Account Recovery Enrollment

In order for members to be eligible for account recovery, they must be enrolled in the program. Enrollment triggers the key exchange that makes account recovery secure. There are two ways for members to be enrolled:

• Automatic enrollment: When you turn on the Account recovery administration policy, you can also turn on the option Require new members to be enrolled automatically. This option will enroll new members in account recovery automatically.

• Self-enrollment: Organization members can follow a quick process to enroll themselves in account recovery.

  tip

  Bitwarden recommends turning on automatic enrollment, however members that are already part of your organization prior to account recovery being turned on will be required to self-enroll.

Turning on the option to Require new members to be enrolled automatically will:

• Enroll new members in account recovery automatically when they enter an accepted status.

• Prevent them from withdrawing from account recovery.

Members that are already part of your organization prior to account recovery being turned on if you're using automatic enrollment, or all users if you're not using automatic enrollment, will be required to self-enroll.

To enroll in account recovery, select the  Options menu next to the organization in the Vaults view and select Enroll in account recovery:

Members of organizations that have turned on the automatic enrollment option will not be allowed to withdraw from account recovery, however members of organizations that have not turned it on can Withdraw from the same dropdown used to enroll:

Manually changing yoaur master password or rotating an encryption key will not withdraw a member from account recovery.