Vulnerability from using PIN entry on password managers

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
Topic Author
gavinsiu
Posts: 4536
Joined: Sun Nov 14, 2021 11:42 am

Vulnerability from using PIN entry on password managers

Post by gavinsiu »

I saw this recently. https://www.ghacks.net/2023/03/21/bitwa ... rity-risk/

Just to summarize, you can setup bitwarden to use a pin for login. When you do so, you will have a checkbox asking if you want to enter master password on restart. If you say yes to master password on restart, you have to enter the master passworrd whenever Bitwarden starts up, so when you reboot your computer or restart your browser, you have to enter the master password at the program start and then you can use the PIN to unlock.

If you however say no to enter master password on restart, you can use the PIN to unlock the vault on startup. However, this increases your vulnerability because if someone gets a hold of your vault file, they can use bruteforce to unlock using the PIN. Wait, you ask Bitwarden will prompt you for a master password after 5 retries. This is true, but that retry is enforced by the Bitwarden GUI. If someone were to access the vault by using a program then it doesn't get blocked after 5 retries.

The difference between the first and the second method is that the pin info doesn't get save to disk unlike the first method, so if someone get a hold of your file, they can't open it without the master password. What would the attack vecor be?

1. Someone gains physical access to your drive and copy it. To do this they would need to be able to log into your system and then copy the file. On OS that might not encrypt the drive, a hacker could copy your file without logging in. For example, many windows install are not encrypted. I could boot the system using a Linux USB drive and then copy the file without logging in. ChromeOS, Android (at least later versions), IOS, and mac are typically encrypted. Linux and Windows might not be by default but can be setup for encryption. The best practices would be to encrypt your drive, have a strong login password, and physically secure your computer.

2. Some sort of malware could technically copy the file off your drive. The best practices is of course to keep your OS up to date and do not install software from unknown source.

Just to be on the safe side, I would recommned that you force bitwarden to enter master password on restart. I am pretty sure other system have similar vulnerabilities. My only other experience is enpass, which forces you to re-enter the master password on startup unless your computer has a TPM to store the master password If you have a windows or Linux, try to enable disk encryption.

Even if you stick with the PIN, your chance of being attacked this manner is still pretty remote unless you are targetted. I also have relative that have trouble typing in long passwords. If they have to type it in all the time, they would probably tape the password on their monitor, which would be worse than having the pin.
Post Reply