Reset 2FA on managed organization users

Feature Requests Password Manager
, ,
1

As an MSP it is critical for us to be able to reset 2FA for our managed users.

Currently if the user changes phones and loses their Recovery Codes, we have no choice but to delete their account and start from scratch.

This is a frustrating and risky situation for our users. Of course, we can tell them to simply print out the codes and store them somewhere safe (and we do) but you can never rely this factor alone (we have had cases where users simply misplaced the recovery codes).

Physically printing the codes also comes with it’s own set of security implications.

Please add the ability for us to reset our users’ 2FA - other services like Microsoft already provide this ability.

Thank you,

3 Likes
2

We have a need for this. Right now a user is locked out for this reason.

3

Since Bitwarden Enterprise is advertised as having account recovery, this feature is essential to delivering on the promise of your product. You cannot expect Enterprises to run a password/secrets manager that a rogue employee can lock the employer out of. Account recovery means all auth mechanisms, not just the password. Password reset without 2FA reset is worthless.

1 Like
4

@desp perfectly said :+1: