We are currently using Bitwarden Enterprise as a test within our organisation but a few speedbumps have crossed our path. We are trying to figure out how to protect Collections and their items from rogue users, misstakes etc.
Given the following scenario
- User A has gone rogue and deletes all password within Collection A. User A then continues to delete all items in the Trash, permanently.
How can we best avoid the above from happening? We can give User A read access to the collection, but if that user signs in to a page and it prompts for a new password due to expiration, the new password will not be automatically updated in the collection due to the read-only access.
This is the dilemma we face. We cannot understand why there is not a delete permission in groups. We also find it odd that regular users can permanently delete collection items from the trash.
How should we go about this?