I’m a new user here and want to try Bitwarden/Vaultwarden. Bitwarden declares that
Bitwarden always encrypts and/or hashes your data on your local device before anything is sent to cloud servers for storage. Bitwarden servers are only used for storing encrypted data.
Nonetheless, to create new account on Vaultwarden server I need to type my master password at the begging. In case if server machine is vulnerable or untrusted my master password can be stolen at this very moment. I want to use server for “storing encrypted data” only, without any typing my master password in it at all. Is it possible to create an account in Vaultwarden without granting the master password? I want to store encrypted data from mobile and desktop application, and never give server ability to decrypt my data - other words, to use server like untrusted file storage or so.
Any manuals or suggestions?
Typing in your master password doesn’t send it to the server (see Bitwarden Security Whitepaper | Bitwarden Help & Support), unless the server has been compromised and is sending out a malicious version of the web vault code. If you want to avoid that situation, you can create your account using the browser extension or desktop/mobile apps instead, though obviously you would have to trust that those apps have not been compromised in some other way.
Unfortunately, the web vault is currently the only client that supports certain operations, like managing 2FA and organizations, so you might still need to log into the web vault for some things. Perhaps in the future, there will be more feature parity across the clients. You might consider checking the feature request forum and creating a new request or voting on an existing one if that’s important to you: