From ed0490730076298590421473f95b5391ff51d011 Mon Sep 17 00:00:00 2001
From: Shane Melton <smelton@bitwarden.com>
Date: Wed, 14 Jun 2023 13:09:56 -0700
Subject: [PATCH 01/13] [PM-2049] Update entity events dialog (#5417)

* [AC-1145] Update entity-events.component.ts to a CL dialog

- Add EntityEventsDialogParams
- Add static helper method to open the dialog with the dialog service
- Update existing usages of the entity-events.component.ts

* [AC-1145] Update entity-events.component.ts to use CL components and form actions

- Use bit-table and TableDataSource
- Update to reactive form for date filter
- Make dialog component standalone
- Use bitAction in-place of component promises
- Remove redundant try/catch that is now handled by bitAction and bitSubmit
- Add new try/catch on first load to catch any errors during initial dialog open

* [PM-2049] Make dataSource and filterFormGroup protected

* [PM-2049] Remove bit-form-field container

Remove the bit-form-field tags that wrapped the date inputs to avoid additional styling that is not applicable to inline form elements.

Add back the missing `-` that was removed by mistake.

* [PM-2049] Remove entity events dialog component selector
---
 .../manage/entity-events.component.html       | 179 +++++++---------
 .../manage/entity-events.component.ts         | 191 +++++++++++-------
 .../members/people.component.html             |   1 -
 .../organizations/members/people.component.ts |  20 +-
 .../src/app/shared/loose-components.module.ts |   3 -
 .../app/vault/org-vault/vault.component.html  |   1 -
 .../app/vault/org-vault/vault.component.ts    |  18 +-
 .../providers/manage/people.component.html    |   1 -
 .../providers/manage/people.component.ts      |  18 +-
 9 files changed, 217 insertions(+), 215 deletions(-)

diff --git a/apps/web/src/app/admin-console/organizations/manage/entity-events.component.html b/apps/web/src/app/admin-console/organizations/manage/entity-events.component.html
index 85c9d47492..8d8cfad34e 100644
--- a/apps/web/src/app/admin-console/organizations/manage/entity-events.component.html
+++ b/apps/web/src/app/admin-console/organizations/manage/entity-events.component.html
@@ -1,118 +1,89 @@
-<div class="modal fade" role="dialog" aria-modal="true" aria-labelledby="eventLogsTitle">
-  <div class="modal-dialog modal-dialog-scrollable modal-lg" role="document">
-    <div class="modal-content">
-      <div class="modal-header">
-        <h1 class="modal-title" id="eventLogsTitle">
-          {{ "eventLogs" | i18n }}
-          <small class="text-muted" *ngIf="name">{{ name }}</small>
-        </h1>
-        <button
-          type="button"
-          class="close"
-          data-dismiss="modal"
-          appA11yTitle="{{ 'close' | i18n }}"
-        >
-          <span aria-hidden="true">&times;</span>
-        </button>
-      </div>
-      <div class="modal-body" *ngIf="!loaded">
-        <i
-          class="bwi bwi-spinner bwi-spin text-muted"
-          title="{{ 'loading' | i18n }}"
-          aria-hidden="true"
-        ></i>
-        <span class="sr-only">{{ "loading" | i18n }}</span>
-      </div>
-      <div class="modal-body" *ngIf="loaded">
-        <div class="d-flex">
-          <div class="form-inline">
-            <label class="sr-only" for="start">{{ "startDate" | i18n }}</label>
+<bit-dialog dialogSize="large" [loading]="loading">
+  <span bitDialogTitle>
+    {{ "eventLogs" | i18n }}
+    <small class="tw-text-muted" *ngIf="name">{{ name }}</small>
+  </span>
+  <div bitDialogContent>
+    <form [formGroup]="filterFormGroup" [bitSubmit]="refreshEvents">
+      <div class="tw-flex tw-items-center tw-space-x-2">
+        <div>
+          <label class="tw-sr-only" for="start">{{ "startDate" | i18n }}</label>
+          <span>
             <input
+              bitInput
               type="datetime-local"
-              class="form-control form-control-sm"
               id="start"
               placeholder="{{ 'startDate' | i18n }}"
-              [(ngModel)]="start"
-              placeholder="YYYY-MM-DDTHH:MM"
+              formControlName="start"
             />
-            <span class="mx-2">-</span>
-            <label class="sr-only" for="end">{{ "endDate" | i18n }}</label>
+          </span>
+        </div>
+        <span class="tw-mx-2">-</span>
+        <div>
+          <label class="tw-sr-only" for="end">{{ "endDate" | i18n }}</label>
+          <span>
             <input
+              bitInput
               type="datetime-local"
-              class="form-control form-control-sm"
               id="end"
               placeholder="{{ 'endDate' | i18n }}"
-              [(ngModel)]="end"
-              placeholder="YYYY-MM-DDTHH:MM"
+              formControlName="end"
             />
-          </div>
-          <button
-            #refreshBtn
-            [appApiAction]="refreshPromise"
-            type="button"
-            class="btn btn-sm btn-outline-primary ml-3"
-            (click)="loadEvents(true)"
-            [disabled]="loaded && $any(refreshBtn).loading"
-          >
+          </span>
+        </div>
+        <button type="submit" bitButton buttonType="primary" bitFormButton>
+          <i class="bwi bwi-refresh bwi-fw" aria-hidden="true"></i>
+          {{ "refresh" | i18n }}
+        </button>
+      </div>
+    </form>
+    <hr />
+    <div *ngIf="!dataSource.data || !dataSource.data.length">
+      {{ "noEventsInList" | i18n }}
+    </div>
+    <bit-table [dataSource]="dataSource" *ngIf="dataSource?.data?.length">
+      <ng-container header>
+        <tr>
+          <th bitCell>{{ "timestamp" | i18n }}</th>
+          <th bitCell>
+            <span class="tw-sr-only">{{ "client" | i18n }}</span>
+          </th>
+          <th bitCell *ngIf="showUser">{{ "member" | i18n }}</th>
+          <th bitCell>{{ "event" | i18n }}</th>
+        </tr>
+      </ng-container>
+      <ng-template body let-rows$>
+        <tr bitRow *ngFor="let r of rows$ | async">
+          <td bitCell>{{ r.date | date : "medium" }}</td>
+          <td bitCell>
             <i
-              class="bwi bwi-refresh bwi-fw"
-              [ngClass]="{ 'bwi-spin': loaded && $any(refreshBtn).loading }"
+              class="tw-text-muted bwi bwi-lg {{ r.appIcon }}"
+              title="{{ r.appName }}, {{ r.ip }}"
               aria-hidden="true"
             ></i>
-            {{ "refresh" | i18n }}
-          </button>
-        </div>
-        <hr />
-        <div *ngIf="!events || !events.length">
-          {{ "noEventsInList" | i18n }}
-        </div>
-        <table class="table table-hover mb-0" *ngIf="events && events.length">
-          <thead>
-            <tr>
-              <th class="border-top-0" width="210">{{ "timestamp" | i18n }}</th>
-              <th class="border-top-0" width="40">
-                <span class="sr-only">{{ "device" | i18n }}</span>
-              </th>
-              <th class="border-top-0" width="150" *ngIf="showUser">{{ "user" | i18n }}</th>
-              <th class="border-top-0">{{ "event" | i18n }}</th>
-            </tr>
-          </thead>
-          <tbody>
-            <tr *ngFor="let e of events">
-              <td>{{ e.date | date : "medium" }}</td>
-              <td>
-                <i
-                  class="text-muted bwi bwi-lg {{ e.appIcon }}"
-                  title="{{ e.appName }}, {{ e.ip }}"
-                  aria-hidden="true"
-                ></i>
-                <span class="sr-only">{{ e.appName }}, {{ e.ip }}</span>
-              </td>
-              <td *ngIf="showUser">
-                <span appA11yTitle="{{ e.userEmail }}">{{ e.userName }}</span>
-              </td>
-              <td [innerHTML]="e.message"></td>
-            </tr>
-          </tbody>
-        </table>
-        <button
-          #moreBtn
-          [appApiAction]="morePromise"
-          type="button"
-          class="btn btn-block btn-link btn-submit"
-          (click)="loadEvents(false)"
-          [disabled]="loaded && $any(moreBtn).loading"
-          *ngIf="continuationToken"
-        >
-          <i class="bwi bwi-spinner bwi-spin" title="{{ 'loading' | i18n }}" aria-hidden="true"></i>
-          <span>{{ "loadMore" | i18n }}</span>
-        </button>
-      </div>
-      <div class="modal-footer">
-        <button type="button" class="btn btn-outline-secondary" data-dismiss="modal">
-          {{ "close" | i18n }}
-        </button>
-      </div>
-    </div>
+            <span class="tw-sr-only">{{ r.appName }}, {{ r.ip }}</span>
+          </td>
+          <td bitCell *ngIf="showUser">
+            <span appA11yTitle="{{ r.userEmail }}">{{ r.userName }}</span>
+          </td>
+          <td bitCell [innerHTML]="r.message"></td>
+        </tr>
+      </ng-template>
+    </bit-table>
+    <button
+      bitButton
+      buttonType="secondary"
+      block
+      [bitAction]="loadMoreEvents"
+      type="button"
+      *ngIf="continuationToken"
+    >
+      {{ "loadMore" | i18n }}
+    </button>
   </div>
-</div>
+  <ng-container bitDialogFooter>
+    <button bitButton buttonType="secondary" type="button" bitDialogClose>
+      {{ "close" | i18n }}
+    </button>
+  </ng-container>
+</bit-dialog>
diff --git a/apps/web/src/app/admin-console/organizations/manage/entity-events.component.ts b/apps/web/src/app/admin-console/organizations/manage/entity-events.component.ts
index d6ecb8ca94..e27efc43db 100644
--- a/apps/web/src/app/admin-console/organizations/manage/entity-events.component.ts
+++ b/apps/web/src/app/admin-console/organizations/manage/entity-events.component.ts
@@ -1,78 +1,114 @@
-import { Component, Input, OnInit } from "@angular/core";
+import { DIALOG_DATA, DialogConfig } from "@angular/cdk/dialog";
+import { Component, Inject, OnInit } from "@angular/core";
+import { FormBuilder } from "@angular/forms";
 
 import { UserNamePipe } from "@bitwarden/angular/pipes/user-name.pipe";
+import { DialogServiceAbstraction } from "@bitwarden/angular/services/dialog";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { OrganizationUserService } from "@bitwarden/common/abstractions/organization-user/organization-user.service";
 import { EventResponse } from "@bitwarden/common/models/response/event.response";
 import { ListResponse } from "@bitwarden/common/models/response/list.response";
+import { EventView } from "@bitwarden/common/models/view/event.view";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
+import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
+import { TableDataSource } from "@bitwarden/components";
 
 import { EventService } from "../../../core";
+import { SharedModule } from "../../../shared";
+
+export interface EntityEventsDialogParams {
+  entity: "user" | "cipher";
+  entityId: string;
+
+  organizationId?: string;
+  providerId?: string;
+  showUser?: boolean;
+  name?: string;
+}
 
 @Component({
-  selector: "app-entity-events",
+  imports: [SharedModule],
   templateUrl: "entity-events.component.html",
+  standalone: true,
 })
 export class EntityEventsComponent implements OnInit {
-  @Input() name: string;
-  @Input() entity: "user" | "cipher";
-  @Input() entityId: string;
-  @Input() organizationId: string;
-  @Input() providerId: string;
-  @Input() showUser = false;
-
   loading = true;
-  loaded = false;
-  events: any[];
-  start: string;
-  end: string;
   continuationToken: string;
-  refreshPromise: Promise<any>;
-  morePromise: Promise<any>;
+  protected dataSource = new TableDataSource<EventView>();
+  protected filterFormGroup = this.formBuilder.group({
+    start: [""],
+    end: [""],
+  });
 
   private orgUsersUserIdMap = new Map<string, any>();
   private orgUsersIdMap = new Map<string, any>();
 
+  get name() {
+    return this.params.name;
+  }
+
+  get showUser() {
+    return this.params.showUser ?? false;
+  }
+
   constructor(
+    @Inject(DIALOG_DATA) private params: EntityEventsDialogParams,
     private apiService: ApiService,
     private i18nService: I18nService,
     private eventService: EventService,
     private platformUtilsService: PlatformUtilsService,
     private userNamePipe: UserNamePipe,
     private logService: LogService,
-    private organizationUserService: OrganizationUserService
+    private organizationUserService: OrganizationUserService,
+    private formBuilder: FormBuilder,
+    private validationService: ValidationService
   ) {}
 
   async ngOnInit() {
     const defaultDates = this.eventService.getDefaultDateFilters();
-    this.start = defaultDates[0];
-    this.end = defaultDates[1];
+    this.filterFormGroup.setValue({
+      start: defaultDates[0],
+      end: defaultDates[1],
+    });
     await this.load();
   }
 
   async load() {
-    if (this.showUser) {
-      const response = await this.organizationUserService.getAllUsers(this.organizationId);
-      response.data.forEach((u) => {
-        const name = this.userNamePipe.transform(u);
-        this.orgUsersIdMap.set(u.id, { name: name, email: u.email });
-        this.orgUsersUserIdMap.set(u.userId, { name: name, email: u.email });
-      });
+    try {
+      if (this.showUser) {
+        const response = await this.organizationUserService.getAllUsers(this.params.organizationId);
+        response.data.forEach((u) => {
+          const name = this.userNamePipe.transform(u);
+          this.orgUsersIdMap.set(u.id, { name: name, email: u.email });
+          this.orgUsersUserIdMap.set(u.userId, { name: name, email: u.email });
+        });
+      }
+      await this.loadEvents(true);
+    } catch (e) {
+      this.logService.error(e);
+      this.validationService.showError(e);
     }
-    await this.loadEvents(true);
-    this.loaded = true;
+
+    this.loading = false;
   }
 
-  async loadEvents(clearExisting: boolean) {
-    if (this.refreshPromise != null || this.morePromise != null) {
-      return;
-    }
+  loadMoreEvents = async () => {
+    await this.loadEvents(false);
+  };
 
+  refreshEvents = async () => {
+    await this.loadEvents(true);
+  };
+
+  private async loadEvents(clearExisting: boolean) {
     let dates: string[] = null;
     try {
-      dates = this.eventService.formatDateFilters(this.start, this.end);
+      dates = this.eventService.formatDateFilters(
+        this.filterFormGroup.value.start,
+        this.filterFormGroup.value.end
+      );
     } catch (e) {
       this.platformUtilsService.showToast(
         "error",
@@ -82,46 +118,34 @@ export class EntityEventsComponent implements OnInit {
       return;
     }
 
-    this.loading = true;
     let response: ListResponse<EventResponse>;
-    try {
-      let promise: Promise<any>;
-      if (this.entity === "user" && this.providerId) {
-        promise = this.apiService.getEventsProviderUser(
-          this.providerId,
-          this.entityId,
-          dates[0],
-          dates[1],
-          clearExisting ? null : this.continuationToken
-        );
-      } else if (this.entity === "user") {
-        promise = this.apiService.getEventsOrganizationUser(
-          this.organizationId,
-          this.entityId,
-          dates[0],
-          dates[1],
-          clearExisting ? null : this.continuationToken
-        );
-      } else {
-        promise = this.apiService.getEventsCipher(
-          this.entityId,
-          dates[0],
-          dates[1],
-          clearExisting ? null : this.continuationToken
-        );
-      }
-      if (clearExisting) {
-        this.refreshPromise = promise;
-      } else {
-        this.morePromise = promise;
-      }
-      response = await promise;
-    } catch (e) {
-      this.logService.error(e);
+    if (this.params.entity === "user" && this.params.providerId) {
+      response = await this.apiService.getEventsProviderUser(
+        this.params.providerId,
+        this.params.entityId,
+        dates[0],
+        dates[1],
+        clearExisting ? null : this.continuationToken
+      );
+    } else if (this.params.entity === "user") {
+      response = await this.apiService.getEventsOrganizationUser(
+        this.params.organizationId,
+        this.params.entityId,
+        dates[0],
+        dates[1],
+        clearExisting ? null : this.continuationToken
+      );
+    } else {
+      response = await this.apiService.getEventsCipher(
+        this.params.entityId,
+        dates[0],
+        dates[1],
+        clearExisting ? null : this.continuationToken
+      );
     }
 
     this.continuationToken = response.continuationToken;
-    const events = await Promise.all(
+    const events: EventView[] = await Promise.all(
       response.data.map(async (r) => {
         const userId = r.actingUserId == null ? r.userId : r.actingUserId;
         const eventInfo = await this.eventService.getEventInfo(r);
@@ -129,8 +153,10 @@ export class EntityEventsComponent implements OnInit {
           this.showUser && userId != null && this.orgUsersUserIdMap.has(userId)
             ? this.orgUsersUserIdMap.get(userId)
             : null;
-        return {
+
+        return new EventView({
           message: eventInfo.message,
+          humanReadableMessage: eventInfo.humanReadableMessage,
           appIcon: eventInfo.appIcon,
           appName: eventInfo.appName,
           userId: userId,
@@ -139,18 +165,29 @@ export class EntityEventsComponent implements OnInit {
           date: r.date,
           ip: r.ipAddress,
           type: r.type,
-        };
+          installationId: r.installationId,
+          systemUser: r.systemUser,
+          serviceAccountId: r.serviceAccountId,
+        });
       })
     );
 
-    if (!clearExisting && this.events != null && this.events.length > 0) {
-      this.events = this.events.concat(events);
+    if (!clearExisting && this.dataSource.data != null && this.dataSource.data.length > 0) {
+      this.dataSource.data = this.dataSource.data.concat(events);
     } else {
-      this.events = events;
+      this.dataSource.data = events;
     }
-
-    this.loading = false;
-    this.morePromise = null;
-    this.refreshPromise = null;
   }
 }
+
+/**
+ * Strongly typed helper to open a EntityEventsComponent as a dialog
+ * @param dialogService Instance of the dialog service that will be used to open the dialog
+ * @param config Configuration for the dialog
+ */
+export const openEntityEventsDialog = (
+  dialogService: DialogServiceAbstraction,
+  config: DialogConfig<EntityEventsDialogParams>
+) => {
+  return dialogService.open<void, EntityEventsDialogParams>(EntityEventsComponent, config);
+};
diff --git a/apps/web/src/app/admin-console/organizations/members/people.component.html b/apps/web/src/app/admin-console/organizations/members/people.component.html
index 8154340bb8..c93380b466 100644
--- a/apps/web/src/app/admin-console/organizations/members/people.component.html
+++ b/apps/web/src/app/admin-console/organizations/members/people.component.html
@@ -317,7 +317,6 @@
   </ng-container>
   <ng-template #addEdit></ng-template>
   <ng-template #groupsTemplate></ng-template>
-  <ng-template #eventsTemplate></ng-template>
   <ng-template #confirmTemplate></ng-template>
   <ng-template #resetPasswordTemplate></ng-template>
   <ng-template #bulkStatusTemplate></ng-template>
diff --git a/apps/web/src/app/admin-console/organizations/members/people.component.ts b/apps/web/src/app/admin-console/organizations/members/people.component.ts
index e86b5a27ec..64b7f2c20c 100644
--- a/apps/web/src/app/admin-console/organizations/members/people.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/people.component.ts
@@ -16,10 +16,10 @@ import {
 import { SearchPipe } from "@bitwarden/angular/pipes/search.pipe";
 import { UserNamePipe } from "@bitwarden/angular/pipes/user-name.pipe";
 import {
-  SimpleDialogType,
   DialogServiceAbstraction,
   SimpleDialogCloseType,
   SimpleDialogOptions,
+  SimpleDialogType,
 } from "@bitwarden/angular/services/dialog";
 import { ModalService } from "@bitwarden/angular/services/modal.service";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
@@ -55,7 +55,7 @@ import { CollectionData } from "@bitwarden/common/vault/models/data/collection.d
 import { Collection } from "@bitwarden/common/vault/models/domain/collection";
 import { CollectionDetailsResponse } from "@bitwarden/common/vault/models/response/collection.response";
 
