User-level password health reports for Organizations

As a manager of an organization I want to make sure that everyone is using my companies policies.
When I log in to the web interface as an owner or a manager I want to see who is having weak passwords in my organization so I can address it to the user. These ‘weak passwords’ should be based on my Password generator requirements.

Is this what you are looking for? Scroll down and take a look

Paid organization plans can also access these reports to analyze the items contained in the organizational vault:

  1. Log in to the web vault at
  2. Click Settings in the top navigation bar.
  3. Click Organizations in the top navigation bar.
  4. Locate your Organization and click on it.
  5. Click Tools in the Organization’s navigation bar.
  6. Locate the Reports section.
  7. Select the report needed.

No I only get to see organization passwords.
Passwords that are added by a user (personal) can’t be managed.

I think only the passwords in a collection or organization can be monitored. Personal logins may only be viewable to the that user only.

If you wait for sometime, @tgreer or someone else will be able to answer your queries.
I don’t use Organizations

@guusberg you’re correct, as an Organization, you can only run reports on Org items. Perhaps the title of this thread should be “User-level password health reports for Organizations” or something to that effect.

I can change it, or if you would like to, or have a better title, please feel free to do so :slight_smile:

The title has been changed. Thanks for the feedback.
But what about the feature request @tgreer

This topic and votes will serve as the feature request and help us with prioritization :slight_smile:

Though the only item that may be different here is what qualifies as ‘weak’ - we’d use our standard strength calculator ZXCVBN - but could possibly reference the password’s 0-4 score as a reference for ‘acceptable’ levels of complexity. :+1:

this one…

This would be a great feature. We as organization owners/admins don’t need to see the actual password the user uses, we just need to know the strength. I can almost guarantee some users don’t use the password generator for whatever reason.

However, because of the nature of Bitwarden organizations, I think this option should only be usable where the policy for “Single Organization” is enabled since that effectively means it’s a company account.