fix: clarify which data locking protects

bitwarden · Dec 10, 2024 · 528330f · 528330f
1 parent 0373e12
commit 528330f
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 13 deletions.
diff --git a/docs/security/definitions.mdx b/docs/security/definitions.mdx
@@ -7,17 +7,22 @@ sidebar_position: 2
 <dl>
   <dt>Vault data</dt>
   <dd>
-    The collection of a user’s sensitive and private information that they choose to store
-securely within Bitwarden's secure environment. This data typically includes:
+    The collection of a user's private information that they choose to store securely within Bitwarden's secure environment.
+    This typically includes highly sensitive data such as:
 
-    - **Passwords**: Credentials for various websites, applications, and services.
-    - **Usernames**: Associated usernames for accounts.
-    - **Secure Notes**: Encrypted notes containing sensitive information that the user wants to keep
-      secure.
-    - **Credit Card Information**: Payment card details like card number, expiration date, CVV, etc.
-    - **Identities**: Personal information such as names, addresses, phone numbers, and email addresses
-      that can be used to autofill forms.
-    - **Attachments**: Any files uploaded by the user to be stored securely within the vault.
+      - **Passwords**: Credentials for various websites, applications, and services.
+      - **Usernames**: Associated usernames for accounts.
+      - **Secure Notes**: Encrypted notes containing sensitive information that the user wants to keep
+        secure.
+      - **Credit Card Information**: Payment card details like card number, expiration date, CVV, etc.
+      - **Identities**: Personal information such as names, addresses, phone numbers, and email addresses
+        that can be used to autofill forms.
+      - **Attachments**: Any files uploaded by the user to be stored securely within the vault.
+
+    Vault data may also refer to less sensitive data such as metadata:
+
+      - **Last Updated**: The last time an item was updated.
+      - **Created Date**: The date an item was created.
 
   </dd>
   <dt>User</dt>

diff --git a/docs/security/principles/01-locked-vault-is-secure.mdx b/docs/security/principles/01-locked-vault-is-secure.mdx
@@ -1,8 +1,8 @@
 # P01 - A locked vault is secure
 
-Clients must ensure that once the vault has been locked, no vault data can be accessed in plain
-text, even if the device becomes compromised after the lock occurs. Protections are not guaranteed
-if the device is compromised before the vault is locked.
+Clients must ensure that highly sensitive vault data cannot be accessed in plain text once the vault
+has been locked, even if the device becomes compromised after the lock occurs. Protections are not
+guaranteed if the device is compromised before the vault is locked.
 
 ## Technical Considerations