-import { EntityEventsComponent } from "../../../admin-console/organizations/manage/entity-events.component";
+import { openEntityEventsDialog } from "../../../admin-console/organizations/manage/entity-events.component";
 import { BasePeopleComponent } from "../../../common/base.people.component";
 import { GroupService } from "../core";
 import { OrganizationUserView } from "../core/views/organization-user.view";
@@ -81,8 +81,6 @@ export class PeopleComponent
 {
   @ViewChild("groupsTemplate", { read: ViewContainerRef, static: true })
   groupsModalRef: ViewContainerRef;
-  @ViewChild("eventsTemplate", { read: ViewContainerRef, static: true })
-  eventsModalRef: ViewContainerRef;
   @ViewChild("confirmTemplate", { read: ViewContainerRef, static: true })
   confirmModalRef: ViewContainerRef;
   @ViewChild("resetPasswordTemplate", { read: ViewContainerRef, static: true })
@@ -513,12 +511,14 @@ export class PeopleComponent
   }
 
   async events(user: OrganizationUserView) {
-    await this.modalService.openViewRef(EntityEventsComponent, this.eventsModalRef, (comp) => {
-      comp.name = this.userNamePipe.transform(user);
-      comp.organizationId = this.organization.id;
-      comp.entityId = user.id;
-      comp.showUser = false;
-      comp.entity = "user";
+    await openEntityEventsDialog(this.dialogService, {
+      data: {
+        name: this.userNamePipe.transform(user),
+        organizationId: this.organization.id,
+        entityId: user.id,
+        showUser: false,
+        entity: "user",
+      },
     });
   }
 
diff --git a/apps/web/src/app/shared/loose-components.module.ts b/apps/web/src/app/shared/loose-components.module.ts
index c9f115a273..db6a427138 100644
--- a/apps/web/src/app/shared/loose-components.module.ts
+++ b/apps/web/src/app/shared/loose-components.module.ts
@@ -3,7 +3,6 @@ import { NgModule } from "@angular/core";
 import { OrganizationSwitcherComponent } from "../admin-console/components/organization-switcher.component";
 import { OrganizationCreateModule } from "../admin-console/organizations/create/organization-create.module";
 import { OrganizationLayoutComponent } from "../admin-console/organizations/layouts/organization-layout.component";
-import { EntityEventsComponent as OrgEntityEventsComponent } from "../admin-console/organizations/manage/entity-events.component";
 import { EventsComponent as OrgEventsComponent } from "../admin-console/organizations/manage/events.component";
 import { UserConfirmComponent as OrgUserConfirmComponent } from "../admin-console/organizations/manage/user-confirm.component";
 import { AcceptFamilySponsorshipComponent } from "../admin-console/organizations/sponsorships/accept-family-sponsorship.component";
@@ -166,7 +165,6 @@ import { SharedModule } from "./shared.module";
     OrganizationPlansComponent,
     OrgAttachmentsComponent,
     OrgCollectionsComponent,
-    OrgEntityEventsComponent,
     OrgEventsComponent,
     OrgExposedPasswordsReportComponent,
     OrgInactiveTwoFactorReportComponent,
@@ -271,7 +269,6 @@ import { SharedModule } from "./shared.module";
     OrganizationPlansComponent,
     OrgAttachmentsComponent,
     OrgCollectionsComponent,
-    OrgEntityEventsComponent,
     OrgEventsComponent,
     OrgExposedPasswordsReportComponent,
     OrgInactiveTwoFactorReportComponent,
diff --git a/apps/web/src/app/vault/org-vault/vault.component.html b/apps/web/src/app/vault/org-vault/vault.component.html
index d3109774c2..c586a94f7a 100644
--- a/apps/web/src/app/vault/org-vault/vault.component.html
+++ b/apps/web/src/app/vault/org-vault/vault.component.html
@@ -96,5 +96,4 @@
   <ng-template #attachments></ng-template>
   <ng-template #cipherAddEdit></ng-template>
   <ng-template #collectionsModal></ng-template>
-  <ng-template #eventsTemplate></ng-template>
 </div>
diff --git a/apps/web/src/app/vault/org-vault/vault.component.ts b/apps/web/src/app/vault/org-vault/vault.component.ts
index 8048ade1c7..7b6b926e49 100644
--- a/apps/web/src/app/vault/org-vault/vault.component.ts
+++ b/apps/web/src/app/vault/org-vault/vault.component.ts
@@ -56,7 +56,7 @@ import { CollectionView } from "@bitwarden/common/vault/models/view/collection.v
 import { Icons } from "@bitwarden/components";
 
 import { GroupService, GroupView } from "../../admin-console/organizations/core";
-import { EntityEventsComponent } from "../../admin-console/organizations/manage/entity-events.component";
+import { openEntityEventsDialog } from "../../admin-console/organizations/manage/entity-events.component";
 import { VaultFilterService } from "../../vault/individual-vault/vault-filter/services/abstractions/vault-filter.service";
 import { VaultFilter } from "../../vault/individual-vault/vault-filter/shared/models/vault-filter.model";
 import {
@@ -109,8 +109,6 @@ export class VaultComponent implements OnInit, OnDestroy {
   cipherAddEditModalRef: ViewContainerRef;
   @ViewChild("collectionsModal", { read: ViewContainerRef, static: true })
   collectionsModalRef: ViewContainerRef;
-  @ViewChild("eventsTemplate", { read: ViewContainerRef, static: true })
-  eventsModalRef: ViewContainerRef;
 
   trashCleanupWarning: string = null;
   activeFilter: VaultFilter = new VaultFilter();
@@ -885,12 +883,14 @@ export class VaultComponent implements OnInit, OnDestroy {
   }
 
   async viewEvents(cipher: CipherView) {
-    await this.modalService.openViewRef(EntityEventsComponent, this.eventsModalRef, (comp) => {
-      comp.name = cipher.name;
-      comp.organizationId = this.organization.id;
-      comp.entityId = cipher.id;
-      comp.showUser = true;
-      comp.entity = "cipher";
+    await openEntityEventsDialog(this.dialogService, {
+      data: {
+        name: cipher.name,
+        organizationId: this.organization.id,
+        entityId: cipher.id,
+        showUser: true,
+        entity: "cipher",
+      },
     });
   }
 
diff --git a/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.html b/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.html
index 00bf5eda26..152253fe4d 100644
--- a/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.html
+++ b/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.html
@@ -209,7 +209,6 @@
   </ng-container>
 </ng-container>
 <ng-template #addEdit></ng-template>
-<ng-template #eventsTemplate></ng-template>
 <ng-template #confirmTemplate></ng-template>
 <ng-template #bulkStatusTemplate></ng-template>
 <ng-template #bulkConfirmTemplate></ng-template>
diff --git a/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.ts b/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.ts
index 7c787951d4..304ab346f3 100644
--- a/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.ts
+++ b/bitwarden_license/bit-web/src/app/admin-console/providers/manage/people.component.ts
@@ -21,7 +21,7 @@ import { LogService } from "@bitwarden/common/platform/abstractions/log.service"
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
 import { StateService } from "@bitwarden/common/platform/abstractions/state.service";
 import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
-import { EntityEventsComponent } from "@bitwarden/web-vault/app/admin-console/organizations/manage/entity-events.component";
+import { openEntityEventsDialog } from "@bitwarden/web-vault/app/admin-console/organizations/manage/entity-events.component";
 import { BulkStatusComponent } from "@bitwarden/web-vault/app/admin-console/organizations/members/components/bulk/bulk-status.component";
 import { BasePeopleComponent } from "@bitwarden/web-vault/app/common/base.people.component";
 
@@ -41,8 +41,6 @@ export class PeopleComponent
   @ViewChild("addEdit", { read: ViewContainerRef, static: true }) addEditModalRef: ViewContainerRef;
   @ViewChild("groupsTemplate", { read: ViewContainerRef, static: true })
   groupsModalRef: ViewContainerRef;
-  @ViewChild("eventsTemplate", { read: ViewContainerRef, static: true })
-  eventsModalRef: ViewContainerRef;
   @ViewChild("bulkStatusTemplate", { read: ViewContainerRef, static: true })
   bulkStatusModalRef: ViewContainerRef;
   @ViewChild("bulkConfirmTemplate", { read: ViewContainerRef, static: true })
@@ -167,12 +165,14 @@ export class PeopleComponent
   }
 
   async events(user: ProviderUserUserDetailsResponse) {
-    await this.modalService.openViewRef(EntityEventsComponent, this.eventsModalRef, (comp) => {
-      comp.name = this.userNamePipe.transform(user);
-      comp.providerId = this.providerId;
-      comp.entityId = user.id;
-      comp.showUser = false;
-      comp.entity = "user";
+    await openEntityEventsDialog(this.dialogService, {
+      data: {
+        name: this.userNamePipe.transform(user),
+        providerId: this.providerId,
+        entityId: user.id,
+        showUser: false,
+        entity: "user",
+      },
     });
   }
 

From 9ed59c6fa929d71291bdd3d954e6b6f3d87080f7 Mon Sep 17 00:00:00 2001
From: Daniel Chateau <me@danielchateau.com>
Date: Wed, 14 Jun 2023 16:59:29 -0400
Subject: [PATCH 02/13] Update request headers sent to AnonAddy API. (#5565)

---
 .../generator/username/email-forwarders/anon-addy-forwarder.ts   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libs/common/src/tools/generator/username/email-forwarders/anon-addy-forwarder.ts b/libs/common/src/tools/generator/username/email-forwarders/anon-addy-forwarder.ts
index 6b4bc42314..b20f22ecf8 100644
--- a/libs/common/src/tools/generator/username/email-forwarders/anon-addy-forwarder.ts
+++ b/libs/common/src/tools/generator/username/email-forwarders/anon-addy-forwarder.ts
@@ -18,6 +18,7 @@ export class AnonAddyForwarder implements Forwarder {
       headers: new Headers({
         Authorization: "Bearer " + options.apiKey,
         "Content-Type": "application/json",
+        "X-Requested-With": "XMLHttpRequest",
       }),
     };
     const url = "https://app.anonaddy.com/api/v1/aliases";

From 44f74483d96bddd2e00e374beedea42a12dfc19a Mon Sep 17 00:00:00 2001
From: Robyn MacCallum <robyntmaccallum@gmail.com>
Date: Thu, 15 Jun 2023 12:43:36 -0400
Subject: [PATCH 03/13] Change ownership of autofill from vault to client
 integrations (#5619)

---
 .github/CODEOWNERS | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index a954236cdf..d0526b1a79 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -31,7 +31,6 @@ libs/exporter @bitwarden/team-tools-dev
 libs/importer @bitwarden/team-tools-dev
 
 ## Vault team files ##
-apps/browser/src/autofill @bitwarden/team-vault-dev
 apps/browser/src/vault @bitwarden/team-vault-dev
 apps/cli/src/vault @bitwarden/team-vault-dev
 apps/desktop/src/vault @bitwarden/team-vault-dev
@@ -69,6 +68,9 @@ apps/web/src/app/core @bitwarden/team-platform-dev
 apps/web/src/app/shared @bitwarden/team-platform-dev
 apps/web/src/translation-constants.ts @bitwarden/team-platform-dev
 
+## Client Integrations team files ##
+apps/browser/src/autofill @bitwarden/team-client-integrations-dev
+
 ## Component Library ##
 libs/components @bitwarden/team-platform-dev
 

From bec51c95f9b1e7a189ab8ae7e4a8d752bd590ddc Mon Sep 17 00:00:00 2001
From: Vince Grassia <593223+vgrassia@users.noreply.github.com>
Date: Thu, 15 Jun 2023 12:54:39 -0400
Subject: [PATCH 04/13] Add EU Prod environment to Web build (#5620)

---
 .github/workflows/build-web.yml       |  6 ++----
 .github/workflows/deploy-prod-web.yml | 13 +++++++++++++
 apps/web/config/euprd.json            | 11 +++++++++++
 apps/web/config/poc.json              | 11 -----------
 apps/web/package.json                 |  2 +-
 5 files changed, 27 insertions(+), 16 deletions(-)
 create mode 100644 .github/workflows/deploy-prod-web.yml
 create mode 100644 apps/web/config/euprd.json
 delete mode 100644 apps/web/config/poc.json

diff --git a/.github/workflows/build-web.yml b/.github/workflows/build-web.yml
index 05c6b0f8b6..fd4a700131 100644
--- a/.github/workflows/build-web.yml
+++ b/.github/workflows/build-web.yml
@@ -80,12 +80,10 @@ jobs:
             npm_command: "dist:bit:selfhost"
           - name: "cloud-QA"
             npm_command: "build:bit:qa"
-          - name: "cloud-POC2"
-            npm_command: "build:bit:poc"
           - name: "ee"
             npm_command: "build:bit:ee"
-          - name: "cloud-eudevtest"
-            npm_command: "build:bit:eudevtest"
+          - name: "cloud-euprd"
+            npm_command: "build:bit:euprd"
 
     steps:
       - name: Checkout repo
diff --git a/.github/workflows/deploy-prod-web.yml b/.github/workflows/deploy-prod-web.yml
new file mode 100644
index 0000000000..144b23e390
--- /dev/null
+++ b/.github/workflows/deploy-prod-web.yml
@@ -0,0 +1,13 @@
+---
+name: Deploy Web - EU Prod - STUB
+
+on:
+  workflow_dispatch:
+
+jobs:
+  stub-job:
+    name: Stub Job
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Stub Step
+        run: exit 0
diff --git a/apps/web/config/euprd.json b/apps/web/config/euprd.json
new file mode 100644
index 0000000000..3813074b7c
--- /dev/null
+++ b/apps/web/config/euprd.json
@@ -0,0 +1,11 @@
+{
+  "urls": {
+    "icons": "https://icons.bitwarden.net",
+    "notifications": "https://notifications.bitwarden.net",
+    "scim": "https://scim.bitwarden.net"
+  },
+  "flags": {
+    "secretsManager": true,
+    "showPasswordless": true
+  }
+}
diff --git a/apps/web/config/poc.json b/apps/web/config/poc.json
deleted file mode 100644
index 0d2f4d2ec4..0000000000
--- a/apps/web/config/poc.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-  "urls": {
-    "icons": "https://icons.poc2.bitwarden.pw",
-    "notifications": "https://notifications.poc2.bitwarden.pw",
-    "scim": "https://scim.poc2.bitwarden.pw"
-  },
-  "flags": {
-    "secretsManager": true,
-    "showPasswordless": true
-  }
-}
diff --git a/apps/web/package.json b/apps/web/package.json
index c50b4df2a8..1aed639fdc 100644
--- a/apps/web/package.json
+++ b/apps/web/package.json
@@ -10,7 +10,7 @@
     "build:bit:dev:analyze": "cross-env LOGGING=false webpack -c ../../bitwarden_license/bit-web/webpack.config.js --profile --json > stats.json && npx webpack-bundle-analyzer stats.json build/",
     "build:bit:dev:watch": "cross-env ENV=development npm run build:bit:watch",
     "build:bit:qa": "cross-env NODE_ENV=production ENV=qa npm run build:bit",
-    "build:bit:poc": "cross-env NODE_ENV=production ENV=poc npm run build:bit",
+    "build:bit:euprd": "cross-env NODE_ENV=production ENV=euprd npm run build:bit",
     "build:bit:eudevtest": "cross-env NODE_ENV=production ENV=eudevtest npm run build:bit",
     "build:bit:cloud": "cross-env NODE_ENV=production ENV=cloud npm run build:bit",
     "build:oss:selfhost:watch": "cross-env ENV=selfhosted npm run build:oss:watch",

From 0afbd90a2d7018fe58799cf82965196fd8d20836 Mon Sep 17 00:00:00 2001
From: Shane Melton <smelton@bitwarden.com>
Date: Thu, 15 Jun 2023 14:53:21 -0700
Subject: [PATCH 05/13] [AC-1192] Create new device approvals component for TDE
 (#5548)

* Add feature flag route guard and tests

* Add additional test for not showing error toast

* Strengthen error toast test with message check

* Cleanup leaking test state in platformService mock

* Negate if statement to reduce nesting

* Update return type to CanActivateFn

* Use null check instead of undefined

* Introduce interface to support different feature flag types

- Switch to observable pattern to access serverConfig$ subject
- Add catchError handler to allow navigation in case of unexpected exception
- Add additional tests

* Add additional test for missing feature flag

* Remove subscription to the serverConfig observable

Introduce type checking logic to determine the appropriately typed flag getter to use in configService

* [AC-1192] Create initial device approvals component and route

* [AC-1192] Introduce appIfFeature directive for conditionally rendering content based on feature flags

* [AC-1192] Add DeviceApprovals link in Settings navigation

* Remove align middle from bitCell directive

The bitRow directive supports alignment for the entire row and should be used instead

* [AC-1192] Add initial device approvals page template

* [AC-1192] Introduce fingerprint pipe

* [AC-1192] Create core organization module in bitwarden_license directory

* [AC-1192] Add support for new Devices icon to no items component

- Add new Devices svg
- Make icon property of bit-no-items an Input property

* [AC-1192] Introduce organization-auth-request.service.ts with related views/responses

* [AC-1192] Display pending requests on device approvals page

- Add support for loading spinner and no items component

* [AC-1192] Add method to bulk deny auth requests

* [AC-1192] Add functionality to deny requests from device approvals page

* [AC-1192] Add organizationUserId to pending-auth-request.view.ts

* [AC-1192] Add approvePendingRequest method to organization-auth-request.service.ts

* [AC-1192] Add logic to approve a device approval request

* [AC-1192] Change bitMenuItem directive into a component and implement ButtonLikeAbstraction

Update the bitMenuItem to be a component and implement the ButtonLikeAbstraction to support the bitAction directive.

