[GH-ISSUE #1849] Organization — Two-step login enforcement doesn't work #1078

New issue

Closed

opened 2026-03-03 02:06:05 +03:00 by kerem · 2 comments

kerem commented

2026-03-03 02:06:05 +03:00

Owner

Originally created by @guillaume-u on GitHub (Jul 10, 2021).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1849

Even if I've set "Two-step login" enable in an organization policy.
New user (via an invitation) can join this organization without Two-Step login configured on their account.

Vaultwarden version: latest stable v1.22.1
Installed method : Build from source
Client : web vault

Steps to reproduce

Vaultwarden was started via "./vaultwarden" or via systemd.
Create a new organization
Set the policy "Two-step Login" to enable
Invite a new user (as "user" or "manager")
Create the new account (by following the invitation email) — without setting a two-step factor.
Accept the user in the organization.

Expected behaviour

A user without a Two-step login enabled, should not be able to join a organization with "Two-step login" setting enabled.

Actual behaviour

A user without a Two-step login enable can join an organization with "Two-step login" enabled.

Originally created by @guillaume-u on GitHub (Jul 10, 2021). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1849 Even if I've set "Two-step login" enable in an organization policy. New user (via an invitation) can join this organization without Two-Step login configured on their account. * Vaultwarden version: latest stable v1.22.1 * Installed method : Build from source * Client : web vault ### Steps to reproduce * Vaultwarden was started via "./vaultwarden" or via systemd. * Create a new organization * Set the policy "Two-step Login" to enable * Invite a new user (as "user" or "manager") * Create the new account (by following the invitation email) — without setting a two-step factor. * Accept the user in the organization. ### Expected behaviour * A user without a Two-step login enabled, should not be able to join a organization with "Two-step login" setting enabled. ### Actual behaviour * A user without a Two-step login enable can join an organization with "Two-step login" enabled.

kerem closed this issue

2026-03-03 02:06:05 +03:00

kerem commented

2026-03-03 02:06:06 +03:00

Author

Owner

@bokkabonga commented on GitHub (Jul 12, 2021):

There is an existing PR for this which is pending a review and checks, as far as i know. See #1604

@bokkabonga commented on GitHub (Jul 12, 2021): There is an existing PR for this which is pending a review and checks, as far as i know. See #1604

kerem commented

2026-03-03 02:06:06 +03:00

Author

Owner

@guillaume-u commented on GitHub (Jul 12, 2021):

You're right, it's the same issue as #981

Sorry.

Guillaume.

@guillaume-u commented on GitHub (Jul 12, 2021): You're right, it's the same issue as #981 Sorry. Guillaume.