As Enterprise Bitwarden user, I’d love the dedicated policy, that allows me to enforce usage of TOTP/FIDO2 on my users instead of mail-based one-time code.
For now I could only enforce MFA usage, but this defaults to mail and I cannot monitor or enforce TOTP/FIDO2 on my users.
I consider mail-based code weaker than other forms of MFA.
3 posts were merged into an existing topic: Require specific 2FA methods for organization members