Password rotation support

  • WHAT: BW server can rotate a/group of passwords and email user new password.

  • WHY : This will help organization to implement regular password rotation policy.

The Bitwarden server can’t do this since it does not have your vault’s encryption key. You would have to allow the server to store your encryption keys which is a violation of the zero-knowledge architecture that Bitwarden operates.


Maybe the clients could implement this and sync between to agree on a date and an operator (which client generates the news password) ? The client would need to be unlocked and thus have access to the vault.

Hi, I think that would be a possibility.

Along with the registration of credentials, a “date of last update” field will be created. Based on this field, create a report of passwords that have been more than a while since the last update.

Even though it is a manual process, and requires processing on the client, it at least allows older passwords to be viewed and organized.

For exceptions, there could be a “password never rotates” field to meet any need.

My thought with this is to solve the dilemma of changing passwords based on third-party leaks. Because companies that leaked data are not always in the newspapers.