* [AC-1192] Update menu items to use bitActions

* [AC-1192] Update device approvals description copy

* [AC-1192] Revert changes to bitMenuItem directive

* [AC-1192] Rework menus to use click handlers

- Wrap async actions to catch/log any exceptions, set an in-progress state, and refresh after completion
- Show a loading spinner in the header when an action is in progress
- Disable all menu items when an action is in progress

* [AC-1192] Move Devices icon into admin-console web directory

* [AC-1192] bit-no-items formatting

* [AC-1192] Update appIfFeature directive to hide content on error

* [AC-1192] Remove deprecated providedIn for OrganizationAuthRequestService

* [AC-1192] Rename key to encryptedUserKey to be more descriptive

* [AC-1192] Cleanup loading/spinner logic on data refresh

* [AC-1192] Set middle as the default bitRow.alignContent

* [AC-1192] Change default alignRowContent for table story

* [AC-1192] Rename userId to fingerprintMaterial to be more general

The fingerprint material is not always the userId so this name is more general

* [AC-1192] Remove redundant alignContent attribute

* [AC-1192] Move fingerprint pipe to platform
---
 .../src/app/admin-console/icons/devices.ts    |  17 ++
 apps/web/src/app/admin-console/icons/index.ts |   1 +
 .../settings/settings.component.html          |  10 +
 .../settings/settings.component.ts            |   2 +
 apps/web/src/locales/en/messages.json         |  36 ++++
 .../core/core-organization.module.ts          |   8 +
 .../admin-console/organizations/core/index.ts |   1 +
 .../admin-auth-request-update.request.ts      |   8 +
 .../bulk-deny-auth-requests.request.ts        |   6 +
 .../core/services/auth-requests/index.ts      |   2 +
 .../organization-auth-request.service.ts      |  54 ++++++
 ...ding-organization-auth-request.response.ts |  26 +++
 .../core/views/pending-auth-request.view.ts   |  23 +++
 .../device-approvals.component.html           | 100 ++++++++++
 .../device-approvals.component.ts             | 174 ++++++++++++++++++
 .../organizations-routing.module.ts           |  15 ++
 .../organizations/organizations.module.ts     |   6 +-
 .../directives/if-feature.directive.spec.ts   | 137 ++++++++++++++
 .../src/directives/if-feature.directive.ts    |  67 +++++++
 libs/angular/src/jslib.module.ts              |  16 +-
 .../src/platform/pipes/fingerprint.pipe.ts    |  32 ++++
 .../src/no-items/no-items.component.ts        |   4 +-
 libs/components/src/table/cell.directive.ts   |   4 +-
 libs/components/src/table/row.directive.ts    |   2 +-
 libs/components/src/table/table.stories.ts    |   4 +-
 25 files changed, 746 insertions(+), 9 deletions(-)
 create mode 100644 apps/web/src/app/admin-console/icons/devices.ts
 create mode 100644 apps/web/src/app/admin-console/icons/index.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/core-organization.module.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/index.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/admin-auth-request-update.request.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/bulk-deny-auth-requests.request.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/index.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/organization-auth-request.service.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/pending-organization-auth-request.response.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/core/views/pending-auth-request.view.ts
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.html
 create mode 100644 bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.ts
 create mode 100644 libs/angular/src/directives/if-feature.directive.spec.ts
 create mode 100644 libs/angular/src/directives/if-feature.directive.ts
 create mode 100644 libs/angular/src/platform/pipes/fingerprint.pipe.ts

diff --git a/apps/web/src/app/admin-console/icons/devices.ts b/apps/web/src/app/admin-console/icons/devices.ts
new file mode 100644
index 0000000000..348c836c4b
--- /dev/null
+++ b/apps/web/src/app/admin-console/icons/devices.ts
@@ -0,0 +1,17 @@
+import { svgIcon } from "@bitwarden/components";
+
+export const Devices = svgIcon`
+<svg width="201" height="201" viewBox="0 0 201 201" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <g opacity=".49">
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M34.3628 82.0889H10.3628C7.04908 82.0889 4.36279 84.7752 4.36279 88.0889V148.089C4.36279 151.403 7.04909 154.089 10.3628 154.089H34.3628C37.6765 154.089 40.3628 151.403 40.3628 148.089V88.0889C40.3628 84.7752 37.6765 82.0889 34.3628 82.0889ZM10.3628 78.0889C4.83995 78.0889 0.362793 82.566 0.362793 88.0889V148.089C0.362793 153.612 4.83995 158.089 10.3628 158.089H34.3628C39.8856 158.089 44.3628 153.612 44.3628 148.089V88.0889C44.3628 82.566 39.8856 78.0889 34.3628 78.0889H10.3628Z" />
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M20.7329 86.8979C20.7329 86.3457 21.1806 85.8979 21.7329 85.8979H22.975C23.5273 85.8979 23.975 86.3457 23.975 86.8979C23.975 87.4502 23.5273 87.8979 22.975 87.8979H21.7329C21.1806 87.8979 20.7329 87.4502 20.7329 86.8979Z" />
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M68.3628 159.089C68.3628 158.537 68.8105 158.089 69.3628 158.089H127.363C127.915 158.089 128.363 158.537 128.363 159.089C128.363 159.641 127.915 160.089 127.363 160.089H69.3628C68.8105 160.089 68.3628 159.641 68.3628 159.089Z" />
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M88.103 159.089V141.325H90.103V159.089H88.103Z" />
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M108.073 159.089V141.325H110.073V159.089H108.073Z" />
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M27.3628 64.0889C27.3628 56.3569 33.6308 50.0889 41.3628 50.0889H157.363C165.095 50.0889 171.363 56.3569 171.363 64.0889V70.0889H167.363V64.0889C167.363 58.566 162.886 54.0889 157.363 54.0889H41.3628C35.8399 54.0889 31.3628 58.566 31.3628 64.0889V80.0889H27.3628V64.0889ZM42.3628 138.089H127.363V142.089H42.3628V138.089Z" />
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M35.3628 65.0889C35.3628 61.2229 38.4968 58.0889 42.3628 58.0889H156.363C160.229 58.0889 163.363 61.2229 163.363 65.0889V70.0889H161.363V65.0889C161.363 62.3274 159.124 60.0889 156.363 60.0889H42.3628C39.6014 60.0889 37.3628 62.3274 37.3628 65.0889V80.0889H35.3628V65.0889ZM42.3628 132.089H127.363V134.089H42.3628V132.089Z" />
+    <path class="tw-fill-secondary-500" fill-rule="evenodd" clip-rule="evenodd" d="M125.363 78.0889C125.363 72.566 129.84 68.0889 135.363 68.0889H188.363C193.886 68.0889 198.363 72.566 198.363 78.0889V158.089C198.363 163.612 193.886 168.089 188.363 168.089H135.363C129.84 168.089 125.363 163.612 125.363 158.089V78.0889ZM135.363 72.0889C132.049 72.0889 129.363 74.7752 129.363 78.0889V158.089C129.363 161.403 132.049 164.089 135.363 164.089H188.363C191.676 164.089 194.363 161.403 194.363 158.089V78.0889C194.363 74.7752 191.677 72.0889 188.363 72.0889H135.363Z" />
+    <path class="tw-fill-secondary-500" d="M164.363 159.089C164.363 160.193 163.467 161.089 162.363 161.089C161.258 161.089 160.363 160.193 160.363 159.089C160.363 157.984 161.258 157.089 162.363 157.089C163.467 157.089 164.363 157.984 164.363 159.089Z" />
+  </g>
+</svg>
+`;
diff --git a/apps/web/src/app/admin-console/icons/index.ts b/apps/web/src/app/admin-console/icons/index.ts
new file mode 100644
index 0000000000..e0c2c124af
--- /dev/null
+++ b/apps/web/src/app/admin-console/icons/index.ts
@@ -0,0 +1 @@
+export * from "./devices";
diff --git a/apps/web/src/app/admin-console/organizations/settings/settings.component.html b/apps/web/src/app/admin-console/organizations/settings/settings.component.html
index 146a720343..bc2b2e54a0 100644
--- a/apps/web/src/app/admin-console/organizations/settings/settings.component.html
+++ b/apps/web/src/app/admin-console/organizations/settings/settings.component.html
@@ -60,6 +60,16 @@
           >
             {{ "singleSignOn" | i18n }}
           </a>
+          <ng-container *appIfFeature="FeatureFlag.TrustedDeviceEncryption">
+            <a
+              routerLink="device-approvals"
+              class="list-group-item"
+              routerLinkActive="active"
+              *ngIf="org.canManageUsersPassword"
+            >
+              {{ "deviceApprovals" | i18n }}
+            </a>
+          </ng-container>
           <a
             routerLink="scim"
             class="list-group-item"
diff --git a/apps/web/src/app/admin-console/organizations/settings/settings.component.ts b/apps/web/src/app/admin-console/organizations/settings/settings.component.ts
index 4590432736..2a6e8117e2 100644
--- a/apps/web/src/app/admin-console/organizations/settings/settings.component.ts
+++ b/apps/web/src/app/admin-console/organizations/settings/settings.component.ts
@@ -4,6 +4,7 @@ import { Observable, switchMap } from "rxjs";
 
 import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
 import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 
 @Component({
   selector: "app-org-settings",
@@ -11,6 +12,7 @@ import { Organization } from "@bitwarden/common/admin-console/models/domain/orga
 })
 export class SettingsComponent implements OnInit {
   organization$: Observable<Organization>;
+  FeatureFlag = FeatureFlag;
 
   constructor(private route: ActivatedRoute, private organizationService: OrganizationService) {}
 
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index 9224bfe8d1..b9124dca16 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -6844,5 +6844,41 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
   }
 }
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/core-organization.module.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/core-organization.module.ts
new file mode 100644
index 0000000000..bba3bfce93
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/core-organization.module.ts
@@ -0,0 +1,8 @@
+import { NgModule } from "@angular/core";
+
+import { OrganizationAuthRequestService } from "./services/auth-requests";
+
+@NgModule({
+  providers: [OrganizationAuthRequestService],
+})
+export class CoreOrganizationModule {}
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/index.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/index.ts
new file mode 100644
index 0000000000..4d758be8c6
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/index.ts
@@ -0,0 +1 @@
+export * from "./core-organization.module";
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/admin-auth-request-update.request.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/admin-auth-request-update.request.ts
new file mode 100644
index 0000000000..a190d5809c
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/admin-auth-request-update.request.ts
@@ -0,0 +1,8 @@
+export class AdminAuthRequestUpdateRequest {
+  /**
+   *
+   * @param requestApproved - Whether the request was approved/denied. If true, the key must be provided.
+   * @param encryptedUserKey The user's symmetric key that has been encrypted with a device public key if the request was approved.
+   */
+  constructor(public requestApproved: boolean, public encryptedUserKey?: string) {}
+}
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/bulk-deny-auth-requests.request.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/bulk-deny-auth-requests.request.ts
new file mode 100644
index 0000000000..09054c4b58
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/bulk-deny-auth-requests.request.ts
@@ -0,0 +1,6 @@
+export class BulkDenyAuthRequestsRequest {
+  private ids: string[];
+  constructor(authRequestIds: string[]) {
+    this.ids = authRequestIds;
+  }
+}
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/index.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/index.ts
new file mode 100644
index 0000000000..d8c4bacd69
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/index.ts
@@ -0,0 +1,2 @@
+export * from "./pending-organization-auth-request.response";
+export * from "./organization-auth-request.service";
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/organization-auth-request.service.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/organization-auth-request.service.ts
new file mode 100644
index 0000000000..77e4cba033
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/organization-auth-request.service.ts
@@ -0,0 +1,54 @@
+import { Injectable } from "@angular/core";
+
+import { ApiService } from "@bitwarden/common/abstractions/api.service";
+import { ListResponse } from "@bitwarden/common/models/response/list.response";
+import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
+
+import { PendingAuthRequestView } from "../../views/pending-auth-request.view";
+
+import { AdminAuthRequestUpdateRequest } from "./admin-auth-request-update.request";
+import { BulkDenyAuthRequestsRequest } from "./bulk-deny-auth-requests.request";
+import { PendingOrganizationAuthRequestResponse } from "./pending-organization-auth-request.response";
+
+@Injectable()
+export class OrganizationAuthRequestService {
+  constructor(private apiService: ApiService) {}
+
+  async listPendingRequests(organizationId: string): Promise<PendingAuthRequestView[]> {
+    const r = await this.apiService.send(
+      "GET",
+      `/organizations/${organizationId}/auth-requests`,
+      null,
+      true,
+      true
+    );
+
+    const listResponse = new ListResponse(r, PendingOrganizationAuthRequestResponse);
+
+    return listResponse.data.map((ar) => PendingAuthRequestView.fromResponse(ar));
+  }
+
+  async denyPendingRequests(organizationId: string, ...requestIds: string[]): Promise<void> {
+    await this.apiService.send(
+      "POST",
+      `/organizations/${organizationId}/auth-requests/deny`,
+      new BulkDenyAuthRequestsRequest(requestIds),
+      true,
+      false
+    );
+  }
+
+  async approvePendingRequest(
+    organizationId: string,
+    requestId: string,
+    encryptedKey: EncString
+  ): Promise<void> {
+    await this.apiService.send(
+      "POST",
+      `/organizations/${organizationId}/auth-requests/${requestId}`,
+      new AdminAuthRequestUpdateRequest(true, encryptedKey.encryptedString),
+      true,
+      false
+    );
+  }
+}
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/pending-organization-auth-request.response.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/pending-organization-auth-request.response.ts
new file mode 100644
index 0000000000..b4854eea4a
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/services/auth-requests/pending-organization-auth-request.response.ts
@@ -0,0 +1,26 @@
+import { BaseResponse } from "@bitwarden/common/models/response/base.response";
+
+export class PendingOrganizationAuthRequestResponse extends BaseResponse {
+  id: string;
+  userId: string;
+  organizationUserId: string;
+  email: string;
+  publicKey: string;
+  requestDeviceIdentifier: string;
+  requestDeviceType: string;
+  requestIpAddress: string;
+  creationDate: string;
+
+  constructor(response: any) {
+    super(response);
+    this.id = this.getResponseProperty("Id");
+    this.userId = this.getResponseProperty("UserId");
+    this.organizationUserId = this.getResponseProperty("OrganizationUserId");
+    this.email = this.getResponseProperty("Email");
+    this.publicKey = this.getResponseProperty("PublicKey");
+    this.requestDeviceIdentifier = this.getResponseProperty("RequestDeviceIdentifier");
+    this.requestDeviceType = this.getResponseProperty("RequestDeviceType");
+    this.requestIpAddress = this.getResponseProperty("RequestIpAddress");
+    this.creationDate = this.getResponseProperty("CreationDate");
+  }
+}
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/core/views/pending-auth-request.view.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/views/pending-auth-request.view.ts
new file mode 100644
index 0000000000..8f3415a236
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/core/views/pending-auth-request.view.ts
@@ -0,0 +1,23 @@
+import { View } from "@bitwarden/common/models/view/view";
+
+import { PendingOrganizationAuthRequestResponse } from "../services/auth-requests";
+
+export class PendingAuthRequestView implements View {
+  id: string;
+  userId: string;
+  organizationUserId: string;
+  email: string;
+  publicKey: string;
+  requestDeviceIdentifier: string;
+  requestDeviceType: string;
+  requestIpAddress: string;
+  creationDate: Date;
+
+  static fromResponse(response: PendingOrganizationAuthRequestResponse): PendingAuthRequestView {
+    const view = Object.assign(new PendingAuthRequestView(), response) as PendingAuthRequestView;
+
+    view.creationDate = new Date(response.creationDate);
+
+    return view;
+  }
+}
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.html b/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.html
new file mode 100644
index 0000000000..4758cc47ce
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.html
@@ -0,0 +1,100 @@
+<h1>
+  {{ "deviceApprovals" | i18n }}
+  <i
+    class="bwi bwi-spinner bwi-spin text-muted"
+    title="{{ 'loading' | i18n }}"
+    aria-hidden="true"
+    *ngIf="actionInProgress || loading"
+  ></i>
+  <span class="sr-only">{{ "loading" | i18n }}</span>
+</h1>
+<p>
+  {{ "deviceApprovalsDesc" | i18n }}
+</p>
+
+<bit-table [dataSource]="tableDataSource">
+  <ng-container header>
+    <tr>
+      <th bitCell>{{ "member" | i18n }}</th>
+      <th bitCell>{{ "deviceInfo" | i18n }}</th>
+      <th bitCell>{{ "time" | i18n }}</th>
+      <th bitCell class="tw-w-10">
+        <button
+          [bitMenuTriggerFor]="headerMenu"
+          bitIconButton="bwi-ellipsis-v"
+          size="small"
+          type="button"
+          appA11yTitle="{{ 'options' | i18n }}"
+        ></button>
+        <bit-menu #headerMenu>
+          <button
+            type="button"
+            bitMenuItem
+            (click)="denyAllRequests()"
+            [disabled]="actionInProgress"
+          >
+            <span class="tw-text-danger">
+              <i class="bwi bwi-fw bwi-close" aria-hidden="true"></i>
+              {{ "denyAllRequests" | i18n }}
+            </span>
+          </button>
+        </bit-menu>
+      </th>
+    </tr>
+  </ng-container>
+  <ng-template body let-rows$>
+    <tr bitRow alignContent="top" *ngFor="let r of rows$ | async">
+      <td bitCell class="tw-flex-col">
+        <div>{{ r.email }}</div>
+        <code class="tw-text-sm">{{ r.publicKey | fingerprint : r.email | async }}</code>
+      </td>
+      <td bitCell class="tw-flex-col">
+        <div>{{ r.requestDeviceType }}</div>
+        <div class="tw-text-sm">{{ r.requestIpAddress }}</div>
+      </td>
+      <td bitCell class="tw-flex-col tw-text-muted">
+        {{ r.creationDate | date : "medium" }}
+      </td>
+      <td bitCell class="tw-align-middle">
+        <button
+          [bitMenuTriggerFor]="rowMenu"
+          bitIconButton="bwi-ellipsis-v"
+          size="small"
+          type="button"
+          appA11yTitle="{{ 'options' | i18n }}"
+        ></button>
+        <bit-menu #rowMenu>
+          <button
+            type="button"
+            bitMenuItem
+            (click)="approveRequest(r)"
+            [disabled]="actionInProgress"
+          >
+            <i class="bwi bwi-fw bwi-check" aria-hidden="true"></i>
+            {{ "approveRequest" | i18n }}
+          </button>
+          <button
+            type="button"
+            bitMenuItem
+            (click)="denyRequest(r.id)"
+            [disabled]="actionInProgress"
+          >
+            <span class="tw-text-danger">
+              <i class="bwi bwi-fw bwi-close" aria-hidden="true"></i>
+              {{ "denyRequest" | i18n }}
+            </span>
+          </button>
+        </bit-menu>
+      </td>
+    </tr>
+  </ng-template>
+</bit-table>
+
+<bit-no-items
+  class="tw-text-main"
+  *ngIf="!loading && tableDataSource.data.length == 0"
+  [icon]="Devices"
+>
+  <ng-container slot="title">{{ "noDeviceRequests" | i18n }}</ng-container>
+  <ng-container slot="description">{{ "noDeviceRequestsDesc" | i18n }}</ng-container>
+</bit-no-items>
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.ts
new file mode 100644
index 0000000000..6325a72f80
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/manage/device-approvals/device-approvals.component.ts
@@ -0,0 +1,174 @@
+import { Component, OnDestroy, OnInit } from "@angular/core";
+import { ActivatedRoute } from "@angular/router";
+import { BehaviorSubject, Subject, switchMap, takeUntil, tap } from "rxjs";
+
+import { OrganizationUserService } from "@bitwarden/common/abstractions/organization-user/organization-user.service";
+import { OrganizationUserResetPasswordDetailsResponse } from "@bitwarden/common/abstractions/organization-user/responses";
+import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
+import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
+import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
+import { ValidationService } from "@bitwarden/common/platform/abstractions/validation.service";
+import { Utils } from "@bitwarden/common/platform/misc/utils";
+import { EncString } from "@bitwarden/common/platform/models/domain/enc-string";
+import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
+import { TableDataSource } from "@bitwarden/components";
+import { Devices } from "@bitwarden/web-vault/app/admin-console/icons";
+
+import { OrganizationAuthRequestService } from "../../core/services/auth-requests";
+import { PendingAuthRequestView } from "../../core/views/pending-auth-request.view";
+
+@Component({
+  selector: "app-org-device-approvals",
+  templateUrl: "./device-approvals.component.html",
+})
+export class DeviceApprovalsComponent implements OnInit, OnDestroy {
+  tableDataSource = new TableDataSource<PendingAuthRequestView>();
+  organizationId: string;
+  loading = true;
+  actionInProgress = false;
+
+  protected readonly Devices = Devices;
+
+  private destroy$ = new Subject<void>();
+  private refresh$ = new BehaviorSubject<void>(null);
+
+  constructor(
+    private organizationAuthRequestService: OrganizationAuthRequestService,
+    private organizationUserService: OrganizationUserService,
+    private cryptoService: CryptoService,
+    private route: ActivatedRoute,
+    private platformUtilsService: PlatformUtilsService,
+    private i18nService: I18nService,
+    private logService: LogService,
+    private validationService: ValidationService
+  ) {}
+
+  async ngOnInit() {
+    this.route.params
+      .pipe(
+        tap((params) => (this.organizationId = params.organizationId)),
+        switchMap(() =>
+          this.refresh$.pipe(
+            tap(() => (this.loading = true)),
+            switchMap(() =>
+              this.organizationAuthRequestService.listPendingRequests(this.organizationId)
+            )
+          )
+        ),
+        takeUntil(this.destroy$)
+      )
+      .subscribe((r) => {
+        this.tableDataSource.data = r;
+        this.loading = false;
+      });
+  }
+
+  /**
+   * Creates a copy of the user's symmetric key that has been encrypted with the provided device's public key.
+   * @param devicePublicKey
+   * @param resetPasswordDetails
+   * @private
+   */
+  private async getEncryptedUserSymKey(
+    devicePublicKey: string,
+    resetPasswordDetails: OrganizationUserResetPasswordDetailsResponse
+  ): Promise<EncString> {
+    const encryptedUserSymKey = resetPasswordDetails.resetPasswordKey;
+    const encryptedOrgPrivateKey = resetPasswordDetails.encryptedPrivateKey;
+    const devicePubKey = Utils.fromB64ToArray(devicePublicKey);
+
+    // Decrypt Organization's encrypted Private Key with org key
+    const orgSymKey = await this.cryptoService.getOrgKey(this.organizationId);
+    const decOrgPrivateKey = await this.cryptoService.decryptToBytes(
+      new EncString(encryptedOrgPrivateKey),
+      orgSymKey
+    );
+
+    // Decrypt User's symmetric key with decrypted org private key
+    const decValue = await this.cryptoService.rsaDecrypt(encryptedUserSymKey, decOrgPrivateKey);
+    const userSymKey = new SymmetricCryptoKey(decValue);
+
+    // Re-encrypt User's Symmetric Key with the Device Public Key
+    return await this.cryptoService.rsaEncrypt(userSymKey.key, devicePubKey.buffer);
+  }
+
+  async approveRequest(authRequest: PendingAuthRequestView) {
+    await this.performAsyncAction(async () => {
+      const details = await this.organizationUserService.getOrganizationUserResetPasswordDetails(
+        this.organizationId,
+        authRequest.organizationUserId
+      );
+
+      // The user must be enrolled in account recovery (password reset) in order for the request to be approved.
+      if (details == null || details.resetPasswordKey == null) {
+        this.platformUtilsService.showToast(
+          "error",
+          null,
+          this.i18nService.t("resetPasswordDetailsError")
+        );
+        return;
+      }
+
+      const encryptedKey = await this.getEncryptedUserSymKey(authRequest.publicKey, details);
+
+      await this.organizationAuthRequestService.approvePendingRequest(
+        this.organizationId,
+        authRequest.id,
+        encryptedKey
+      );
+
+      this.platformUtilsService.showToast(
+        "success",
+        null,
+        this.i18nService.t("loginRequestApproved")
+      );
+    });
+  }
+
+  async denyRequest(requestId: string) {
+    await this.performAsyncAction(async () => {
+      await this.organizationAuthRequestService.denyPendingRequests(this.organizationId, requestId);
+      this.platformUtilsService.showToast("error", null, this.i18nService.t("loginRequestDenied"));
+    });
+  }
+
+  async denyAllRequests() {
+    if (this.tableDataSource.data.length === 0) {
+      return;
+    }
+
+    await this.performAsyncAction(async () => {
+      await this.organizationAuthRequestService.denyPendingRequests(
+        this.organizationId,
+        ...this.tableDataSource.data.map((r) => r.id)
+      );
+      this.platformUtilsService.showToast(
+        "error",
+        null,
+        this.i18nService.t("allLoginRequestsDenied")
+      );
+    });
+  }
+
+  private async performAsyncAction(action: () => Promise<void>) {
+    if (this.actionInProgress) {
+      return;
+    }
+    this.actionInProgress = true;
+    try {
+      await action();
+      this.refresh$.next();
+    } catch (err: unknown) {
+      this.logService.error(err.toString());
+      this.validationService.showError(err);
+    } finally {
+      this.actionInProgress = false;
+    }
+  }
+
+  ngOnDestroy() {
+    this.destroy$.next();
+    this.destroy$.complete();
+  }
+}
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
index d1f71325ce..22cd2571ca 100644
--- a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations-routing.module.ts
@@ -2,14 +2,17 @@ import { NgModule } from "@angular/core";
 import { RouterModule, Routes } from "@angular/router";
 
