Bitwarden responds to encryption design flaw criticism

Password vault provider Bitwarden has strengthened its default security protocols in response to criticism over encryption weaknesses. Using just 200,001 security iterations, 100,001 client-side and 100,000 server-side, the firm was accused of placing users’ encryption keys at risk of brute force attacks. Following advice from community forum users and security researchers, Bitwarden increased its default client-side iterations to 600,000. The change initially applies only to new accounts and it is unclear if existing accounts will be automatically updated.