big.
The chance of fng up may be tiny, bit if you fck up, it's bad. Potentially bankruptcy or jail bad.
Not sure why your comment is last in the page. Google have significantly more resources and the authors looked to disagree with the amount awarded for the google vulnerability.
> This vulnerability has been disclosed to Bitwarden and has since then been fixed. Bitwarden issued a US$6000 bounty, which is the highest bounty they issued on their HackerOne program.
That's a ridiculously low payout.