Server: Vault Sharing

Created on 18 Jan 2017  路  8Comments  路  Source: bitwarden/server

Add ability for users to share items in their vault through folders and/or individual logins.

Design

password sharing diagram

Flow

  1. User A creates Folder X.
  2. User A decides to share Folder X with User B.
  3. Random symmetric key is generated for Folder X.
  4. Folder X key is encrypted using the public key for User A and User B.
  5. User B logs in an obtains access to Folder X.
  6. User B receives symmetric key B and decrypts with private key.
  7. User B decrypts Folder X data with Folder X symmetric key.
  8. User B adds Login Y to Folder X, encrypts with Folder X symmetric key.
  9. User A can now access and decrypt with symmetric Key A from Folder X.

Comments

  1. Every user has a public and private (asymmetric) key
  2. Every share folder has a random generated symmetric key with a stored copy that is encrypted using the public key of each user that it is shared with.
  3. Every share folder and it's share data is encrypted/decrypted using the folder symmetric key.
  4. A folder's symmetric key can be re-generated as long as the logins and encrypted keys for each user are re-generated as well. This shouldn't ever really need to happen.
  5. If a user needs to change their master password, their private key will just need to be re-encrypted. There should be no affect on the shared folder data or it's keys.

Issues

  1. How will nested folders fit into this sharing scheme? Will all child folders be visible?
  2. How will parent folders be handled when a child folder is shared?
  3. How will individual login shares be handled?
enhancement

Most helpful comment

This is essential for me. My use case:

  • My wife and I both have lots of logins
  • Some are kept separate because we have separate identities (e.g. email or social media)
  • Some are shared because it's shared info:

    • bank and other shared finance accounts

    • Amazon and other shopping

    • health insurance

For the shared items, it's helpful to know that if update a password, it's immediately available to her.

It's not enough to enable just sharing individual items. By sharing a folder, she can add a new site's login and it's immediately available to me.

All 8 comments

This is essential for me. My use case:

  • My wife and I both have lots of logins
  • Some are kept separate because we have separate identities (e.g. email or social media)
  • Some are shared because it's shared info:

    • bank and other shared finance accounts

    • Amazon and other shopping

    • health insurance

For the shared items, it's helpful to know that if update a password, it's immediately available to her.

It's not enough to enable just sharing individual items. By sharing a folder, she can add a new site's login and it's immediately available to me.

If your Software support this feature we will use it in our company and spend some money for your project!

@computer-spezialisten-de we're already working on this and hope to have it available in the coming months. Stay tuned.

@computer-spezialisten-de this is now complete with organizations. See https://blog.bitwarden.com/password-sharing-is-here-organizations-cf9e7a2098d2

Excellent news. I'll read up. Thanks

Something new on this old topic ?

In addition of organization sharing, it would be great

  • either to allow ownership transfer of a password.
    Use case is : I create a password for a new collaborator. It will be available in his own vault and I do not get access to this anymore
  • or to allow sharing without creating a specific collection.
    Use case is quite the same : I want to create a new password, shared with final user, without creating a specific new collection (which is bad way to do in my organization, because it would create too much collections, a bit messy)

I share @damiencuvillier first use case. I am sysadmin in my company and create personalized credentials on a regular basis.
I would like to transfer the created login entry to a user in my organization (sharing implies that I still have access, which I neither want nor need nor should I have according to our password and encryption policies).

The closest flow I could come up with within bitwarden enterprise is:

  1. create a new collection
  2. create the login and share it with the new collection
  3. share the collection with the intended recipient
  4. wait until the recipient has created a new, non-shared login entry
  5. remove the shared login and the collection

As stated above, I don't want the collection nor the shared login to remain after the recipient has received their credentials.
Is there a simpler way to achieve this? Because this is the cryptographically secure variation of passing on sticky notes.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

chasgames picture chasgames  路  4Comments

theontho picture theontho  路  4Comments

chessgriffin picture chessgriffin  路  3Comments

FoxBJK picture FoxBJK  路  3Comments

marcrib picture marcrib  路  5Comments