 import { AuthGuard } from "@bitwarden/angular/auth/guards/auth.guard";
+import { canAccessFeature } from "@bitwarden/angular/guard/feature-flag.guard";
 import { canAccessSettingsTab } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
 import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { OrganizationPermissionsGuard } from "@bitwarden/web-vault/app/admin-console/organizations/guards/org-permissions.guard";
 import { OrganizationLayoutComponent } from "@bitwarden/web-vault/app/admin-console/organizations/layouts/organization-layout.component";
 import { SettingsComponent } from "@bitwarden/web-vault/app/admin-console/organizations/settings/settings.component";
 
 import { SsoComponent } from "../../auth/sso/sso.component";
 
+import { DeviceApprovalsComponent } from "./manage/device-approvals/device-approvals.component";
 import { DomainVerificationComponent } from "./manage/domain-verification/domain-verification.component";
 import { ScimComponent } from "./manage/scim.component";
 
@@ -51,6 +54,18 @@ const routes: Routes = [
               organizationPermissions: (org: Organization) => org.canManageScim,
             },
           },
+          {
+            path: "device-approvals",
+            component: DeviceApprovalsComponent,
+            canActivate: [
+              OrganizationPermissionsGuard,
+              canAccessFeature(FeatureFlag.TrustedDeviceEncryption),
+            ],
+            data: {
+              organizationPermissions: (org: Organization) => org.canManageUsersPassword,
+              titleId: "deviceApprovals",
+            },
+          },
         ],
       },
     ],
diff --git a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations.module.ts b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations.module.ts
index 08f7dea640..3e939fa74f 100644
--- a/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations.module.ts
+++ b/bitwarden_license/bit-web/src/app/admin-console/organizations/organizations.module.ts
@@ -1,21 +1,25 @@
 import { NgModule } from "@angular/core";
 
+import { NoItemsModule } from "@bitwarden/components";
 import { SharedModule } from "@bitwarden/web-vault/app/shared/shared.module";
 
 import { SsoComponent } from "../../auth/sso/sso.component";
 
+import { CoreOrganizationModule } from "./core";
+import { DeviceApprovalsComponent } from "./manage/device-approvals/device-approvals.component";
 import { DomainAddEditDialogComponent } from "./manage/domain-verification/domain-add-edit-dialog/domain-add-edit-dialog.component";
 import { DomainVerificationComponent } from "./manage/domain-verification/domain-verification.component";
 import { ScimComponent } from "./manage/scim.component";
 import { OrganizationsRoutingModule } from "./organizations-routing.module";
 
 @NgModule({
-  imports: [SharedModule, OrganizationsRoutingModule],
+  imports: [SharedModule, CoreOrganizationModule, OrganizationsRoutingModule, NoItemsModule],
   declarations: [
     SsoComponent,
     ScimComponent,
     DomainVerificationComponent,
     DomainAddEditDialogComponent,
+    DeviceApprovalsComponent,
   ],
 })
 export class OrganizationsModule {}
diff --git a/libs/angular/src/directives/if-feature.directive.spec.ts b/libs/angular/src/directives/if-feature.directive.spec.ts
new file mode 100644
index 0000000000..bf73a172a5
--- /dev/null
+++ b/libs/angular/src/directives/if-feature.directive.spec.ts
@@ -0,0 +1,137 @@
+import { Component } from "@angular/core";
+import { ComponentFixture, TestBed } from "@angular/core/testing";
+import { By } from "@angular/platform-browser";
+import { mock, MockProxy } from "jest-mock-extended";
+
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
+import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
+import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
+
+import { IfFeatureDirective } from "./if-feature.directive";
+
+const testBooleanFeature: FeatureFlag = "boolean-feature" as FeatureFlag;
+const testStringFeature: FeatureFlag = "string-feature" as FeatureFlag;
+const testStringFeatureValue = "test-value";
+
+@Component({
+  template: `
+    <div *appIfFeature="testBooleanFeature">
+      <div data-testid="boolean-content">Hidden behind feature flag</div>
+    </div>
+    <div *appIfFeature="stringFeature; value: stringFeatureValue">
+      <div data-testid="string-content">Hidden behind feature flag</div>
+    </div>
+    <div *appIfFeature="missingFlag">
+      <div data-testid="missing-flag-content">
+        Hidden behind missing flag. Should not be visible.
+      </div>
+    </div>
+  `,
+})
+class TestComponent {
+  testBooleanFeature = testBooleanFeature;
+  stringFeature = testStringFeature;
+  stringFeatureValue = testStringFeatureValue;
+
+  missingFlag = "missing-flag" as FeatureFlag;
+}
+
+describe("IfFeatureDirective", () => {
+  let fixture: ComponentFixture<TestComponent>;
+  let content: HTMLElement;
+  let mockConfigService: MockProxy<ConfigServiceAbstraction>;
+
+  const mockConfigFlagValue = (flag: FeatureFlag, flagValue: any) => {
+    if (typeof flagValue === "boolean") {
+      mockConfigService.getFeatureFlagBool.mockImplementation((f, defaultValue = false) =>
+        flag == f ? Promise.resolve(flagValue) : Promise.resolve(defaultValue)
+      );
+    } else if (typeof flagValue === "string") {
+      mockConfigService.getFeatureFlagString.mockImplementation((f, defaultValue = "") =>
+        flag == f ? Promise.resolve(flagValue) : Promise.resolve(defaultValue)
+      );
+    } else if (typeof flagValue === "number") {
+      mockConfigService.getFeatureFlagNumber.mockImplementation((f, defaultValue = 0) =>
+        flag == f ? Promise.resolve(flagValue) : Promise.resolve(defaultValue)
+      );
+    }
+  };
+  const queryContent = (testId: string) =>
+    fixture.debugElement.query(By.css(`[data-testid="${testId}"]`))?.nativeElement;
+
+  beforeEach(async () => {
+    mockConfigService = mock<ConfigServiceAbstraction>();
+
+    await TestBed.configureTestingModule({
+      declarations: [IfFeatureDirective, TestComponent],
+      providers: [
+        { provide: LogService, useValue: mock<LogService>() },
+        {
+          provide: ConfigServiceAbstraction,
+          useValue: mockConfigService,
+        },
+      ],
+    }).compileComponents();
+
+    fixture = TestBed.createComponent(TestComponent);
+  });
+
+  it("renders content when the feature flag is enabled", async () => {
+    mockConfigFlagValue(testBooleanFeature, true);
+    fixture.detectChanges();
+    await fixture.whenStable();
+
+    content = queryContent("boolean-content");
+
+    expect(content).toBeDefined();
+  });
+
+  it("renders content when the feature flag value matches the provided value", async () => {
+    mockConfigFlagValue(testStringFeature, testStringFeatureValue);
+    fixture.detectChanges();
+    await fixture.whenStable();
+
+    content = queryContent("string-content");
+
+    expect(content).toBeDefined();
+  });
+
+  it("hides content when the feature flag is disabled", async () => {
+    mockConfigFlagValue(testBooleanFeature, false);
+    fixture.detectChanges();
+    await fixture.whenStable();
+
+    content = queryContent("boolean-content");
+
+    expect(content).toBeUndefined();
+  });
+
+  it("hides content when the feature flag value does not match the provided value", async () => {
+    mockConfigFlagValue(testStringFeature, "wrong-value");
+    fixture.detectChanges();
+    await fixture.whenStable();
+
+    content = queryContent("string-content");
+
+    expect(content).toBeUndefined();
+  });
+
+  it("hides content when the feature flag is missing", async () => {
+    fixture.detectChanges();
+    await fixture.whenStable();
+
+    content = queryContent("missing-flag-content");
+
+    expect(content).toBeUndefined();
+  });
+
+  it("hides content when the directive throws an unexpected exception", async () => {
+    mockConfigService.getFeatureFlagBool.mockImplementation(() => Promise.reject("Some error"));
+    fixture.detectChanges();
+    await fixture.whenStable();
+
+    content = queryContent("boolean-content");
+
+    expect(content).toBeUndefined();
+  });
+});
diff --git a/libs/angular/src/directives/if-feature.directive.ts b/libs/angular/src/directives/if-feature.directive.ts
new file mode 100644
index 0000000000..1a0ee35dc6
--- /dev/null
+++ b/libs/angular/src/directives/if-feature.directive.ts
@@ -0,0 +1,67 @@
+import { Directive, Input, OnInit, TemplateRef, ViewContainerRef } from "@angular/core";
+
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
+import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
+import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
+
+// Replace this with a type safe lookup of the feature flag values in PM-2282
+type FlagValue = boolean | number | string;
+
+/**
+ * Directive that conditionally renders the element when the feature flag is enabled and/or
+ * matches the value specified by {@link appIfFeatureValue}.
+ *
+ * When a feature flag is not found in the config service, the element is hidden.
+ */
+@Directive({
+  selector: "[appIfFeature]",
+})
+export class IfFeatureDirective implements OnInit {
+  /**
+   * The feature flag to check.
+   */
+  @Input() appIfFeature: FeatureFlag;
+
+  /**
+   * Optional value to compare against the value of the feature flag in the config service.
+   * @default true
+   */
+  @Input() appIfFeatureValue: FlagValue = true;
+
+  private hasView = false;
+
+  constructor(
+    private templateRef: TemplateRef<any>,
+    private viewContainer: ViewContainerRef,
+    private configService: ConfigServiceAbstraction,
+    private logService: LogService
+  ) {}
+
+  async ngOnInit() {
+    try {
+      let flagValue: FlagValue;
+
+      if (typeof this.appIfFeatureValue === "boolean") {
+        flagValue = await this.configService.getFeatureFlagBool(this.appIfFeature);
+      } else if (typeof this.appIfFeatureValue === "number") {
+        flagValue = await this.configService.getFeatureFlagNumber(this.appIfFeature);
+      } else if (typeof this.appIfFeatureValue === "string") {
+        flagValue = await this.configService.getFeatureFlagString(this.appIfFeature);
+      }
+
+      if (this.appIfFeatureValue === flagValue) {
+        if (!this.hasView) {
+          this.viewContainer.createEmbeddedView(this.templateRef);
+          this.hasView = true;
+        }
+      } else {
+        this.viewContainer.clear();
+        this.hasView = false;
+      }
+    } catch (e) {
+      this.logService.error(e);
+      this.viewContainer.clear();
+      this.hasView = false;
+    }
+  }
+}
diff --git a/libs/angular/src/jslib.module.ts b/libs/angular/src/jslib.module.ts
index bfe8f758f9..929875bbb2 100644
--- a/libs/angular/src/jslib.module.ts
+++ b/libs/angular/src/jslib.module.ts
@@ -11,6 +11,7 @@ import { AutofocusDirective } from "./directives/autofocus.directive";
 import { BoxRowDirective } from "./directives/box-row.directive";
 import { CopyClickDirective } from "./directives/copy-click.directive";
 import { FallbackSrcDirective } from "./directives/fallback-src.directive";
+import { IfFeatureDirective } from "./directives/if-feature.directive";
 import { InputStripSpacesDirective } from "./directives/input-strip-spaces.directive";
 import { InputVerbatimDirective } from "./directives/input-verbatim.directive";
 import { LaunchClickDirective } from "./directives/launch-click.directive";
@@ -25,6 +26,7 @@ import { SearchPipe } from "./pipes/search.pipe";
 import { UserNamePipe } from "./pipes/user-name.pipe";
 import { UserTypePipe } from "./pipes/user-type.pipe";
 import { EllipsisPipe } from "./platform/pipes/ellipsis.pipe";
+import { FingerprintPipe } from "./platform/pipes/fingerprint.pipe";
 import { I18nPipe } from "./platform/pipes/i18n.pipe";
 import { PasswordStrengthComponent } from "./shared/components/password-strength/password-strength.component";
 import { ExportScopeCalloutComponent } from "./tools/export/components/export-scope-callout.component";
@@ -68,6 +70,8 @@ import { IconComponent } from "./vault/components/icon.component";
     UserNamePipe,
     PasswordStrengthComponent,
     UserTypePipe,
+    IfFeatureDirective,
+    FingerprintPipe,
   ],
   exports: [
     A11yInvalidDirective,
@@ -97,7 +101,17 @@ import { IconComponent } from "./vault/components/icon.component";
     UserNamePipe,
     PasswordStrengthComponent,
     UserTypePipe,
+    IfFeatureDirective,
+    FingerprintPipe,
+  ],
+  providers: [
+    CreditCardNumberPipe,
+    DatePipe,
+    I18nPipe,
+    SearchPipe,
+    UserNamePipe,
+    UserTypePipe,
+    FingerprintPipe,
   ],
-  providers: [CreditCardNumberPipe, DatePipe, I18nPipe, SearchPipe, UserNamePipe, UserTypePipe],
 })
 export class JslibModule {}
diff --git a/libs/angular/src/platform/pipes/fingerprint.pipe.ts b/libs/angular/src/platform/pipes/fingerprint.pipe.ts
new file mode 100644
index 0000000000..198b3a57f7
--- /dev/null
+++ b/libs/angular/src/platform/pipes/fingerprint.pipe.ts
@@ -0,0 +1,32 @@
+import { Pipe } from "@angular/core";
+
+import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+import { Utils } from "@bitwarden/common/platform/misc/utils";
+
+@Pipe({
+  name: "fingerprint",
+})
+export class FingerprintPipe {
+  constructor(private cryptoService: CryptoService) {}
+
+  async transform(publicKey: string | Uint8Array, fingerprintMaterial: string): Promise<string> {
+    try {
+      if (typeof publicKey === "string") {
+        publicKey = Utils.fromB64ToArray(publicKey);
+      }
+
+      const fingerprint = await this.cryptoService.getFingerprint(
+        fingerprintMaterial,
+        publicKey.buffer
+      );
+
+      if (fingerprint != null) {
+        return fingerprint.join("-");
+      }
+
+      return "";
+    } catch {
+      return "";
+    }
+  }
+}
diff --git a/libs/components/src/no-items/no-items.component.ts b/libs/components/src/no-items/no-items.component.ts
index a172a2eeab..d85c6a3457 100644
--- a/libs/components/src/no-items/no-items.component.ts
+++ b/libs/components/src/no-items/no-items.component.ts
@@ -1,4 +1,4 @@
-import { Component } from "@angular/core";
+import { Component, Input } from "@angular/core";
 
 import { Icons } from "..";
 
@@ -10,5 +10,5 @@ import { Icons } from "..";
   templateUrl: "./no-items.component.html",
 })
 export class NoItemsComponent {
-  protected icon = Icons.Search;
+  @Input() icon = Icons.Search;
 }
diff --git a/libs/components/src/table/cell.directive.ts b/libs/components/src/table/cell.directive.ts
index 058d90e577..61c7557106 100644
--- a/libs/components/src/table/cell.directive.ts
+++ b/libs/components/src/table/cell.directive.ts
@@ -1,10 +1,10 @@
-import { HostBinding, Directive } from "@angular/core";
+import { Directive, HostBinding } from "@angular/core";
 
 @Directive({
   selector: "th[bitCell], td[bitCell]",
 })
 export class CellDirective {
   @HostBinding("class") get classList() {
-    return ["tw-p-3", "tw-align-middle"];
+    return ["tw-p-3"];
   }
 }
diff --git a/libs/components/src/table/row.directive.ts b/libs/components/src/table/row.directive.ts
index 5d9eaca261..19f3d3f775 100644
--- a/libs/components/src/table/row.directive.ts
+++ b/libs/components/src/table/row.directive.ts
@@ -4,7 +4,7 @@ import { Directive, HostBinding, Input } from "@angular/core";
   selector: "tr[bitRow]",
 })
 export class RowDirective {
-  @Input() alignContent: "top" | "middle" | "bottom" | "baseline" = "baseline";
+  @Input() alignContent: "top" | "middle" | "bottom" | "baseline" = "middle";
 
   get alignmentClass(): string {
     switch (this.alignContent) {
diff --git a/libs/components/src/table/table.stories.ts b/libs/components/src/table/table.stories.ts
index 2d9830b7da..9c1fac6956 100644
--- a/libs/components/src/table/table.stories.ts
+++ b/libs/components/src/table/table.stories.ts
@@ -1,5 +1,5 @@
 import { ScrollingModule } from "@angular/cdk/scrolling";
-import { Meta, StoryObj, moduleMetadata } from "@storybook/angular";
+import { Meta, moduleMetadata, StoryObj } from "@storybook/angular";
 
 import { countries } from "../form/countries";
 
@@ -62,7 +62,7 @@ export const Default: Story = {
     `,
   }),
   args: {
-    alignRowContent: "baseline",
+    alignRowContent: "middle",
   },
 };
 

From 5cd51374d7e746c36da77314d7d84f8361de36a1 Mon Sep 17 00:00:00 2001
From: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Date: Thu, 15 Jun 2023 21:03:48 -0500
Subject: [PATCH 06/13] [AC-1416] Expose Organization Fingerprint (#5557)

* refactor: change getFingerprint param to fingerprintMaterial, refs PM-1522

* feat: generate and show fingerprint for organization (WIP), refs AC-1416

* feat: update legacy params subscription to best practice (WIP), refs AC-1461

* refactor: update to use reactive forms, refs AC-1416

* refactor: remove boostrap specific classes and update to component library paradigms, refs AC-1416

* refactor: remove boostrap specific classes and update to component library paradigms, refs AC-1416

* refactor: create shared fingerprint component to redude boilerplate for settings fingerprint views, refs AC-1416

* refactor: use grid to emulate col-6 and remove unnecessary theme extensions, refs AC-1416

* refactor: remove negative margin and clean up extra divs, refs AC-1416

* [AC-1431] Add missing UserVerificationModule import (#5555)

* [PM-2238] Add nord and solarize themes (#5491)

* Fix simple configurable dialog stories (#5560)

* chore(deps): update bitwarden/gh-actions digest to 72594be (#5523)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* refactor: remove extra div leftover from card-body class, refs AC-1416

* refactor: use bitTypography for headers, refs AC-1416

* fix: update crypto service abstraction path, refs AC-1416

* refactor: remove try/catch on handler, remove bootstrap class, update api chaining in observable, refs AC-1416

* fix: replace faulty combineLatest logic, refs AC-1416

* refactor: simplify observable logic again, refs AC-1416

---------

Co-authored-by: Shane Melton <smelton@bitwarden.com>
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 .../settings/account.component.html           | 103 +++++--------
 .../settings/account.component.ts             | 140 +++++++++++++-----
 .../settings/organization-settings.module.ts  |   9 +-
 .../src/app/settings/profile.component.html   |  18 +--
 .../web/src/app/settings/profile.component.ts |  13 +-
 .../account-fingerprint.component.html        |  16 ++
 .../account-fingerprint.component.ts          |  30 ++++
 .../src/app/shared/loose-components.module.ts |   2 +
 apps/web/src/locales/en/messages.json         |   4 +
 .../platform/abstractions/crypto.service.ts   |   2 +-
 .../src/platform/services/crypto.service.ts   |   4 +-
 11 files changed, 206 insertions(+), 135 deletions(-)
 create mode 100644 apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.html
 create mode 100644 apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.ts

diff --git a/apps/web/src/app/admin-console/organizations/settings/account.component.html b/apps/web/src/app/admin-console/organizations/settings/account.component.html
index 08059ed99f..c7ac9910ac 100644
--- a/apps/web/src/app/admin-console/organizations/settings/account.component.html
+++ b/apps/web/src/app/admin-console/organizations/settings/account.component.html
@@ -1,95 +1,66 @@
-<div class="page-header">
-  <h1>{{ "organizationInfo" | i18n }}</h1>
-</div>
+<h1 bitTypography="h1" class="tw-pb-2.5">{{ "organizationInfo" | i18n }}</h1>
 <div *ngIf="loading">
   <i
     class="bwi bwi-spinner bwi-spin text-muted"
     title="{{ 'loading' | i18n }}"
     aria-hidden="true"
   ></i>
-  <span class="sr-only">{{ "loading" | i18n }}</span>
+  <span class="tw-sr-only">{{ "loading" | i18n }}</span>
 </div>
-<form
-  *ngIf="org && !loading"
-  #form
-  (ngSubmit)="submit()"
-  [appApiAction]="formPromise"
-  ngNativeValidate
->
-  <div class="row">
-    <div class="col-6">
-      <div class="form-group">
-        <label for="name">{{ "organizationName" | i18n }}</label>
-        <input
-          id="name"
-          class="form-control"
-          type="text"
-          name="Name"
-          [(ngModel)]="org.name"
-          [disabled]="selfHosted"
-        />
-      </div>
-      <div class="form-group">
-        <label for="billingEmail">{{ "billingEmail" | i18n }}</label>
-        <input
-          id="billingEmail"
-          class="form-control"
-          type="text"
-          name="BillingEmail"
-          [(ngModel)]="org.billingEmail"
-          [disabled]="selfHosted || !canEditSubscription"
-        />
-      </div>
-      <div class="form-group">
-        <label for="businessName">{{ "businessName" | i18n }}</label>
-        <input
-          id="businessName"
-          class="form-control"
-          type="text"
-          name="BusinessName"
-          [(ngModel)]="org.businessName"
-          [disabled]="selfHosted || !canEditSubscription"
-        />
-      </div>
+<form *ngIf="org && !loading" #form [bitSubmit]="submit" [formGroup]="formGroup">
+  <div class="tw-grid tw-grid-cols-2 tw-gap-5">
+    <div>
+      <bit-form-field>
+        <bit-label>{{ "organizationName" | i18n }}</bit-label>
+        <input bitInput id="orgName" type="text" formControlName="orgName" />
+      </bit-form-field>
+      <bit-form-field>
+        <bit-label>{{ "billingEmail" | i18n }}</bit-label>
+        <input bitInput id="billingEmail" formControlName="billingEmail" type="email" />
+      </bit-form-field>
+      <bit-form-field>
+        <bit-label>{{ "businessName" | i18n }}</bit-label>
+        <input bitInput id="businessName" formControlName="businessName" type="text" />
+      </bit-form-field>
     </div>
-    <div class="col-6">
+    <div>
       <bit-avatar [text]="org.name" [id]="org.id" size="large"></bit-avatar>
+      <app-account-fingerprint
+        [fingerprintMaterial]="organizationId"
+        [publicKeyBuffer]="publicKeyBuffer"
+        fingerprintLabel="{{ 'yourOrganizationsFingerprint' | i18n }}"
+      >
+      </app-account-fingerprint>
     </div>
   </div>
-  <button type="submit" buttonType="primary" bitButton [loading]="form.loading">
+  <button type="submit" bitButton bitFormButton buttonType="primary">
     {{ "save" | i18n }}
   </button>
 </form>
 <ng-container *ngIf="canUseApi">
-  <div class="secondary-header border-0 mb-0">
-    <h1>{{ "apiKey" | i18n }}</h1>
-  </div>
+  <h1 bitTypography="h1" class="tw-mt-16 tw-pb-2.5">{{ "apiKey" | i18n }}</h1>
   <p>
     {{ "apiKeyDesc" | i18n }}
     <a href="https://docs.bitwarden.com" target="_blank" rel="noopener">
       {{ "learnMore" | i18n }}
     </a>
   </p>
-  <button type="button" class="btn btn-outline-secondary" (click)="viewApiKey()">
+  <button type="button" bitButton buttonType="secondary" (click)="viewApiKey()">
     {{ "viewApiKey" | i18n }}
   </button>
-  <button type="button" class="btn btn-outline-secondary" (click)="rotateApiKey()">
+  <button type="button" bitButton buttonType="secondary" (click)="rotateApiKey()">
     {{ "rotateApiKey" | i18n }}
   </button>
 </ng-container>
-<div class="secondary-header text-danger border-0 mb-0">
-  <h1>{{ "dangerZone" | i18n }}</h1>
-</div>
-<div class="card border-danger">
-  <div class="card-body">
-    <p>{{ "dangerZoneDesc" | i18n }}</p>
-    <button type="button" class="btn btn-outline-danger" (click)="deleteOrganization()">
-      {{ "deleteOrganization" | i18n }}
-    </button>
-    <button type="button" class="btn btn-outline-danger" (click)="purgeVault()">
-      {{ "purgeVault" | i18n }}
-    </button>
-  </div>
+<h1 bitTypography="h1" class="tw-mt-16 tw-pb-2.5 !tw-text-danger">{{ "dangerZone" | i18n }}</h1>
+<div class="tw-rounded tw-border tw-border-solid tw-border-danger-500 tw-bg-background tw-p-5">
+  <p>{{ "dangerZoneDesc" | i18n }}</p>
+  <button type="button" bitButton buttonType="danger" (click)="deleteOrganization()">
+    {{ "deleteOrganization" | i18n }}
+  </button>
+  <button type="button" bitButton buttonType="danger" (click)="purgeVault()">
+    {{ "purgeVault" | i18n }}
+  </button>
 </div>
 <ng-template #purgeOrganizationTemplate></ng-template>
 <ng-template #apiKeyTemplate></ng-template>
diff --git a/apps/web/src/app/admin-console/organizations/settings/account.component.ts b/apps/web/src/app/admin-console/organizations/settings/account.component.ts
index 2d0c1b17be..48dcb2c88c 100644
--- a/apps/web/src/app/admin-console/organizations/settings/account.component.ts
+++ b/apps/web/src/app/admin-console/organizations/settings/account.component.ts
@@ -1,6 +1,7 @@
 import { Component, ViewChild, ViewContainerRef } from "@angular/core";
+import { FormBuilder, Validators } from "@angular/forms";
 import { ActivatedRoute, Router } from "@angular/router";
-import { lastValueFrom } from "rxjs";
+import { combineLatest, lastValueFrom, Subject, switchMap, takeUntil, from } from "rxjs";
 
 import { DialogServiceAbstraction } from "@bitwarden/angular/services/dialog";
 import { ModalService } from "@bitwarden/angular/services/modal.service";
@@ -13,6 +14,7 @@ import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.se
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
+import { Utils } from "@bitwarden/common/platform/misc/utils";
 
 import { ApiKeyComponent } from "../../../settings/api-key.component";
 import { PurgeVaultComponent } from "../../../settings/purge-vault.component";
@@ -23,7 +25,6 @@ import { DeleteOrganizationDialogResult, openDeleteOrganizationDialog } from "./
   selector: "app-org-account",
   templateUrl: "account.component.html",
 })
-// eslint-disable-next-line rxjs-angular/prefer-takeuntil
 export class AccountComponent {
   @ViewChild("purgeOrganizationTemplate", { read: ViewContainerRef, static: true })
   purgeModalRef: ViewContainerRef;
@@ -40,7 +41,29 @@ export class AccountComponent {
   formPromise: Promise<OrganizationResponse>;
   taxFormPromise: Promise<unknown>;
 
-  private organizationId: string;
+  // FormGroup validators taken from server Organization domain object
+  protected formGroup = this.formBuilder.group({
+    orgName: this.formBuilder.control(
+      { value: "", disabled: true },
+      {
+        validators: [Validators.required, Validators.maxLength(50)],
+        updateOn: "change",
+      }
+    ),
+    billingEmail: this.formBuilder.control(
+      { value: "", disabled: true },
+      { validators: [Validators.required, Validators.email, Validators.maxLength(256)] }
+    ),
+    businessName: this.formBuilder.control(
+      { value: "", disabled: true },
+      { validators: [Validators.maxLength(50)] }
+    ),
+  });
+
+  protected organizationId: string;
+  protected publicKeyBuffer: ArrayBuffer;
+
+  private destroy$ = new Subject<void>();
 
   constructor(
     private modalService: ModalService,
@@ -52,53 +75,88 @@ export class AccountComponent {
     private router: Router,
     private organizationService: OrganizationService,
     private organizationApiService: OrganizationApiServiceAbstraction,
-    private dialogService: DialogServiceAbstraction
+    private dialogService: DialogServiceAbstraction,
+    private formBuilder: FormBuilder
   ) {}
 
   async ngOnInit() {
     this.selfHosted = this.platformUtilsService.isSelfHost();
 
-    // eslint-disable-next-line rxjs-angular/prefer-takeuntil, rxjs/no-async-subscribe
-    this.route.parent.parent.params.subscribe(async (params) => {
-      this.organizationId = params.organizationId;
-      this.canEditSubscription = this.organizationService.get(
-        this.organizationId
-      ).canEditSubscription;
-      try {
-        this.org = await this.organizationApiService.get(this.organizationId);
-        this.canUseApi = this.org.useApi;
-      } catch (e) {
-        this.logService.error(e);
-      }
-    });
-    this.loading = false;
+    this.route.parent.parent.params
+      .pipe(
+        switchMap((params) => {
+          return combineLatest([
+            // Organization domain
+            this.organizationService.get$(params.organizationId),
+            // OrganizationResponse for form population
+            from(this.organizationApiService.get(params.organizationId)),
+            // Organization Public Key
+            from(this.organizationApiService.getKeys(params.organizationId)),
+          ]);
+        }),
+        takeUntil(this.destroy$)
+      )
+      .subscribe(([organization, orgResponse, orgKeys]) => {
+        // Set domain level organization variables
+        this.organizationId = organization.id;
+        this.canEditSubscription = organization.canEditSubscription;
+        this.canUseApi = organization.useApi;
+
+        // Org Response
+        this.org = orgResponse;
+
+        // Public Key Buffer for Org Fingerprint Generation
+        this.publicKeyBuffer = Utils.fromB64ToArray(orgKeys?.publicKey)?.buffer;
+
+        // Patch existing values
+        this.formGroup.patchValue({
+          orgName: this.org.name,
+          billingEmail: this.org.billingEmail,
+          businessName: this.org.businessName,
+        });
+
+        // Update disabled states - reactive forms prefers not using disabled attribute
+        if (!this.selfHosted) {
+          this.formGroup.get("orgName").enable();
+        }
+
+        if (!this.selfHosted || this.canEditSubscription) {
+          this.formGroup.get("billingEmail").enable();
+          this.formGroup.get("businessName").enable();
+        }
+
+        this.loading = false;
+      });
   }
 
-  async submit() {
-    try {
-      const request = new OrganizationUpdateRequest();
-      request.name = this.org.name;
-      request.businessName = this.org.businessName;
-      request.billingEmail = this.org.billingEmail;
+  ngOnDestroy(): void {
+    // You must first call .next() in order for the notifier to properly close subscriptions using takeUntil
+    this.destroy$.next();
+    this.destroy$.complete();
+  }
 
-      // Backfill pub/priv key if necessary
-      if (!this.org.hasPublicAndPrivateKeys) {
-        const orgShareKey = await this.cryptoService.getOrgKey(this.organizationId);
-        const orgKeys = await this.cryptoService.makeKeyPair(orgShareKey);
-        request.keys = new OrganizationKeysRequest(orgKeys[0], orgKeys[1].encryptedString);
-      }
-
-      this.formPromise = this.organizationApiService.save(this.organizationId, request);
-      await this.formPromise;
-      this.platformUtilsService.showToast(
-        "success",
-        null,
-        this.i18nService.t("organizationUpdated")
-      );
-    } catch (e) {
-      this.logService.error(e);
+  submit = async () => {
+    this.formGroup.markAllAsTouched();
+    if (this.formGroup.invalid) {
+      return;
     }
-  }
+
+    const request = new OrganizationUpdateRequest();
+    request.name = this.formGroup.value.orgName;
+    request.businessName = this.formGroup.value.businessName;
+    request.billingEmail = this.formGroup.value.billingEmail;
+
+    // Backfill pub/priv key if necessary
+    if (!this.org.hasPublicAndPrivateKeys) {
+      const orgShareKey = await this.cryptoService.getOrgKey(this.organizationId);
+      const orgKeys = await this.cryptoService.makeKeyPair(orgShareKey);
+      request.keys = new OrganizationKeysRequest(orgKeys[0], orgKeys[1].encryptedString);
+    }
+
+    this.formPromise = this.organizationApiService.save(this.organizationId, request);
+    await this.formPromise;
+    this.platformUtilsService.showToast("success", null, this.i18nService.t("organizationUpdated"));
+  };
 
   async deleteOrganization() {
     const dialog = openDeleteOrganizationDialog(this.dialogService, {
diff --git a/apps/web/src/app/admin-console/organizations/settings/organization-settings.module.ts b/apps/web/src/app/admin-console/organizations/settings/organization-settings.module.ts
index c5500c6a94..9eaec0a068 100644
--- a/apps/web/src/app/admin-console/organizations/settings/organization-settings.module.ts
+++ b/apps/web/src/app/admin-console/organizations/settings/organization-settings.module.ts
@@ -1,6 +1,7 @@
 import { NgModule } from "@angular/core";
 
 import { LooseComponentsModule, SharedModule } from "../../../shared";
+import { AccountFingerprintComponent } from "../../../shared/components/account-fingerprint/account-fingerprint.component";
 import { PoliciesModule } from "../../organizations/policies";
 
 import { AccountComponent } from "./account.component";
@@ -9,7 +10,13 @@ import { SettingsComponent } from "./settings.component";
 import { TwoFactorSetupComponent } from "./two-factor-setup.component";
 
