Forcing 2fa for users

Enforcing 2fa for all users from the Admin side.

Enforcing 2fa with every login even if the user selects “remember me”.

Enforcing 2fa when a user logs out/back in.

Thansk!

Hi @phatpuckz and welcome to the community,

Currently the best way to enforce 2FA requirements across user logins can be solved with the use of conditional access policies with your IDP of choice and the use of Login with SSO on the Bitwarden side.

2FA authentication is the handled by your IDP and all policies, restrictions, or exceptions can be made as your security team sees fit. Once the user authenticates their identity they can then decrypt their vault, either with the use of the master password or the self-hosted key connector.

Though I can see where this could be a good addition for easy management within the Bitwarden ecosystem itself. Maybe others will agree and add their vote to your request. :slightly_smiling_face: