Admin Password Reset Policy

I have read about the new feature “admin password reset” which can be set by enterprise policy here Admin Password Reset | Bitwarden Help & Support

The documentation notes this can automatically enroll new enterprise users to the organization that has this policy enabled upon being invited to the organization. It also documents that users currently enrolled in an Org must enroll manually and will not be retroactively enrolled into this new feature upon policy change.

One thing I am not clear on is the optional unenrollment from this feature, detailed here Admin Password Reset | Bitwarden Help & Support
Does an enterprise organization user who unenrolls from admin password reset after being accepted into an Org that requires this due to enterprise policy then get removed from the org, similar in manner as users are removed with MFA policy Admin Password Reset | Bitwarden Help & Support
Or because the encryption methodology used and the fact that the feature is not retroactive in nature does the user remain in the organization?

Thanks

Currently, the policy is only for enabling the reset feature overall and also performing automatic enrollment during the joining of an organization.

If a user un-enrolls after joining the org, they are not currently removed from the org, however, a policy that will require enrollment be maintained is in the works.

1 Like

Awesome! Thanks for the clear response and all the great work from the team.

Wonderful product, been using it personally for years and got our internal IT team using it. Manager loves it, looking to hopefully try and make a sell to C-suite soon for the company overall.
These types of granular control and specific levels of administration by our IT, and audit capabilities truly help to “seal the deal” when it comes to our directors and above.