The Admin of an organisation’s Bitwarden has limited visibility of certain aspects of their user’s Bitwarden settings.
While 2FA can be enforced by Enterprise policy, it is not possible to check if a user is using email 2FA or Authenticator Application.
There is no method to check if a user is using the ‘Remember Me’ tick box and bypassing security requirements.
While yes an Admin could physically audit their Bitwarden users, that is rather time-consuming and not very user-friendly.
I would like to have the Admin / Owners the ability to run a report that assists with the overall use of Bitwarden within an organisation.
Being able to confirm that email was not being used as 2FA and that no user was using the ‘Remember Me’ tick box would assist with the overall admin of the application.
There are likely other Admin functions that others may think of that could be provided in a report format similar to existing reports.
We have Bitwarden Policies in place for 2FA, for password strength etc but no real method to monitor the entire organisation.