bitwarden/help
1
0
Fork 0
mirror of https://github.com/bitwarden/help synced 2025-12-20 10:13:15 +00:00
Code Issues Releases Wiki Activity
Files
c4534a88a7f2e729e3d38a04e9d174dcf7d1aabc
help/_articles/account/account-encryption-key.md
fred_the_tech_writer aa9e70659a Vault Management (#382) 
* Staging: Vault Mgmt (#380)

* Commit #1
- Updated Master Password article, and removed old versions (w/ 
redirects)
- Repurposed Account Encryption Key Article
- Moved Fingerprint Phrase article
- Requisite re-ordering of security articles
- Change "Account Mgmt" title to "Your Vault"
- Slight change to "Import & Export" category title

* - Managing Items
- Favorites & Folders (+images)
- Sync & Search (+images)
- Import Export title change
- Clarification re: Login v. Lock in "Field Guide to Two-step Login"
- Clarifiation re: Org Invite Expiry in managing-users.md
- New link to Acct. Encryption Key in encrypted-export.md

* Commit #3
-Custom Fields
- URIs (+ images)
- File Attachments
- VH Reports
- Required re-ordering

* Commit #4
-BWDC Login recommendation
-VH Reports images
- Added Two-step FAQs, Import FAQs
- FAQ Nav Item depricated, targetting FAQs for each category are now the 
last article within respective categories

* Commit #5
-Edit & move Account/Org Deletion Article
-config.yml to re-order global nav
-encrypted export update

* General FAQs (preliminary edits)

* Features > Misc.

* return forgot-master-password.md & downstream order changes

* delete account warning

* fixed link
2021-02-01 08:58:52 -05:00

47 lines
2.6 KiB
Markdown
Raw Blame History

---
layout: article
title: Account Encryption Key
categories: [security]
featured: false
popular: false
tags: [encryption key, account]
order: 04
redirect_from:
- /article/update-encryption-key/
---
Each unique Bitwarden account has an encryption key derived from your Master Password, according to the methods defined in [Encryption]({% link _articles/security/what-encryption-is-used.md %}). This encryption key is used to encrypt all Vault data.
## Rotate your Encryption Key
{% callout warning %}
**Rotating your encryption key is a potentially dangerous operation.** Please read this section thoroughly to understand the full ramifications of doing so.
{% endcallout %}
Rotating your account's encryption key generates a new encryption key that is used to re-encryption all Vault data. After rotating, you should quickly take the following actions to prevent data loss or corruption:
#### Log out of Client Applications
When you rotate an encryption key, you **must immediately** log out of any logged-in sessions on Bitwarden client applications (Desktop App, Browser Extension, Mobile App, etc). Logging out of client applications in this way will shut down sessions using the "stale" (prior-to-rotation) encryption key. After doing so, logging back in as normal will use the new encryption key.
**Making changes in a session with a "stale" encryption key will cause data corruption that will make your data unrecoverable.**
#### Re-download any Encrypted Exports
If you're using [Encrypted Exports]({% link _articles/importing/encrypted-export.md %}) to store long-term secure backups, you should immediately re-download the encrypted export of your Vault data using the new encryption key.
Encrypted Exports use your encryption key to encrypt **and decrypt** your Vault data, meaning that a rotated encryption key will not be able to decrypt an export created with the "stale" (prior-to-rotation) key.
### How to Rotate your Encryption Key
Complete the following steps to rotate your account encryption key:
1. Log in to your [Web Vault](https://vault.bitwarden.com){:target="\_blank"}.
2. Select **Settings** from the top navigation bar.
3. On the **My Account** page, locate the **Change Master Password** section.
4. Enter your **Current Master Password** and create/confirm a **New Master Password**.
{% callout success %}If you don't want to change your Master Password and only rotate your account encryption key, you can enter your current master password in the **New** fields to prevent it from changing.{% endcallout %}
5. Check the **Also rotate my account's encryption key** checkbox and accept the dialog.
6. Select the **Change Master Password** button.
Reference in New Issue View Git Blame Copy Permalink