Company policies


I would like a company policy option to:

  • Force two-factor authentication using app
  • Disable option to never lockout when using extensions/apps.

These are the most common requirements Thanks!


We also would like to be able to at the very least prevent users in our organization from configuring their browser extension to never lock. It would be even better if we could enforce a specific lock setting.


More ideas for policies:

  • Password generator strength parameters
  • Item of type Login password strength requirements
  • Default save location when adding new items (personal vault vs org collection)
  • Restrict ability to create items in personal vault
  • Disable ability to “remember me” on 2FA prompts


The force 2FA part at least is already requested here: