Organization — Two-step login enforcement doesn't work #1078

New issue

Closed

opened 2026-02-20 08:07:20 -05:00 by deekerman · 2 comments

deekerman commented 2026-02-20 08:07:20 -05:00

Owner

Copy link

Originally created by @guillaume-u on GitHub (Jul 10, 2021).

Even if I've set "Two-step login" enable in an organization policy.
New user (via an invitation) can join this organization without Two-Step login configured on their account.

• Vaultwarden version: latest stable v1.22.1
• Installed method : Build from source
• Client : web vault

Steps to reproduce

• Vaultwarden was started via "./vaultwarden" or via systemd.

• Create a new organization

• Set the policy "Two-step Login" to enable

• Invite a new user (as "user" or "manager")

• Create the new account (by following the invitation email) — without setting a two-step factor.

• Accept the user in the organization.

Expected behaviour

• A user without a Two-step login enabled, should not be able to join a organization with "Two-step login" setting enabled.

Actual behaviour

• A user without a Two-step login enable can join an organization with "Two-step login" enabled.

Originally created by @guillaume-u on GitHub (Jul 10, 2021). Even if I've set "Two-step login" enable in an organization policy. New user (via an invitation) can join this organization without Two-Step login configured on their account. * Vaultwarden version: latest stable v1.22.1 * Installed method : Build from source * Client : web vault ### Steps to reproduce * Vaultwarden was started via "./vaultwarden" or via systemd. * Create a new organization * Set the policy "Two-step Login" to enable * Invite a new user (as "user" or "manager") * Create the new account (by following the invitation email) — without setting a two-step factor. * Accept the user in the organization. ### Expected behaviour * A user without a Two-step login enabled, should not be able to join a organization with "Two-step login" setting enabled. ### Actual behaviour * A user without a Two-step login enable can join an organization with "Two-step login" enabled.

deekerman closed this issue 2026-02-20 08:07:20 -05:00

deekerman commented 2026-02-20 08:07:21 -05:00

Author

Owner

Copy link

@bokkabonga commented on GitHub (Jul 12, 2021):

There is an existing PR for this which is pending a review and checks, as far as i know. See #1604

@bokkabonga commented on GitHub (Jul 12, 2021): There is an existing PR for this which is pending a review and checks, as far as i know. See #1604

deekerman commented 2026-02-20 08:07:21 -05:00

Author

Owner

Copy link

@guillaume-u commented on GitHub (Jul 12, 2021):

You're right, it's the same issue as #981

Sorry.

Guillaume.

@guillaume-u commented on GitHub (Jul 12, 2021): You're right, it's the same issue as #981 Sorry. Guillaume.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels   

SSO

  

Third party

  

better for forum

  

bug

  

bug

  

documentation

  

duplicate

  

enhancement

  

future Vault

  

future Vault

  

future Vault

  

good first issue

  

help wanted

  

low priority

  

notes

  

question

  

troubleshooting

  

wontfix

No labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

question

troubleshooting

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/vaultwarden#1078

No description provided.