The Bitwarden Blog

The Importance of the Personal Vault for Business Users

For good password practices to become habits, they need to become personal.

We’re humans after all. And not everyone is programmed to follow every rule to the fullest extent at work. Sometimes shortcuts are taken, rarely with bad intent, but often by taking the easiest path. In the world of sensitive information, this might mean sharing through less-than-secure channels to get the job completed quickly.

When it comes to passwords and sensitive information at work, the more every employee participates proactively, the stronger the security health of the company. Our customers have told us that one way to boost good password practices is to let employees have their own personal vault space at work. This could be for any set of credentials that the employee wants to be their own.

Since Bitwarden began, the personal vault has been just that, personal. Even in the context of joining an organization, the personal vault portion of your Bitwarden account remained only visible to you. No other person in the organization could access your personal vault. Should you lose your main password, the personal vault could not be recovered, only deleted and restarted from scratch. To date, not even the company administrator could help you regain access to your credentials.

This approach mirrors behavior in the Bitwarden Cloud for personal accounts. Bitwarden has no way to see your information as the vault contents are stored with a zero-knowledge encryption model. Should a Bitwarden individual user lose their Bitwarden password, there is no way for Bitwarden as a company to assist beyond deleting the account and restarting from square one.

Expanding options for Enterprise Account Recovery

Bitwarden supports a zero-knowledge encryption model, such that Bitwarden cannot see customer data, and personal vaults can remain personal if chosen, even from Organization administrators.

In the real world however, inevitably someone forgets their Vault password. Such is human nature.

As companies expand password management solutions for users, it sometimes makes more sense for Administrators to have the ability to reset user passwords than to wipe the account and start anew. We call this capability Admin Password Reset and it provides companies deploying Bitwarden an option for how they handle continuity of use with employees. For example, an employee might spend time setting up their Bitwarden account but within a few weeks forget their main Bitwarden password, triggering some frustration by having to delete their account and begin the process of populating their vault again. With this feature, that path can be changed to a password reset.

Coming soon, Bitwarden Enterprise customers will have an option to activate Admin Password Reset within their Organizations. This enterprise account recovery allows for continuity of use with a password manager, especially with the investment a company puts into onboarding and rollout.

At the same time, there are advantages in some organizations to not have the Admin Password Reset capability employed. In this mode, Organization administrators take a hands-off approach to personal vaults and end users are one hundred percent responsible to remember their main Bitwarden password. Even better, Bitwarden allows the Admin Password Reset capability to be on, but not required. This lets users choose themselves. Do they prefer a scenario where the Administrator can reset their password, and also have visibility to their vault, or do they prefer a zero-knowledge approach with individual responsibility for their main Bitwarden password.

Since this is a new capability to Bitwarden, we want to detail our thinking on the implementation of this feature.

The security model for Admin Password Reset

Admin Password Reset feature notes

Common scenarios

In order to understand the intended workflow of Admin Password Reset, let’s explore two scenarios.

A few questions and answers on Admin Password Reset

Which passwords can be changed? The Admin Password Reset policy only applies to the main Bitwarden master password. Administrators have no option to change other passwords within user vaults, such as passwords to third party sites.

What happens when Login with SSO is in place? Bitwarden Login with SSO delegates authentication to the Identity Provider while retaining a Bitwarden password for decryption. The Admin Password Reset function only affects the Bitwarden master password, and does not affect passwords from the single sign on Identity Provider.

What happens with two-step login or two-factor authentication? Any existing two-step login setup will not be changed. If an administrator resets the user’s Bitwarden password, any two-step login remains in place.

What are account takeover scenarios? With access to reset a user’s Bitwarden password, an Administrator could gain access to the user vault if the user does not have two-step login enabled.

If an administrator resets a user’s Bitwarden password but two-step login is enabled, the administrator can lock the user out of their vault, but will not be able to log in directly as they will be stopped by two-step login.

If an administrator resets a user’s Bitwarden password and Force SSO authentication is enabled, the administrator will only be able to log in if they have the SSO credentials as well, usually requiring an email takeover.

Getting started with Bitwarden Enterprise

Want to get started with your own Enterprise deployment? Start a free trial at bitwarden.com/pricing/business.

Looking for yourself? Create a Basic Free Account and get a fully featured password manager to help you stay secure.

← Back to Blog