 @NgModule({
-  imports: [SharedModule, LooseComponentsModule, PoliciesModule, OrganizationSettingsRoutingModule],
+  imports: [
+    SharedModule,
+    LooseComponentsModule,
+    PoliciesModule,
+    OrganizationSettingsRoutingModule,
+    AccountFingerprintComponent,
+  ],
   declarations: [SettingsComponent, AccountComponent, TwoFactorSetupComponent],
 })
 export class OrganizationSettingsModule {}
diff --git a/apps/web/src/app/settings/profile.component.html b/apps/web/src/app/settings/profile.component.html
index be0e58eaa1..91e0d4b985 100644
--- a/apps/web/src/app/settings/profile.component.html
+++ b/apps/web/src/app/settings/profile.component.html
@@ -46,19 +46,11 @@
           Customize
         </button>
       </div>
-      <hr />
-      <p *ngIf="fingerprint">
-        {{ "yourAccountsFingerprint" | i18n }}:
-        <a
-          href="https://bitwarden.com/help/fingerprint-phrase/"
-          target="_blank"
-          rel="noopener"
-          appA11yTitle="{{ 'learnMore' | i18n }}"
-        >
-          <i class="bwi bwi-question-circle" aria-hidden="true"></i></a
-        ><br />
-        <code>{{ fingerprint }}</code>
-      </p>
+      <app-account-fingerprint
+        [fingerprintMaterial]="fingerprintMaterial"
+        fingerprintLabel="{{ 'yourAccountsFingerprint' | i18n }}"
+      >
+      </app-account-fingerprint>
     </div>
   </div>
   <button type="submit" class="btn btn-primary btn-submit" [disabled]="form.loading">
diff --git a/apps/web/src/app/settings/profile.component.ts b/apps/web/src/app/settings/profile.component.ts
index d2c115f3ee..a98fb8208d 100644
--- a/apps/web/src/app/settings/profile.component.ts
+++ b/apps/web/src/app/settings/profile.component.ts
@@ -3,10 +3,8 @@ import { Subject, takeUntil } from "rxjs";
 
 import { ModalService } from "@bitwarden/angular/services/modal.service";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
-import { KeyConnectorService } from "@bitwarden/common/auth/abstractions/key-connector.service";
 import { UpdateProfileRequest } from "@bitwarden/common/auth/models/request/update-profile.request";
 import { ProfileResponse } from "@bitwarden/common/models/response/profile.response";
-import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
@@ -21,7 +19,7 @@ import { ChangeAvatarComponent } from "./change-avatar.component";
 export class ProfileComponent implements OnInit, OnDestroy {
   loading = true;
   profile: ProfileResponse;
-  fingerprint: string;
+  fingerprintMaterial: string;
 
   formPromise: Promise<any>;
   @ViewChild("avatarModalTemplate", { read: ViewContainerRef, static: true })
@@ -32,9 +30,7 @@ export class ProfileComponent implements OnInit, OnDestroy {
     private apiService: ApiService,
     private i18nService: I18nService,
     private platformUtilsService: PlatformUtilsService,
-    private cryptoService: CryptoService,
     private logService: LogService,
-    private keyConnectorService: KeyConnectorService,
     private stateService: StateService,
     private modalService: ModalService
   ) {}
@@ -42,12 +38,7 @@ export class ProfileComponent implements OnInit, OnDestroy {
   async ngOnInit() {
     this.profile = await this.apiService.getProfile();
     this.loading = false;
-    const fingerprint = await this.cryptoService.getFingerprint(
-      await this.stateService.getUserId()
-    );
-    if (fingerprint != null) {
-      this.fingerprint = fingerprint.join("-");
-    }
+    this.fingerprintMaterial = await this.stateService.getUserId();
   }
 
   async ngOnDestroy() {
diff --git a/apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.html b/apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.html
new file mode 100644
index 0000000000..035e5d33af
--- /dev/null
+++ b/apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.html
@@ -0,0 +1,16 @@
+<ng-container>
+  <hr />
+  <p *ngIf="fingerprint">
+    {{ fingerprintLabel }}:
+    <a
+      href="https://bitwarden.com/help/fingerprint-phrase/"
+      target="_blank"
+      rel="noopener"
+      appA11yTitle="{{ 'learnMore' | i18n }}"
+    >
+      <i class="bwi bwi-question-circle" aria-hidden="true"></i
+    ></a>
+    <br />
+    <code class="tw-text-code">{{ fingerprint }}</code>
+  </p>
+</ng-container>
diff --git a/apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.ts b/apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.ts
new file mode 100644
index 0000000000..f3d67880f2
--- /dev/null
+++ b/apps/web/src/app/shared/components/account-fingerprint/account-fingerprint.component.ts
@@ -0,0 +1,30 @@
+import { Component, Input, OnInit } from "@angular/core";
+
+import { CryptoService } from "@bitwarden/common/platform/abstractions/crypto.service";
+
+import { SharedModule } from "../../shared.module";
+
+@Component({
+  selector: "app-account-fingerprint",
+  templateUrl: "account-fingerprint.component.html",
+  standalone: true,
+  imports: [SharedModule],
+})
+export class AccountFingerprintComponent implements OnInit {
+  @Input() fingerprintMaterial: string;
+  @Input() publicKeyBuffer: ArrayBuffer;
+  @Input() fingerprintLabel: string;
+
+  protected fingerprint: string;
+
+  constructor(private cryptoService: CryptoService) {}
+
+  async ngOnInit() {
+    // TODO - In the future, remove this code and use the fingerprint pipe once merged
+    const generatedFingerprint = await this.cryptoService.getFingerprint(
+      this.fingerprintMaterial,
+      this.publicKeyBuffer
+    );
+    this.fingerprint = generatedFingerprint?.join("-") ?? null;
+  }
+}
diff --git a/apps/web/src/app/shared/loose-components.module.ts b/apps/web/src/app/shared/loose-components.module.ts
index db6a427138..c17cf5c76b 100644
--- a/apps/web/src/app/shared/loose-components.module.ts
+++ b/apps/web/src/app/shared/loose-components.module.ts
@@ -107,6 +107,7 @@ import { AddEditComponent as OrgAddEditComponent } from "../vault/org-vault/add-
 import { AttachmentsComponent as OrgAttachmentsComponent } from "../vault/org-vault/attachments.component";
 import { CollectionsComponent as OrgCollectionsComponent } from "../vault/org-vault/collections.component";
 
+import { AccountFingerprintComponent } from "./components/account-fingerprint/account-fingerprint.component";
 import { UserVerificationModule } from "./components/user-verification";
 import { SharedModule } from "./shared.module";
 
@@ -121,6 +122,7 @@ import { SharedModule } from "./shared.module";
     UserVerificationModule,
     ChangeKdfModule,
     DynamicAvatarComponent,
+    AccountFingerprintComponent,
   ],
   declarations: [
     PremiumBadgeComponent,
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index b9124dca16..4e08fa65ba 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -6845,6 +6845,10 @@
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
   },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
   "deviceApprovals": {
     "message": "Device approvals"
   },
diff --git a/libs/common/src/platform/abstractions/crypto.service.ts b/libs/common/src/platform/abstractions/crypto.service.ts
index 4fbd6536a3..990fed0c31 100644
--- a/libs/common/src/platform/abstractions/crypto.service.ts
+++ b/libs/common/src/platform/abstractions/crypto.service.ts
@@ -24,7 +24,7 @@ export abstract class CryptoService {
   getEncKey: (key?: SymmetricCryptoKey) => Promise<SymmetricCryptoKey>;
   getPublicKey: () => Promise<ArrayBuffer>;
   getPrivateKey: () => Promise<ArrayBuffer>;
-  getFingerprint: (userId: string, publicKey?: ArrayBuffer) => Promise<string[]>;
+  getFingerprint: (fingerprintMaterial: string, publicKey?: ArrayBuffer) => Promise<string[]>;
   getOrgKeys: () => Promise<Map<string, SymmetricCryptoKey>>;
   getOrgKey: (orgId: string) => Promise<SymmetricCryptoKey>;
   getProviderKey: (providerId: string) => Promise<SymmetricCryptoKey>;
diff --git a/libs/common/src/platform/services/crypto.service.ts b/libs/common/src/platform/services/crypto.service.ts
index 07cc1d9865..6dc4a8c883 100644
--- a/libs/common/src/platform/services/crypto.service.ts
+++ b/libs/common/src/platform/services/crypto.service.ts
@@ -204,7 +204,7 @@ export class CryptoService implements CryptoServiceAbstraction {
     return privateKey;
   }
 
-  async getFingerprint(userId: string, publicKey?: ArrayBuffer): Promise<string[]> {
+  async getFingerprint(fingerprintMaterial: string, publicKey?: ArrayBuffer): Promise<string[]> {
     if (publicKey == null) {
       publicKey = await this.getPublicKey();
     }
@@ -214,7 +214,7 @@ export class CryptoService implements CryptoServiceAbstraction {
     const keyFingerprint = await this.cryptoFunctionService.hash(publicKey, "sha256");
     const userFingerprint = await this.cryptoFunctionService.hkdfExpand(
       keyFingerprint,
-      userId,
+      fingerprintMaterial,
       32,
       "sha256"
     );

From 1052f00b87bdcb6dda41d6eb53e4dbc431992608 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Bispo?= <abispo@bitwarden.com>
Date: Fri, 16 Jun 2023 14:09:16 +0100
Subject: [PATCH 07/13] [PM-2475][PM-2536] Clicking "US" in region selector
 sets base URL (#5604)

---
 .../desktop/src/auth/login/login.component.ts |   1 +
 .../layouts/frontend-layout.component.html    |   2 +-
 .../app/layouts/frontend-layout.component.ts  |   4 +-
 .../environment-selector.component.ts         |  41 +++---
 .../src/components/environment.component.ts   |   8 +-
 .../abstractions/environment.service.ts       |  11 ++
 .../platform/abstractions/state.service.ts    |   2 +
 .../src/platform/models/domain/account.ts     |   1 +
 .../platform/models/domain/global-state.ts    |   1 +
 .../platform/services/environment.service.ts  | 125 ++++++++++++++++--
 .../src/platform/services/state.service.ts    |  22 +++
 11 files changed, 177 insertions(+), 41 deletions(-)

diff --git a/apps/desktop/src/auth/login/login.component.ts b/apps/desktop/src/auth/login/login.component.ts
index de5ee51a7a..bb7a99cca0 100644
--- a/apps/desktop/src/auth/login/login.component.ts
+++ b/apps/desktop/src/auth/login/login.component.ts
@@ -151,6 +151,7 @@ export class LoginComponent extends BaseLoginComponent implements OnDestroy {
     // eslint-disable-next-line rxjs/no-async-subscribe
     childComponent.onSaved.pipe(takeUntil(this.componentDestroyed$)).subscribe(async () => {
       modal.close();
+      this.environmentSelector.updateEnvironmentInfo();
       await this.getLoginWithDevice(this.loggedEmail);
     });
   }
diff --git a/apps/web/src/app/layouts/frontend-layout.component.html b/apps/web/src/app/layouts/frontend-layout.component.html
index bd26ed9436..84608acff0 100644
--- a/apps/web/src/app/layouts/frontend-layout.component.html
+++ b/apps/web/src/app/layouts/frontend-layout.component.html
@@ -1,6 +1,6 @@
 <router-outlet></router-outlet>
 <div class="container my-5 text-muted text-center">
-  <div class="tw-mb-1">
+  <div class="tw-mb-1" *ngIf="!isSelfHosted">
     <bit-menu #environmentOptions>
       <a bitMenuItem href="https://vault.bitwarden.com" class="pr-4">
         <i
diff --git a/apps/web/src/app/layouts/frontend-layout.component.ts b/apps/web/src/app/layouts/frontend-layout.component.ts
index 66c71e0d62..14867a289f 100644
--- a/apps/web/src/app/layouts/frontend-layout.component.ts
+++ b/apps/web/src/app/layouts/frontend-layout.component.ts
@@ -11,9 +11,10 @@ import { Utils } from "@bitwarden/common/platform/misc/utils";
 })
 export class FrontendLayoutComponent implements OnInit, OnDestroy {
   version: string;
+  isSelfHosted: boolean;
+  euServerFlagEnabled: boolean;
   year = "2015";
   isEuServer = true;
-  euServerFlagEnabled: boolean;
 
   constructor(
     private platformUtilsService: PlatformUtilsService,
@@ -23,6 +24,7 @@ export class FrontendLayoutComponent implements OnInit, OnDestroy {
   async ngOnInit() {
     this.year = new Date().getFullYear().toString();
     this.version = await this.platformUtilsService.getApplicationVersion();
+    this.isSelfHosted = this.platformUtilsService.isSelfHost();
     this.euServerFlagEnabled = await this.configService.getFeatureFlagBool(
       FeatureFlag.DisplayEuEnvironmentFlag
     );
diff --git a/libs/angular/src/auth/components/environment-selector.component.ts b/libs/angular/src/auth/components/environment-selector.component.ts
index 90d958221e..7989e0f2ca 100644
--- a/libs/angular/src/auth/components/environment-selector.component.ts
+++ b/libs/angular/src/auth/components/environment-selector.component.ts
@@ -6,7 +6,10 @@ import { Subject, takeUntil } from "rxjs";
 
 import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { ConfigServiceAbstraction } from "@bitwarden/common/platform/abstractions/config/config.service.abstraction";
-import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
+import {
+  EnvironmentService as EnvironmentServiceAbstraction,
+  Region,
+} from "@bitwarden/common/platform/abstractions/environment.service";
 
 @Component({
   selector: "environment-selector",
@@ -37,8 +40,8 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy {
   euServerFlagEnabled: boolean;
   isOpen = false;
   showingModal = false;
-  selectedEnvironment: ServerEnvironment;
-  ServerEnvironmentType = ServerEnvironment;
+  selectedEnvironment: Region;
+  ServerEnvironmentType = Region;
   overlayPostition: ConnectedPosition[] = [
     {
       originX: "start",
@@ -50,7 +53,7 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy {
   protected componentDestroyed$: Subject<void> = new Subject();
 
   constructor(
-    protected environmentService: EnvironmentService,
+    protected environmentService: EnvironmentServiceAbstraction,
     protected configService: ConfigServiceAbstraction,
     protected router: Router
   ) {}
@@ -67,18 +70,20 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy {
     this.componentDestroyed$.complete();
   }
 
-  async toggle(option: ServerEnvironment) {
+  async toggle(option: Region) {
     this.isOpen = !this.isOpen;
     if (option === null) {
       return;
     }
-    if (option === ServerEnvironment.EU) {
-      await this.environmentService.setUrls({ base: "https://vault.bitwarden.eu" });
-    } else if (option === ServerEnvironment.US) {
-      await this.environmentService.setUrls({ base: "https://vault.bitwarden.com" });
-    } else if (option === ServerEnvironment.SelfHosted) {
+
+    this.updateEnvironmentInfo();
+
+    if (option === Region.SelfHosted) {
       this.onOpenSelfHostedSettings.emit();
+      return;
     }
+
+    await this.environmentService.setRegion(option);
     this.updateEnvironmentInfo();
   }
 
@@ -86,14 +91,8 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy {
     this.euServerFlagEnabled = await this.configService.getFeatureFlagBool(
       FeatureFlag.DisplayEuEnvironmentFlag
     );
-    const webvaultUrl = this.environmentService.getWebVaultUrl();
-    if (this.environmentService.isSelfHosted()) {
-      this.selectedEnvironment = ServerEnvironment.SelfHosted;
-    } else if (webvaultUrl != null && webvaultUrl.includes("bitwarden.eu")) {
-      this.selectedEnvironment = ServerEnvironment.EU;
-    } else {
-      this.selectedEnvironment = ServerEnvironment.US;
-    }
+
+    this.selectedEnvironment = this.environmentService.selectedRegion;
   }
 
   close() {
@@ -101,9 +100,3 @@ export class EnvironmentSelectorComponent implements OnInit, OnDestroy {
     this.updateEnvironmentInfo();
   }
 }
-
-enum ServerEnvironment {
-  US = "US",
-  EU = "EU",
-  SelfHosted = "Self-hosted",
-}
diff --git a/libs/angular/src/components/environment.component.ts b/libs/angular/src/components/environment.component.ts
index ed3e000624..6260d34c1d 100644
--- a/libs/angular/src/components/environment.component.ts
+++ b/libs/angular/src/components/environment.component.ts
@@ -1,6 +1,9 @@
 import { Directive, EventEmitter, Output } from "@angular/core";
 
-import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
+import {
+  EnvironmentService,
+  Region,
+} from "@bitwarden/common/platform/abstractions/environment.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { PlatformUtilsService } from "@bitwarden/common/platform/abstractions/platform-utils.service";
 
@@ -25,6 +28,9 @@ export class EnvironmentComponent {
     private modalService: ModalService
   ) {
     const urls = this.environmentService.getUrls();
+    if (this.environmentService.selectedRegion != Region.SelfHosted) {
+      return;
+    }
 
     this.baseUrl = urls.base || "";
     this.webVaultUrl = urls.webVault || "";
diff --git a/libs/common/src/platform/abstractions/environment.service.ts b/libs/common/src/platform/abstractions/environment.service.ts
index e4d6a55001..68327f4fd6 100644
--- a/libs/common/src/platform/abstractions/environment.service.ts
+++ b/libs/common/src/platform/abstractions/environment.service.ts
@@ -17,8 +17,17 @@ export type PayPalConfig = {
   buttonAction?: string;
 };
 
+export enum Region {
+  US = "US",
+  EU = "EU",
+  SelfHosted = "Self-hosted",
+}
+
 export abstract class EnvironmentService {
   urls: Observable<void>;
+  usUrls: Urls;
+  euUrls: Urls;
+  selectedRegion?: Region;
 
   hasBaseUrl: () => boolean;
   getNotificationsUrl: () => string;
@@ -32,8 +41,10 @@ export abstract class EnvironmentService {
   getScimUrl: () => string;
   setUrlsFromStorage: () => Promise<void>;
   setUrls: (urls: Urls) => Promise<Urls>;
+  setRegion: (region: Region) => Promise<void>;
   getUrls: () => Urls;
   isCloud: () => boolean;
+  isEmpty: () => boolean;
   /**
    * @remarks For desktop and browser use only.
    * For web, use PlatformUtilsService.isSelfHost()
diff --git a/libs/common/src/platform/abstractions/state.service.ts b/libs/common/src/platform/abstractions/state.service.ts
index a36176395d..e5b4e17fb8 100644
--- a/libs/common/src/platform/abstractions/state.service.ts
+++ b/libs/common/src/platform/abstractions/state.service.ts
@@ -263,6 +263,8 @@ export abstract class StateService<T extends Account = Account> {
   setEntityType: (value: string, options?: StorageOptions) => Promise<void>;
   getEnvironmentUrls: (options?: StorageOptions) => Promise<EnvironmentUrls>;
   setEnvironmentUrls: (value: EnvironmentUrls, options?: StorageOptions) => Promise<void>;
+  getRegion: (options?: StorageOptions) => Promise<string>;
+  setRegion: (value: string, options?: StorageOptions) => Promise<void>;
   getEquivalentDomains: (options?: StorageOptions) => Promise<string[][]>;
   setEquivalentDomains: (value: string, options?: StorageOptions) => Promise<void>;
   getEventCollection: (options?: StorageOptions) => Promise<EventData[]>;
diff --git a/libs/common/src/platform/models/domain/account.ts b/libs/common/src/platform/models/domain/account.ts
index 4295ba9133..a8cea255c1 100644
--- a/libs/common/src/platform/models/domain/account.ts
+++ b/libs/common/src/platform/models/domain/account.ts
@@ -233,6 +233,7 @@ export class AccountSettings {
   approveLoginRequests?: boolean;
   avatarColor?: string;
   activateAutoFillOnPageLoadFromPolicy?: boolean;
+  region?: string;
   smOnboardingTasks?: Record<string, Record<string, boolean>>;
 
   static fromJSON(obj: Jsonify<AccountSettings>): AccountSettings {
diff --git a/libs/common/src/platform/models/domain/global-state.ts b/libs/common/src/platform/models/domain/global-state.ts
index 13a296883b..dfe3c6c417 100644
--- a/libs/common/src/platform/models/domain/global-state.ts
+++ b/libs/common/src/platform/models/domain/global-state.ts
@@ -36,4 +36,5 @@ export class GlobalState {
   enableBrowserIntegration?: boolean;
   enableBrowserIntegrationFingerprint?: boolean;
   enableDuckDuckGoBrowserIntegration?: boolean;
+  region?: string;
 }
diff --git a/libs/common/src/platform/services/environment.service.ts b/libs/common/src/platform/services/environment.service.ts
index 02e0fcfab2..b2f62a22b1 100644
--- a/libs/common/src/platform/services/environment.service.ts
+++ b/libs/common/src/platform/services/environment.service.ts
@@ -3,6 +3,7 @@ import { concatMap, Observable, Subject } from "rxjs";
 import { EnvironmentUrls } from "../../auth/models/domain/environment-urls";
 import {
   EnvironmentService as EnvironmentServiceAbstraction,
+  Region,
   Urls,
 } from "../abstractions/environment.service";
 import { StateService } from "../abstractions/state.service";
@@ -10,6 +11,7 @@ import { StateService } from "../abstractions/state.service";
 export class EnvironmentService implements EnvironmentServiceAbstraction {
   private readonly urlsSubject = new Subject<void>();
   urls: Observable<void> = this.urlsSubject.asObservable();
+  selectedRegion?: Region;
 
   protected baseUrl: string;
   protected webVaultUrl: string;
@@ -21,6 +23,28 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
   private keyConnectorUrl: string;
   private scimUrl: string = null;
 
