Is there a way as owner of an organization to adjust the KDF iterations of my users vault?
This is performed client side, so best thing to do is get everyone to sign off after completion. Keep in mind having a strong master password and 2FA is still the most important security aspect than adding additional bits of entropy by iterations beyond a certain point.
Instructions here for reference that you can share with your team: https://bitwarden.com/help/what-encryption-is-used/#changing-kdf-iterations
We’re also looking at different ways we can message this to existing users, including a prompt to indicate weak KDF iterations, stay tuned!
2 Likes
I would love an Organization Policy to set the minimum KDF Iterations for end-users. I can’t ask 200+ users to login and change the KDF Iterations after setting up their accounts.
5 Likes
Thanks for the feedback, it has been passed along to the team!
3 Likes