The Bitwarden Blog

Configuring Bitwarden Clients for Offline Access

GO
escrito por:Gary Orenstein
publicado:
Link Copied!
  1. Blog
  2. Configuring Bitwarden Clients for Offline Access

Even with internet access expanding all the time, sometimes you end up offline with a need to access your secure information. With Bitwarden, most client applications provide access to your vault while offline, while still retaining end-to-end encryption.

Let’s discuss a bit about the Bitwarden architecture, then outline how to configure your client applications for offline access.

Bitwarden client-server architecture

Bitwarden uses a client-server architecture where every Bitwarden client application connects to the Bitwarden Cloud or a Bitwarden self-hosted server.

This setup enables easy synchronization between an unlimited number of passwords across an unlimited number of devices, even with the Bitwarden Basic Free Account. The client-server architecture and the Individual Vault for a Bitwarden user is shown in Figure 1.

Bitwarden uses a client server architecture - Bitwarden uses a client server architecture

For a more detailed look at the Bitwarden architecture, including how to add Organizations for family or business use, see the Bitwarden Architecture presentation.

Bitwarden authentication and decryption

To retain the zero-knowledge, end-to-end encryption architecture, Bitwarden performs two operations when you want to get into your vault.

Login / authentication

The first step is login and authentication. Bitwarden needs to confirm your identity using a combination of your email address and your master password. If you have two-step login, or two-factor authentication, configured - which we highly recommend - then you will also need to complete that step to finish authenticating.

One you have authenticated with the Bitwarden Cloud or a self-hosted server, Bitwarden will transfer the contents of your encrypted vault to the client application.

Unlocking and decryption

The second step is decrypting your vault which also happens using a combination of your email address and your master password. With individual users and the Bitwarden Cloud, these two steps happen together as they are both handled by Bitwarden.

If you are interested in the technical details behind Bitwarden encryption see the Bitwarden Security Whitepaper.

Staying logged in to browser extension, desktop, and mobile clients

With Bitwarden, as long as you remain logged in, Bitwarden will cache a copy of your encrypted vault on your device. This means that even if you lose connectivity, you can still decrypt and access your vault. Offline access with Bitwarden is read-only, write access is available while online.

Offline Vault sessions will expire after 30 days.

Except for mobile client applications, which will expire after 90 days.
Two-step Login Remember Me selections will expire after 30 days.

Using the settings you choose, you can maintain access to your Bitwarden Vault by keeping the right clients logged in.

It’s important to note the difference between locking your vault and logging out. When you lock your vault, the encrypted vault data stays on your local device, and can be unlocked with your master password, PIN, or biometrics. When you log out the data is cleared from your device and you must connect to the Bitwarden servers (or your own server if self-hosted) and enter your credentials to receive the encrypted data again.

Client redundancy provides additional protection

Depending on your security preferences, it may make sense to stay logged in to multiple clients at the same time. For example, some users have inadvertently lost their phone and two-step login information, only to find out that they had an active session in the desktop app or browser extension where they could still log in and download their vault.

Of course, other users prefer logging out of the Bitwarden application completely for greater protection. The help article on Vault Timeout Options presents the choices users have to configure their Bitwarden clients appropriately.

Creating vault backups

Offline backups provide yet another option for maintaining a well protected security posture. For more info on this check out 7 Tips to Protect Your Bitwarden Account and advice from World Password Day on Top tips to protect your passwords.

New to password managers

If you are new to password managers, learn how they can help keep you safe and simplify your digital life! Try the Basic Free Account or enable your team by starting a free 7-day business trial.

Security Tips
Link Copied!
Volver al blog

Get started with Bitwarden today.

Crea tu cuenta gratis

Mejora tus conocimientos de ciberseguridad.

Suscríbete al boletín informativo.


© 2024 Bitwarden, Inc. Términos Privacidad Ajustes de Cookies Mapa del sitio

Go to EnglishStay Here