Enterprise Admin password reset

[pepa65]

I am not sure I like features like this, although in a school situation it could be handy for the admin to be able to give out a new password to students when they have forgotten theirs.
https://bitwarden.com/blog/post/admin-password-reset-is-out/
Any thoughts? It sounds like a recipe for abuse, especially if an evil admin cirumvents the mandatory user agreement. Expect hacked clones to appear, weakening the Bitwarden name...

[BlackDex]

We need to add some code for this. I was already looking at it because of the web-vault update for which we do need to add some api support linked to that feature.

Also, you can only enroll new users automatically during register, existing users are needed to enable it them self.

[datazon]

Is there anything new about the status?

[martintopholm]

I undestand your concern, but it is likely also possible to inject malicious javascript for the web-vault code capturing logins - if you want to be evil. You need to trust the server host to be honest and do a good job.

Password reset is also welcome feature for our family setup. Currently we're using forced organization ownership instead, but password reset would be better.

[meichthys]

Currently we're using forced organization ownership instead, but password reset would be better.

Same here. Organization ownership seems to be the best alternative currently.

[NoirPi]

Organization Ownership isnt a viable Option for the Use-Case i have here. I want to allow Users to store their own Passwords in their own Vault and Organization relevant in the Organization. If i force them to Organization Ownership and if i understand that topic correctly then they "cant" or at least shouldnt store their own Passwords in the vault.

[thibaultmol]

Hope this gets implemented next year at least. This is pretty essential for use within small groups/orgs

[SecureCPU]

I would love this. We use the forced organization. but really want to use the admin password reset and admin panel instead. would allow us to allow our users to have their own private vaults as well

[ticktostick]

Also here its essential for orgs

[BlackDex]

To be fair. If you think it is essential, buy a license and use Bitwarden.

[thibaultmol]

@BlackDex tbf, some companies choose to run vaultwarden for small orgs. Cause it's easier to run/maintain than an official bitwarden instance.

Guess that might change now that there is a new smaller bitwarden container being released soon

[ticktostick]

you are absolutely true
it essential for orgs (is a fact), I am using vaultwarden without it not for org. An org of 200 users almost every day have one case of password reset mainly bs of users forget it . Can not imagine how we can handle vaultwarden without password reset in org

[Spunkie]

This discussion is still the one linked in the feature requests, but is this now resolved by #3116?

[meichthys]

Just for reference, there is an issue about this feature but it doesn't seem to be fully reproducible, so it could just be an isolated issue:
#3388

[BlackDex]

This discussion/post isn't an issue, but a request for this feature. Which is, since there is an issue reported, already part of Vaultwarden.