Hello everyone,
recent information has brought to light that Bitwarden has a really low KDF iteration on cloud-hosted (5,000) and a relatively low default on self-hosted instances (~100,000).
This can easily be changed on the Web UI for the Instance, but be warned – you will be logout out of all devices and sessions once these settings has been changed!
Here is how you do it:
- Log into Bitwarden, here
- Check the upper-right corner, and press the down arrow
- Go to “Account settings”
- Under “Security”
- Onto the Tab for “Keys”
- Enter your Master password and select the KDF algorithm and the KDF iterations.
- For algorithm, I choose PBKDF2 SHA-256 and set my iterations to 500,000
- If the settings fit your requirements, simply press “Change KDF”, remember that pressing this will force you to set up all your devices again
If you still had issues, or the guide is not working or just simple found spelling mistake, found a better or even simpler solution, let me know!
Thank you for reading, hopefully it was helpful.
Best regards,
– Kleb/Leon
