VW Update 1.12.0 - Argon2: Should I apply the update?
-
@humptydumpty You should first do a backup/export of your vault. Check if you have attachments used in your records, because attachments are not exported!
Then all you need to do is to login as user to your web vault and change the crypto in the settings.
As the crypto stuff is done by the client, and not the server, the server specs does not matter. Make sure that all Apps and Plugins you use with you vault do support Agon! And there is some limitation in iOS for autofill mentioned somewhere in the vaultwarden guide. I would keep them from default settings as its already better than recommended.
-
@Kubernetes TYVM!
-
It looks like I can only export my own vault and the organization I'm associated with from the admin page. Other users need to export their own vault. Anyway, I created a new backup, and it looks like I can download a copy of the backup now, not just the configuration file. Cool stuff.
-
@Kubernetes I changed my vault encryption to Argon2id, and now I'm trying to hash the admin token. According to this VW GitHub page, I can use a command in docker (which I assume Cloudron's terminal would work here) and it will hash the admin key.
# Using the Bitwarden defaults (default preset) # Via docker on a running container docker exec -it vwcontainer /vaultwarden hashThe part where it says "hash", am I supposed to replace it with a string of characters or leave as-is?
-
@humptydumpty Yes, it is in the Cloudron's Terminal of the Vaultwarden App. You just need to execute it with ./vaultwarden hash... (without docker exec). I think I did "vaultwarden hash argon2" and then it was asking for a password (twice). I entered my existing admin token and it generated a command that should be put into docker-compose file. As we don't use docker-compose in the same way, you have to edit with the fileeditor of your App the config file and put everything from the string output to the admin_token value pair.
example:
before any changes:
"admin_token": "123456",after you generated the new admin token:
"admin_token": "$argon2id$v=19$m=65540,t=3,p=4$abcdef",Be carefull with that change as you might lock you out of admin panel if you do something wrong.
-
@Kubernetes Oh shoot, that's a tricky process. I'll do it when I got a clear mind.
As for the regular Argon2id update, it's working fine on my PC's but on iOS (A12 Bionic), I kept getting a parse error. Logging out of the account didn't fix it but completely deleting the app and reinstalling worked like a charm.
I did change the values from the defaults for my vault, so maybe that had something to do with the error, but I'm running these successfully now:
- memory is still at default of 64 MB
- iterations value of 4
- parallelism value of 8 (formula is CPU cores * 2; weakest CPU I have has 4 cores)
-
@humptydumpty said in VW Update 1.12.0 - Argon2: Should I apply the update?:
memory is still at default of 64 MB
Really!? Mine is at 3.75GB, but I also have over 4000 records in it.
-
-
@Kubernetes yep
here's a screenshot for reference
-
@scooke said in VW Update 1.12.0 - Argon2: Should I apply the update?:
but I also have over 4000 records in it.
I forgot to ask you, do you feel it takes extra time to load the vault logins when having that many records?
