diff --git a/docs/security/definitions.mdx b/docs/security/definitions.mdx index 0954bbe0..7ff00bf4 100644 --- a/docs/security/definitions.mdx +++ b/docs/security/definitions.mdx @@ -7,17 +7,22 @@ sidebar_position: 2
Vault data
- The collection of a user’s sensitive and private information that they choose to store -securely within Bitwarden's secure environment. This data typically includes: + The collection of a user's private information that they choose to store securely within Bitwarden's secure environment. + This typically includes highly sensitive data such as: - - **Passwords**: Credentials for various websites, applications, and services. - - **Usernames**: Associated usernames for accounts. - - **Secure Notes**: Encrypted notes containing sensitive information that the user wants to keep - secure. - - **Credit Card Information**: Payment card details like card number, expiration date, CVV, etc. - - **Identities**: Personal information such as names, addresses, phone numbers, and email addresses - that can be used to autofill forms. - - **Attachments**: Any files uploaded by the user to be stored securely within the vault. + - **Passwords**: Credentials for various websites, applications, and services. + - **Usernames**: Associated usernames for accounts. + - **Secure Notes**: Encrypted notes containing sensitive information that the user wants to keep + secure. + - **Credit Card Information**: Payment card details like card number, expiration date, CVV, etc. + - **Identities**: Personal information such as names, addresses, phone numbers, and email addresses + that can be used to autofill forms. + - **Attachments**: Any files uploaded by the user to be stored securely within the vault. + + Vault data may also refer to less sensitive data such as metadata: + + - **Last Updated**: The last time an item was updated. + - **Created Date**: The date an item was created.
User
diff --git a/docs/security/principles/01-locked-vault-is-secure.mdx b/docs/security/principles/01-locked-vault-is-secure.mdx index ad06c4c7..57124a2b 100644 --- a/docs/security/principles/01-locked-vault-is-secure.mdx +++ b/docs/security/principles/01-locked-vault-is-secure.mdx @@ -1,8 +1,8 @@ # P01 - A locked vault is secure -Clients must ensure that once the vault has been locked, no vault data can be accessed in plain -text, even if the device becomes compromised after the lock occurs. Protections are not guaranteed -if the device is compromised before the vault is locked. +Clients must ensure that highly sensitive vault data cannot be accessed in plain text once the vault +has been locked, even if the device becomes compromised after the lock occurs. Protections are not +guaranteed if the device is compromised before the vault is locked. ## Technical Considerations