+  readonly usUrls: Urls = {
+    base: null,
+    api: "https://api.bitwarden.com",
+    identity: "https://identity.bitwarden.com",
+    icons: "https://icons.bitwarden.net",
+    webVault: "https://vault.bitwarden.com",
+    notifications: "https://notifications.bitwarden.com",
+    events: "https://events.bitwarden.com",
+    scim: "https://scim.bitwarden.com/v2",
+  };
+
+  readonly euUrls: Urls = {
+    base: null,
+    api: "https://api.bitwarden.eu",
+    identity: "https://identity.bitwarden.eu",
+    icons: "https://icons.bitwarden.eu",
+    webVault: "https://vault.bitwarden.eu",
+    notifications: "https://notifications.bitwarden.eu",
+    events: "https://events.bitwarden.eu",
+    scim: "https://scim.bitwarden.eu/v2",
+  };
+
   constructor(private stateService: StateService) {
     this.stateService.activeAccount$
       .pipe(
@@ -127,20 +151,42 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
   }
 
   async setUrlsFromStorage(): Promise<void> {
-    const urls: any = await this.stateService.getEnvironmentUrls();
+    const region = await this.stateService.getRegion();
+    const savedUrls = await this.stateService.getEnvironmentUrls();
     const envUrls = new EnvironmentUrls();
 
-    this.baseUrl = envUrls.base = urls.base;
-    this.webVaultUrl = urls.webVault;
-    this.apiUrl = envUrls.api = urls.api;
-    this.identityUrl = envUrls.identity = urls.identity;
-    this.iconsUrl = urls.icons;
-    this.notificationsUrl = urls.notifications;
-    this.eventsUrl = envUrls.events = urls.events;
-    this.keyConnectorUrl = urls.keyConnector;
-    // scimUrl is not saved to storage
+    // fix environment urls for old users
+    if (savedUrls.base === "https://vault.bitwarden.com") {
+      this.setRegion(Region.US);
+      return;
+    }
+    if (savedUrls.base === "https://vault.bitwarden.eu") {
+      this.setRegion(Region.EU);
+      return;
+    }
 
-    this.urlsSubject.next();
+    switch (region) {
+      case Region.EU:
+        this.setRegion(Region.EU);
+        return;
+      case Region.US:
+        this.setRegion(Region.US);
+        return;
+      case Region.SelfHosted:
+      default:
+        this.baseUrl = envUrls.base = savedUrls.base;
+        this.webVaultUrl = savedUrls.webVault;
+        this.apiUrl = envUrls.api = savedUrls.api;
+        this.identityUrl = envUrls.identity = savedUrls.identity;
+        this.iconsUrl = savedUrls.icons;
+        this.notificationsUrl = savedUrls.notifications;
+        this.eventsUrl = envUrls.events = savedUrls.events;
+        this.keyConnectorUrl = savedUrls.keyConnector;
+        // scimUrl is not saved to storage
+        this.urlsSubject.next();
+        this.setRegion(Region.SelfHosted);
+        break;
+    }
   }
 
   async setUrls(urls: Urls): Promise<Urls> {
@@ -178,6 +224,8 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
     this.keyConnectorUrl = urls.keyConnector;
     this.scimUrl = urls.scim;
 
+    await this.setRegion(Region.SelfHosted);
+
     this.urlsSubject.next();
 
     return urls;
@@ -197,6 +245,52 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
     };
   }
 
+  isEmpty(): boolean {
+    return (
+      this.baseUrl == null &&
+      this.webVaultUrl == null &&
+      this.apiUrl == null &&
+      this.identityUrl == null &&
+      this.iconsUrl == null &&
+      this.notificationsUrl == null &&
+      this.eventsUrl == null
+    );
+  }
+
+  async setRegion(region: Region) {
+    this.selectedRegion = region;
+    await this.stateService.setRegion(region);
+    switch (region) {
+      case Region.EU:
+        this.setUrlsInternal(this.euUrls);
+        break;
+      case Region.US:
+        this.setUrlsInternal(this.usUrls);
+        break;
+      case Region.SelfHosted:
+        // if user saves with empty fields, default to US
+        if (this.isEmpty()) {
+          this.setRegion(Region.US);
+        }
+        break;
+    }
+  }
+
+  private setUrlsInternal(urls: Urls) {
+    this.baseUrl = this.formatUrl(urls.base);
+    this.webVaultUrl = this.formatUrl(urls.webVault);
+    this.apiUrl = this.formatUrl(urls.api);
+    this.identityUrl = this.formatUrl(urls.identity);
+    this.iconsUrl = this.formatUrl(urls.icons);
+    this.notificationsUrl = this.formatUrl(urls.notifications);
+    this.eventsUrl = this.formatUrl(urls.events);
+    this.keyConnectorUrl = this.formatUrl(urls.keyConnector);
+
+    // scimUrl cannot be cleared
+    this.scimUrl = this.formatUrl(urls.scim) ?? this.scimUrl;
+    this.urlsSubject.next();
+  }
+
   private formatUrl(url: string): string {
     if (url == null || url === "") {
       return null;
@@ -211,9 +305,12 @@ export class EnvironmentService implements EnvironmentServiceAbstraction {
   }
 
   isCloud(): boolean {
-    return ["https://api.bitwarden.com", "https://vault.bitwarden.com/api"].includes(
-      this.getApiUrl()
-    );
+    return [
+      "https://api.bitwarden.com",
+      "https://vault.bitwarden.com/api",
+      "https://api.bitwarden.eu",
+      "https://vault.bitwarden.eu/api",
+    ].includes(this.getApiUrl());
   }
 
   isSelfHosted(): boolean {
diff --git a/libs/common/src/platform/services/state.service.ts b/libs/common/src/platform/services/state.service.ts
index 899bff14ba..dce5d76440 100644
--- a/libs/common/src/platform/services/state.service.ts
+++ b/libs/common/src/platform/services/state.service.ts
@@ -1598,6 +1598,28 @@ export class StateService<
     );
   }
 
+  async getRegion(options?: StorageOptions): Promise<string> {
+    if ((await this.state())?.activeUserId == null) {
+      options = this.reconcileOptions(options, await this.defaultOnDiskOptions());
+      return (await this.getGlobals(options)).region ?? null;
+    }
+    options = this.reconcileOptions(options, await this.defaultOnDiskOptions());
+    return (await this.getAccount(options))?.settings?.region ?? null;
+  }
+
+  async setRegion(value: string, options?: StorageOptions): Promise<void> {
+    // Global values are set on each change and the current global settings are passed to any newly authed accounts.
+    // This is to allow setting region values before an account is active, while still allowing individual accounts to have their own region.
+    const globals = await this.getGlobals(
+      this.reconcileOptions(options, await this.defaultOnDiskOptions())
+    );
+    globals.region = value;
+    await this.saveGlobals(
+      globals,
+      this.reconcileOptions(options, await this.defaultOnDiskOptions())
+    );
+  }
+
   async getEquivalentDomains(options?: StorageOptions): Promise<string[][]> {
     return (
       await this.getAccount(this.reconcileOptions(options, await this.defaultOnDiskOptions()))

From d3d17f14961445d91be9317283ac525ad48ef08a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rui=20Tom=C3=A9?=
 <108268980+r-tome@users.noreply.github.com>
Date: Fri, 16 Jun 2023 16:38:55 +0100
Subject: [PATCH 08/13] [AC-1144] Warn admins when removing or revoking users
 without master password (#5494)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* [AC-1144] Added new messages for warning removing/revoking user without master password

* [AC-1144] Added property 'hasMasterPassword' to OrganizationUserUserDetailsResponse and OrganizationUserView

* [AC-1144] Added user's name to 'No master password' warning

* [AC-1144] Added property 'hasMasterPassword' to ProviderUserResponse

* [AC-1144] Added alert to bulk "remove/revoke users" action when a selected user has no master password

* [AC-1144] Moved 'noMasterPasswordConfirmationDialog' method to BasePeopleComponent

* [AC-1144] Removed await from noMasterPasswordConfirmationDialog

* [AC-1144] Changed ApiService.getProviderUser to output ProviderUserUserDetailsResponse

* [AC-1144] Added warning on removing a provider user without master password

* [AC-1144] Added "No Master password" warning to provider users

* [AC-1144] Added "no master password" warning when removing/revoking user in modal view

* [AC-1144] Reverted changes made to ProviderUsers

* [AC-1144] Converted showNoMasterPasswordWarning() into a property

* [AC-1144] Fixed issue when opening invite member modal
---
 .../core/services/user-admin.service.ts       |  1 +
 .../views/organization-user-admin-view.ts     |  1 +
 .../core/views/organization-user.view.ts      |  1 +
 .../bulk/bulk-remove.component.html           | 15 ++++++-
 .../components/bulk/bulk-remove.component.ts  | 12 ++++-
 .../bulk/bulk-restore-revoke.component.html   | 15 ++++++-
 .../bulk/bulk-restore-revoke.component.ts     |  2 +
 .../components/bulk/bulk-status.component.ts  |  1 +
 .../member-dialog/member-dialog.component.ts  | 37 +++++++++++++++-
 .../organizations/members/people.component.ts | 44 ++++++++++++++++++-
 .../src/app/common/base.people.component.ts   |  8 +++-
 apps/web/src/locales/en/messages.json         | 18 ++++++++
 .../responses/organization-user.response.ts   |  2 +
 13 files changed, 149 insertions(+), 8 deletions(-)

diff --git a/apps/web/src/app/admin-console/organizations/core/services/user-admin.service.ts b/apps/web/src/app/admin-console/organizations/core/services/user-admin.service.ts
index 2d7635c5c6..4e83d76f7d 100644
--- a/apps/web/src/app/admin-console/organizations/core/services/user-admin.service.ts
+++ b/apps/web/src/app/admin-console/organizations/core/services/user-admin.service.ts
@@ -83,6 +83,7 @@ export class UserAdminService {
       }));
       view.groups = u.groups;
       view.accessSecretsManager = u.accessSecretsManager;
+      view.hasMasterPassword = u.hasMasterPassword;
 
       return view;
     });
diff --git a/apps/web/src/app/admin-console/organizations/core/views/organization-user-admin-view.ts b/apps/web/src/app/admin-console/organizations/core/views/organization-user-admin-view.ts
index 11bf026967..3bcb4767a8 100644
--- a/apps/web/src/app/admin-console/organizations/core/views/organization-user-admin-view.ts
+++ b/apps/web/src/app/admin-console/organizations/core/views/organization-user-admin-view.ts
@@ -16,6 +16,7 @@ export class OrganizationUserAdminView {
   accessAll: boolean;
   permissions: PermissionsApi;
   resetPasswordEnrolled: boolean;
+  hasMasterPassword: boolean;
 
   collections: CollectionAccessSelectionView[] = [];
   groups: string[] = [];
diff --git a/apps/web/src/app/admin-console/organizations/core/views/organization-user.view.ts b/apps/web/src/app/admin-console/organizations/core/views/organization-user.view.ts
index 16b3a60150..f723fcc32e 100644
--- a/apps/web/src/app/admin-console/organizations/core/views/organization-user.view.ts
+++ b/apps/web/src/app/admin-console/organizations/core/views/organization-user.view.ts
@@ -20,6 +20,7 @@ export class OrganizationUserView {
   avatarColor: string;
   twoFactorEnabled: boolean;
   usesKeyConnector: boolean;
+  hasMasterPassword: boolean;
 
   collections: CollectionAccessSelectionView[] = [];
   groups: string[] = [];
diff --git a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.html b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.html
index 65230f6c05..d2adef98ee 100644
--- a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.html
+++ b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.html
@@ -23,12 +23,16 @@
         </app-callout>
         <ng-container *ngIf="!done">
           <app-callout type="warning" *ngIf="users.length > 0 && !error">
-            {{ removeUsersWarning }}
+            <p>{{ removeUsersWarning }}</p>
+            <p *ngIf="this.showNoMasterPasswordWarning">
+              {{ "removeMembersWithoutMasterPasswordWarning" | i18n }}
+            </p>
           </app-callout>
           <table class="table table-hover table-list">
             <thead>
               <tr>
                 <th colspan="2">{{ "user" | i18n }}</th>
+                <th *ngIf="this.showNoMasterPasswordWarning">{{ "details" | i18n }}</th>
               </tr>
             </thead>
             <tr *ngFor="let user of users">
@@ -39,6 +43,15 @@
                 {{ user.email }}
                 <small class="text-muted d-block" *ngIf="user.name">{{ user.name }}</small>
               </td>
+              <td *ngIf="this.showNoMasterPasswordWarning">
+                <span class="text-muted d-block tw-lowercase">
+                  <ng-container *ngIf="user.hasMasterPassword === true"> - </ng-container>
+                  <ng-container *ngIf="user.hasMasterPassword === false">
+                    <i class="bwi bwi-exclamation-triangle" aria-hidden="true"></i>
+                    {{ "noMasterPassword" | i18n }}
+                  </ng-container>
+                </span>
+              </td>
             </tr>
           </table>
         </ng-container>
diff --git a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.ts b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.ts
index d083d0cd1e..665d245e9f 100644
--- a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-remove.component.ts
@@ -12,13 +12,23 @@ import { BulkUserDetails } from "./bulk-status.component";
 })
 export class BulkRemoveComponent {
   @Input() organizationId: string;
-  @Input() users: BulkUserDetails[];
+  @Input() set users(value: BulkUserDetails[]) {
+    this._users = value;
+    this.showNoMasterPasswordWarning = this._users.some((u) => u.hasMasterPassword === false);
+  }
+
+  get users(): BulkUserDetails[] {
+    return this._users;
+  }
+
+  private _users: BulkUserDetails[];
 
   statuses: Map<string, string> = new Map();
 
   loading = false;
   done = false;
   error: string;
+  showNoMasterPasswordWarning = false;
 
   constructor(
     protected apiService: ApiService,
diff --git a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.html b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.html
index 9d29121037..db8af13ed2 100644
--- a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.html
+++ b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.html
@@ -23,12 +23,16 @@
         </app-callout>
         <ng-container *ngIf="!done">
           <app-callout type="warning" *ngIf="users.length > 0 && !error && isRevoking">
-            {{ "revokeUsersWarning" | i18n }}
+            <p>{{ "revokeUsersWarning" | i18n }}</p>
+            <p *ngIf="this.showNoMasterPasswordWarning">
+              {{ "removeMembersWithoutMasterPasswordWarning" | i18n }}
+            </p>
           </app-callout>
           <table class="table table-hover table-list">
             <thead>
               <tr>
                 <th colspan="2">{{ "user" | i18n }}</th>
+                <th *ngIf="this.showNoMasterPasswordWarning">{{ "details" | i18n }}</th>
               </tr>
             </thead>
             <tr *ngFor="let user of users">
@@ -39,6 +43,15 @@
                 {{ user.email }}
                 <small class="text-muted d-block" *ngIf="user.name">{{ user.name }}</small>
               </td>
+              <td *ngIf="this.showNoMasterPasswordWarning">
+                <span class="text-muted d-block tw-lowercase">
+                  <ng-container *ngIf="user.hasMasterPassword === true"> - </ng-container>
+                  <ng-container *ngIf="user.hasMasterPassword === false">
+                    <i class="bwi bwi-exclamation-triangle" aria-hidden="true"></i>
+                    {{ "noMasterPassword" | i18n }}
+                  </ng-container>
+                </span>
+              </td>
             </tr>
           </table>
         </ng-container>
diff --git a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.ts b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.ts
index 82f3a4d7e3..8005efcb8d 100644
--- a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-restore-revoke.component.ts
@@ -20,6 +20,7 @@ export class BulkRestoreRevokeComponent {
   loading = false;
   done = false;
   error: string;
+  showNoMasterPasswordWarning = false;
 
   constructor(
     protected i18nService: I18nService,
@@ -29,6 +30,7 @@ export class BulkRestoreRevokeComponent {
     this.isRevoking = config.data.isRevoking;
     this.organizationId = config.data.organizationId;
     this.users = config.data.users;
+    this.showNoMasterPasswordWarning = this.users.some((u) => u.hasMasterPassword === false);
   }
 
   get bulkTitle() {
diff --git a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-status.component.ts b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-status.component.ts
index f2920c398b..ff0a0903df 100644
--- a/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-status.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/components/bulk/bulk-status.component.ts
@@ -10,6 +10,7 @@ export interface BulkUserDetails {
   name: string;
   email: string;
   status: OrganizationUserStatusType | ProviderUserStatusType;
+  hasMasterPassword?: boolean;
 }
 
 type BulkStatusEntry = {
diff --git a/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
index 5a707b795f..91d0fc97e6 100644
--- a/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
@@ -72,6 +72,7 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
   canUseCustomPermissions: boolean;
   PermissionMode = PermissionMode;
   canUseSecretsManager: boolean;
+  showNoMasterPasswordWarning = false;
 
   protected organization: Organization;
   protected collectionAccessItems: AccessItemView[] = [];
@@ -179,6 +180,9 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
             throw new Error("Could not find user to edit.");
           }
           this.isRevoked = userDetails.status === OrganizationUserStatusType.Revoked;
+          this.showNoMasterPasswordWarning =
+            userDetails.status > OrganizationUserStatusType.Invited &&
+            userDetails.hasMasterPassword === false;
           const assignedCollectionsPermissions = {
             editAssignedCollections: userDetails.permissions.editAssignedCollections,
             deleteAssignedCollections: userDetails.permissions.deleteAssignedCollections,
@@ -366,7 +370,7 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
       ? "removeUserConfirmationKeyConnector"
       : "removeOrgUserConfirmation";
 
-    const confirmed = await this.dialogService.openSimpleDialog({
+    let confirmed = await this.dialogService.openSimpleDialog({
       title: { key: "removeUserIdAccess", placeholders: [this.params.name] },
       content: { key: message },
       type: SimpleDialogType.WARNING,
@@ -376,6 +380,14 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
       return false;
     }
 
+    if (this.showNoMasterPasswordWarning) {
+      confirmed = await this.noMasterPasswordConfirmationDialog();
+
+      if (!confirmed) {
+        return false;
+      }
+    }
+
     await this.organizationUserService.deleteOrganizationUser(
       this.params.organizationId,
       this.params.organizationUserId
@@ -394,7 +406,7 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
       return;
     }
 
-    const confirmed = await this.dialogService.openSimpleDialog({
+    let confirmed = await this.dialogService.openSimpleDialog({
       title: { key: "revokeUserId", placeholders: [this.params.name] },
       content: { key: "revokeUserConfirmation" },
       acceptButtonText: { key: "revokeAccess" },
@@ -405,6 +417,14 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
       return false;
     }
 
