Bitwarden master password and public server auth - eviltoast

I have what may be a stupid question…

How is it your master password is both used to decrypt your vault and used to authenticate with bitwardens public servers to acquire a copy of your vault/view it in the web app, but bitwarden can’t use that password entry to decrypt the vault themselves?

(please correct me if I’m misunderstanding, as I use self-hosted vaultwarden for my server instead of the public ones)

  • oktoberpaard@feddit.nl
    link
    fedilink
    English
    arrow-up
    6
    ·
    9 months ago

    For authentication your password doesn’t need to be stored on the server. Instead, they store a password hash, which is essentially the answer that you get when you put your password in some sort of irreversible mathematical expression. By comparing the hash derived from your password when you enter it, with the hash from the database, they can confirm that you used the correct password. The decryption of your vault uses a different method and can’t be done with the password hash that they have stored in the database.

    This is my best guess based on how hashing and encryption usually work, but I have no knowledge about the specific implementation of Bitwarden.

    • Darkassassin07@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      See, password hashing I’m familiar with. (or at least the concept)

      But there’s nothing stopping the web app just sending the password you’ve entered directly to the web server. It’s open source, so I’m sure those with the skill have looked through the code, but every time you visit the page, you’re reloading fresh code that could easily have changed since your last visit. It could even be targeted to specific users making it extremely difficult to look for.

      This is a concern that’s been in the back of my mind ever since I learned of password managers. I only began using one because I could self host it and cutoff any possible access.

      • oktoberpaard@feddit.nl
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        I see. Well, that’s a valid concern, I guess. That’s similar to how WhatsApp is end-to-end encrypted, but they might as well be sending your private key somewhere, or your locally decrypted messages. In the end it’s to a certain extent based on trust, unless you can and are willing to control and/or audit the critical parts.

  • Deebster@programming.dev
    link
    fedilink
    English
    arrow-up
    2
    ·
    9 months ago

    It’s a valid concern, because the truth is they could. Of course, they could also have some code in the app/plugin that sends your credentials to somewhere even if you’re self-hosting.

    Security always comes down to a trade-off between convenience and trust. In theory you could compile everything yourself after auditing the code, but that’s not realistic (and just moves the trust to your toolchain, OS, CPU microcode, etc).

    It’s a matter of trust that the code doesn’t have anything nefarious in on purpose, that the semi-fictional “many eyes” have caught any accidental bugs, and that their processes and security are good enough to stop bad actors from inserting malicious code.

    I’m assuming you already use 2FA where possible, and I personally keep my codes out of Bitwarden as a little extra defence in depth.

  • asudox@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    9 months ago

    The bitwarden servers do not store your password in plain text, but rather as a hash. The hashing algorithm they use hashes the password and outputs a digest. Hashing algorithms are by design not reversible and no hashing algorithm outputs the same hash (at least the audited ones). This can be used to check if the password is indeed the correct password without knowing the password itself. Upon authenticating, the server sends you the encrypted vault and the encrypted vault is decrypted using the same password locally on your computer. So nothing is sent in plain text nor received.