Teams/Enterprise user with regular edit permission shouldn’t be allowed to delete an entry permanently.
There are many ways to achieve the above end goal
- Move it to Archive collection which only admin has access to.
- Add permission to prevent moving to trash but only allow edits. Since previous passwords are always available
Drawbacks of various workarounds
Set users permission as ReadOnly
- This severely restricts users from editing an existing entry. Instead they have to contact admin over insecure means so that the admin can update the password.
Trash Feature Workaround
- User with Edit permissions can empty the Trash
- Trash itself empties after 30days! automatically.
Export as Backup workaround
- The whole purpose of BitWarden is so that we don’t have to manage sensitive credentials, backups just punt the problem back to the user.