Master passwort requirements: Require existing members to change their passwords-setting #1900

New Issue

Closed

opened 2026-02-05 02:09:02 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2026-02-05 02:09:02 +03:00

Owner

Copy Link

Originally created by @wighub on GitHub (Apr 17, 2024).

Originally assigned to: @BlackDex on GitHub.

We recently set up a master password-policy and expected the flag
"Require existing members to change their passwords" to enforce noncompliant users to update their password on the next login (as documented here)
This does not apply: Our testuser with a noncompliant password can still log in and no enforcement takes place. The new master password policy will only apply when user tries to change his password.
We are using Version 1.30.5

To Reproduce

1. Disable any master password policy
2. Create new user
3. Invite user to organisation
4. Enable password policy including flag "Require existing members to change their passwords"
5. Log in as noncompliant user

Originally created by @wighub on GitHub (Apr 17, 2024). Originally assigned to: @BlackDex on GitHub. We recently set up a master password-policy and expected the flag "Require existing members to change their passwords" to enforce noncompliant users to update their password on the next login (as documented [here](https://bitwarden.com/help/policies/#:~:text=Require%20existing%20members%20to%20change%20their%20passwords)) This does not apply: Our testuser with a noncompliant password can still log in and no enforcement takes place. The new master password policy will only apply when user tries to change his password. We are using Version 1.30.5 **To Reproduce** 1. Disable any master password policy 2. Create new user 3. Invite user to organisation 4. Enable password policy including flag "Require existing members to change their passwords" 5. Log in as noncompliant user

OVERLORD added the enhancement label 2026-02-05 02:09:02 +03:00

OVERLORD closed this issue 2026-02-05 02:09:05 +03:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1900