Skip to main content

P05 - Minimized impact of security breaches

Even with robust security measures in place, user error or unforeseen vulnerabilities can lead to various security breaches, including the compromise of encryption keys or data leaks. Bitwarden should take available actions to help users limit the damage caused by such breaches, both in scope and duration. This includes:

  • Detecting and invalidating compromised device sessions.
  • Rotating encryption keys to reduce the risk of “harvest now, decrypt later” attacks (forward secrecy).
  • Ensuring that any data added after a breach remains secure, maintaining post-compromise security.