1P Secret Key vs Bitwarden Multifactor encryption

strif4

Which one is superior?

BW multi factor encryption seems to be a relatively recent feature to respond to the 1P secret key.

https://bitwarden.com/blog/bitwarden-security-fundamentals-and-multifactor-encryption/#encryption-for-data-in-the-cloud

Basically, there are three benefits to Bitwarden's approach, compared to 1P:

1. Instead of a 128-bit secret key, Bitwarden uses a 256-bit Data Protection Key.

2. Instead of using the key as a XOR mask, Bitwarden uses it as an AES encryption key.

3. Instead of requiring (and relying on) the user to store and safeguard the key, Bitwarden sequesters the Data Protection Keys in a strictly controlled key management service (KMS).

Thoughts on the pros and cons between the 2 methods?

---

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

ag_tommy

@strif4

You'd most likely be looking to review the information provided in our white paper.

https://1passwordstatic.com/files/security/1password-white-paper.pdf