+    if (this.showNoMasterPasswordWarning) {
+      confirmed = await this.noMasterPasswordConfirmationDialog();
+
+      if (!confirmed) {
+        return false;
+      }
+    }
+
     await this.organizationUserService.revokeOrganizationUser(
       this.params.organizationId,
       this.params.organizationUserId
@@ -450,6 +470,19 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
   private close(result: MemberDialogResult) {
     this.dialogRef.close(result);
   }
+
+  private noMasterPasswordConfirmationDialog() {
+    return this.dialogService.openSimpleDialog({
+      title: {
+        key: "removeOrgUserNoMasterPasswordTitle",
+      },
+      content: {
+        key: "removeOrgUserNoMasterPasswordDesc",
+        placeholders: [this.params.name],
+      },
+      type: SimpleDialogType.WARNING,
+    });
+  }
 }
 
 function mapCollectionToAccessItemView(
diff --git a/apps/web/src/app/admin-console/organizations/members/people.component.ts b/apps/web/src/app/admin-console/organizations/members/people.component.ts
index 64b7f2c20c..58a02274f8 100644
--- a/apps/web/src/app/admin-console/organizations/members/people.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/people.component.ts
@@ -546,7 +546,7 @@ export class PeopleComponent
       ? "removeUserConfirmationKeyConnector"
       : "removeOrgUserConfirmation";
 
-    return await this.dialogService.openSimpleDialog({
+    const confirmed = await this.dialogService.openSimpleDialog({
       title: {
         key: "removeUserIdAccess",
         placeholders: [this.userNamePipe.transform(user)],
@@ -554,6 +554,35 @@ export class PeopleComponent
       content: { key: content },
       type: SimpleDialogType.WARNING,
     });
+
+    if (!confirmed) {
+      return false;
+    }
+
+    if (user.status > OrganizationUserStatusType.Invited && user.hasMasterPassword === false) {
+      return await this.noMasterPasswordConfirmationDialog(user);
+    }
+
+    return true;
+  }
+
+  protected async revokeUserConfirmationDialog(user: OrganizationUserView) {
+    const confirmed = await this.dialogService.openSimpleDialog({
+      title: { key: "revokeAccess", placeholders: [this.userNamePipe.transform(user)] },
+      content: this.revokeWarningMessage(),
+      acceptButtonText: { key: "revokeAccess" },
+      type: SimpleDialogType.WARNING,
+    });
+
+    if (!confirmed) {
+      return false;
+    }
+
+    if (user.status > OrganizationUserStatusType.Invited && user.hasMasterPassword === false) {
+      return await this.noMasterPasswordConfirmationDialog(user);
+    }
+
+    return true;
   }
 
   private async showBulkStatus(
@@ -608,4 +637,17 @@ export class PeopleComponent
       modal.close();
     }
   }
+
+  private async noMasterPasswordConfirmationDialog(user: OrganizationUserView) {
+    return this.dialogService.openSimpleDialog({
+      title: {
+        key: "removeOrgUserNoMasterPasswordTitle",
+      },
+      content: {
+        key: "removeOrgUserNoMasterPasswordDesc",
+        placeholders: [this.userNamePipe.transform(user)],
+      },
+      type: SimpleDialogType.WARNING,
+    });
+  }
 }
diff --git a/apps/web/src/app/common/base.people.component.ts b/apps/web/src/app/common/base.people.component.ts
index 200e0e762b..d6044bc9ef 100644
--- a/apps/web/src/app/common/base.people.component.ts
+++ b/apps/web/src/app/common/base.people.component.ts
@@ -247,13 +247,17 @@ export abstract class BasePeopleComponent<
     this.actionPromise = null;
   }
 
-  async revoke(user: UserType) {
-    const confirmed = await this.dialogService.openSimpleDialog({
+  protected async revokeUserConfirmationDialog(user: UserType) {
+    return this.dialogService.openSimpleDialog({
       title: { key: "revokeAccess", placeholders: [this.userNamePipe.transform(user)] },
       content: this.revokeWarningMessage(),
       acceptButtonText: { key: "revokeAccess" },
       type: SimpleDialogType.WARNING,
     });
+  }
+
+  async revoke(user: UserType) {
+    const confirmed = await this.revokeUserConfirmationDialog(user);
 
     if (!confirmed) {
       return false;
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index 4e08fa65ba..f80bccdf60 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -6884,5 +6884,23 @@
   },
   "loginRequestApproved": {
     "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/libs/common/src/abstractions/organization-user/responses/organization-user.response.ts b/libs/common/src/abstractions/organization-user/responses/organization-user.response.ts
index b5af4253c5..973049968a 100644
--- a/libs/common/src/abstractions/organization-user/responses/organization-user.response.ts
+++ b/libs/common/src/abstractions/organization-user/responses/organization-user.response.ts
@@ -14,6 +14,7 @@ export class OrganizationUserResponse extends BaseResponse {
   accessSecretsManager: boolean;
   permissions: PermissionsApi;
   resetPasswordEnrolled: boolean;
+  hasMasterPassword: boolean;
   collections: SelectionReadOnlyResponse[] = [];
   groups: string[] = [];
 
@@ -28,6 +29,7 @@ export class OrganizationUserResponse extends BaseResponse {
     this.accessAll = this.getResponseProperty("AccessAll");
     this.accessSecretsManager = this.getResponseProperty("AccessSecretsManager");
     this.resetPasswordEnrolled = this.getResponseProperty("ResetPasswordEnrolled");
+    this.hasMasterPassword = this.getResponseProperty("HasMasterPassword");
 
     const collections = this.getResponseProperty("Collections");
     if (collections != null) {

From 30bb88006224d0821a64b9ac376c6fab6aa1549d Mon Sep 17 00:00:00 2001
From: Thomas Rittson <31796059+eliykat@users.noreply.github.com>
Date: Mon, 19 Jun 2023 15:42:15 +1000
Subject: [PATCH 09/13] Move desktop vault filters to vault team (#5574)

---
 .../vault-filter/filters}/collection-filter.component.html   | 0
 .../vault-filter/filters}/collection-filter.component.ts     | 0
 .../vault-filter/filters}/organization-filter.component.html | 0
 .../vault-filter/filters}/organization-filter.component.ts   | 0
 .../src/vault/app/vault/vault-filter/vault-filter.module.ts  | 5 ++---
 5 files changed, 2 insertions(+), 3 deletions(-)
 rename apps/desktop/src/{admin-console/vault-filters => vault/app/vault/vault-filter/filters}/collection-filter.component.html (100%)
 rename apps/desktop/src/{admin-console/vault-filters => vault/app/vault/vault-filter/filters}/collection-filter.component.ts (100%)
 rename apps/desktop/src/{admin-console/vault-filters => vault/app/vault/vault-filter/filters}/organization-filter.component.html (100%)
 rename apps/desktop/src/{admin-console/vault-filters => vault/app/vault/vault-filter/filters}/organization-filter.component.ts (100%)

diff --git a/apps/desktop/src/admin-console/vault-filters/collection-filter.component.html b/apps/desktop/src/vault/app/vault/vault-filter/filters/collection-filter.component.html
similarity index 100%
rename from apps/desktop/src/admin-console/vault-filters/collection-filter.component.html
rename to apps/desktop/src/vault/app/vault/vault-filter/filters/collection-filter.component.html
diff --git a/apps/desktop/src/admin-console/vault-filters/collection-filter.component.ts b/apps/desktop/src/vault/app/vault/vault-filter/filters/collection-filter.component.ts
similarity index 100%
rename from apps/desktop/src/admin-console/vault-filters/collection-filter.component.ts
rename to apps/desktop/src/vault/app/vault/vault-filter/filters/collection-filter.component.ts
diff --git a/apps/desktop/src/admin-console/vault-filters/organization-filter.component.html b/apps/desktop/src/vault/app/vault/vault-filter/filters/organization-filter.component.html
similarity index 100%
rename from apps/desktop/src/admin-console/vault-filters/organization-filter.component.html
rename to apps/desktop/src/vault/app/vault/vault-filter/filters/organization-filter.component.html
diff --git a/apps/desktop/src/admin-console/vault-filters/organization-filter.component.ts b/apps/desktop/src/vault/app/vault/vault-filter/filters/organization-filter.component.ts
similarity index 100%
rename from apps/desktop/src/admin-console/vault-filters/organization-filter.component.ts
rename to apps/desktop/src/vault/app/vault/vault-filter/filters/organization-filter.component.ts
diff --git a/apps/desktop/src/vault/app/vault/vault-filter/vault-filter.module.ts b/apps/desktop/src/vault/app/vault/vault-filter/vault-filter.module.ts
index ca7fab0f9c..fb6706bef1 100644
--- a/apps/desktop/src/vault/app/vault/vault-filter/vault-filter.module.ts
+++ b/apps/desktop/src/vault/app/vault/vault-filter/vault-filter.module.ts
@@ -5,10 +5,9 @@ import { JslibModule } from "@bitwarden/angular/jslib.module";
 import { DeprecatedVaultFilterService as DeprecatedVaultFilterServiceAbstraction } from "@bitwarden/angular/vault/abstractions/deprecated-vault-filter.service";
 import { VaultFilterService } from "@bitwarden/angular/vault/vault-filter/services/vault-filter.service";
 
-import { CollectionFilterComponent } from "../../../../admin-console/vault-filters/collection-filter.component";
-import { OrganizationFilterComponent } from "../../../../admin-console/vault-filters/organization-filter.component";
-
+import { CollectionFilterComponent } from "./filters/collection-filter.component";
 import { FolderFilterComponent } from "./filters/folder-filter.component";
+import { OrganizationFilterComponent } from "./filters/organization-filter.component";
 import { StatusFilterComponent } from "./filters/status-filter.component";
 import { TypeFilterComponent } from "./filters/type-filter.component";
 import { VaultFilterComponent } from "./vault-filter.component";

From d0f66365c9f1dbed6e974114281e1feb165ae24e Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 19 Jun 2023 09:04:25 +0000
Subject: [PATCH 10/13] Autosync the updated translations (#5626)

Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
---
 apps/desktop/src/locales/af/messages.json    |   3 +
 apps/desktop/src/locales/ar/messages.json    |   3 +
 apps/desktop/src/locales/az/messages.json    |   3 +
 apps/desktop/src/locales/be/messages.json    |   3 +
 apps/desktop/src/locales/bg/messages.json    |   3 +
 apps/desktop/src/locales/bn/messages.json    |   3 +
 apps/desktop/src/locales/bs/messages.json    |   3 +
 apps/desktop/src/locales/ca/messages.json    |   3 +
 apps/desktop/src/locales/cs/messages.json    |   3 +
 apps/desktop/src/locales/cy/messages.json    |   3 +
 apps/desktop/src/locales/da/messages.json    |   3 +
 apps/desktop/src/locales/de/messages.json    |   3 +
 apps/desktop/src/locales/el/messages.json    |   3 +
 apps/desktop/src/locales/en_GB/messages.json |   3 +
 apps/desktop/src/locales/en_IN/messages.json |   3 +
 apps/desktop/src/locales/eo/messages.json    |   3 +
 apps/desktop/src/locales/es/messages.json    |   3 +
 apps/desktop/src/locales/et/messages.json    |   3 +
 apps/desktop/src/locales/eu/messages.json    |   3 +
 apps/desktop/src/locales/fa/messages.json    |   3 +
 apps/desktop/src/locales/fi/messages.json    |   9 +-
 apps/desktop/src/locales/fil/messages.json   |   3 +
 apps/desktop/src/locales/fr/messages.json    |  31 ++-
 apps/desktop/src/locales/gl/messages.json    |   3 +
 apps/desktop/src/locales/he/messages.json    |   3 +
 apps/desktop/src/locales/hi/messages.json    |   3 +
 apps/desktop/src/locales/hr/messages.json    |   3 +
 apps/desktop/src/locales/hu/messages.json    |   3 +
 apps/desktop/src/locales/id/messages.json    |   3 +
 apps/desktop/src/locales/it/messages.json    |   3 +
 apps/desktop/src/locales/ja/messages.json    |   3 +
 apps/desktop/src/locales/ka/messages.json    |   3 +
 apps/desktop/src/locales/km/messages.json    |   3 +
 apps/desktop/src/locales/kn/messages.json    |   3 +
 apps/desktop/src/locales/ko/messages.json    |   3 +
 apps/desktop/src/locales/lv/messages.json    |   3 +
 apps/desktop/src/locales/me/messages.json    |   3 +
 apps/desktop/src/locales/ml/messages.json    |   3 +
 apps/desktop/src/locales/my/messages.json    |   3 +
 apps/desktop/src/locales/nb/messages.json    |   3 +
 apps/desktop/src/locales/ne/messages.json    |   3 +
 apps/desktop/src/locales/nl/messages.json    |   3 +
 apps/desktop/src/locales/nn/messages.json    |   3 +
 apps/desktop/src/locales/or/messages.json    |   3 +
 apps/desktop/src/locales/pl/messages.json    |   3 +
 apps/desktop/src/locales/pt_BR/messages.json |   3 +
 apps/desktop/src/locales/pt_PT/messages.json | 255 ++++++++++---------
 apps/desktop/src/locales/ro/messages.json    |   3 +
 apps/desktop/src/locales/ru/messages.json    |   3 +
 apps/desktop/src/locales/si/messages.json    |   3 +
 apps/desktop/src/locales/sk/messages.json    |   3 +
 apps/desktop/src/locales/sl/messages.json    |   3 +
 apps/desktop/src/locales/sr/messages.json    |   3 +
 apps/desktop/src/locales/sv/messages.json    |   3 +
 apps/desktop/src/locales/te/messages.json    |   3 +
 apps/desktop/src/locales/th/messages.json    |   3 +
 apps/desktop/src/locales/tr/messages.json    |   3 +
 apps/desktop/src/locales/uk/messages.json    |   3 +
 apps/desktop/src/locales/vi/messages.json    |   3 +
 apps/desktop/src/locales/zh_CN/messages.json |   7 +-
 apps/desktop/src/locales/zh_TW/messages.json |   3 +
 61 files changed, 328 insertions(+), 145 deletions(-)

diff --git a/apps/desktop/src/locales/af/messages.json b/apps/desktop/src/locales/af/messages.json
index 237c0fcb09..bebd26b018 100644
--- a/apps/desktop/src/locales/af/messages.json
+++ b/apps/desktop/src/locales/af/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Selghehuisves"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/ar/messages.json b/apps/desktop/src/locales/ar/messages.json
index e4ff6a202b..9012f6ee1f 100644
--- a/apps/desktop/src/locales/ar/messages.json
+++ b/apps/desktop/src/locales/ar/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "استضافة ذاتية"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/az/messages.json b/apps/desktop/src/locales/az/messages.json
index e409110b05..965db4209d 100644
--- a/apps/desktop/src/locales/az/messages.json
+++ b/apps/desktop/src/locales/az/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Öz-özünə sahiblik edən"
+  },
+  "accessDenied": {
+    "message": "Müraciət rədd edildi. Bu səhifəyə baxmaq üçün icazəniz yoxdur."
   }
 }
diff --git a/apps/desktop/src/locales/be/messages.json b/apps/desktop/src/locales/be/messages.json
index 3d4d822168..1075fbe6da 100644
--- a/apps/desktop/src/locales/be/messages.json
+++ b/apps/desktop/src/locales/be/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Уласнае размяшчэнне"
+  },
+  "accessDenied": {
+    "message": "Доступ забаронены. У вас не дастаткова правоў для прагляду гэтай старонкі."
   }
 }
diff --git a/apps/desktop/src/locales/bg/messages.json b/apps/desktop/src/locales/bg/messages.json
index 4c89371192..95231adb19 100644
--- a/apps/desktop/src/locales/bg/messages.json
+++ b/apps/desktop/src/locales/bg/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Собствен хостинг"
+  },
+  "accessDenied": {
+    "message": "Достъпът е отказан. Нямате право за преглед на тази страница."
   }
 }
diff --git a/apps/desktop/src/locales/bn/messages.json b/apps/desktop/src/locales/bn/messages.json
index f6972836d9..93d0c27394 100644
--- a/apps/desktop/src/locales/bn/messages.json
+++ b/apps/desktop/src/locales/bn/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/bs/messages.json b/apps/desktop/src/locales/bs/messages.json
index e5cc399e20..eabfc7f806 100644
--- a/apps/desktop/src/locales/bs/messages.json
+++ b/apps/desktop/src/locales/bs/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/ca/messages.json b/apps/desktop/src/locales/ca/messages.json
index 83731a76f6..5429a271a2 100644
--- a/apps/desktop/src/locales/ca/messages.json
+++ b/apps/desktop/src/locales/ca/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Autoallotjat"
+  },
+  "accessDenied": {
+    "message": "Accés denegat. No teniu permís per veure aquesta pàgina."
   }
 }
diff --git a/apps/desktop/src/locales/cs/messages.json b/apps/desktop/src/locales/cs/messages.json
index e35a5d78d2..d09e9809aa 100644
--- a/apps/desktop/src/locales/cs/messages.json
+++ b/apps/desktop/src/locales/cs/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Vlastní hosting"
+  },
+  "accessDenied": {
+    "message": "Přístup byl odepřen. Nemáte oprávnění k zobrazení této stránky."
   }
 }
diff --git a/apps/desktop/src/locales/cy/messages.json b/apps/desktop/src/locales/cy/messages.json
index fbc7635f3b..ed828fa225 100644
--- a/apps/desktop/src/locales/cy/messages.json
+++ b/apps/desktop/src/locales/cy/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/da/messages.json b/apps/desktop/src/locales/da/messages.json
index 6d915a97ab..fda5cea145 100644
--- a/apps/desktop/src/locales/da/messages.json
+++ b/apps/desktop/src/locales/da/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Selv-hostet"
+  },
+  "accessDenied": {
+    "message": "Adgang nægtet. Nødvendig tilladelse til at se siden mangler."
   }
 }
diff --git a/apps/desktop/src/locales/de/messages.json b/apps/desktop/src/locales/de/messages.json
index a757de46dc..6a521490b7 100644
--- a/apps/desktop/src/locales/de/messages.json
+++ b/apps/desktop/src/locales/de/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Selbst gehostet"
+  },
+  "accessDenied": {
+    "message": "Zugriff verweigert. Du hast keine Berechtigung, diese Seite anzuzeigen."
   }
 }
diff --git a/apps/desktop/src/locales/el/messages.json b/apps/desktop/src/locales/el/messages.json
index 9e59ee81fe..d6c8d1e50c 100644
--- a/apps/desktop/src/locales/el/messages.json
+++ b/apps/desktop/src/locales/el/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/en_GB/messages.json b/apps/desktop/src/locales/en_GB/messages.json
index fd9426f642..6a679b1041 100644
--- a/apps/desktop/src/locales/en_GB/messages.json
+++ b/apps/desktop/src/locales/en_GB/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/en_IN/messages.json b/apps/desktop/src/locales/en_IN/messages.json
index f3ee40a6dd..637e752218 100644
--- a/apps/desktop/src/locales/en_IN/messages.json
+++ b/apps/desktop/src/locales/en_IN/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/eo/messages.json b/apps/desktop/src/locales/eo/messages.json
index bb86246b2d..b230e75302 100644
--- a/apps/desktop/src/locales/eo/messages.json
+++ b/apps/desktop/src/locales/eo/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/es/messages.json b/apps/desktop/src/locales/es/messages.json
index e8b8fa0b04..c86bde31e8 100644
--- a/apps/desktop/src/locales/es/messages.json
+++ b/apps/desktop/src/locales/es/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Autoalojado"
+  },
+  "accessDenied": {
+    "message": "Acceso denegado. No tiene permiso para ver esta página."
   }
 }
diff --git a/apps/desktop/src/locales/et/messages.json b/apps/desktop/src/locales/et/messages.json
index 6f05a3f625..c2757bab62 100644
--- a/apps/desktop/src/locales/et/messages.json
+++ b/apps/desktop/src/locales/et/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/eu/messages.json b/apps/desktop/src/locales/eu/messages.json
index 5e1323a74c..b308429cec 100644
--- a/apps/desktop/src/locales/eu/messages.json
+++ b/apps/desktop/src/locales/eu/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/fa/messages.json b/apps/desktop/src/locales/fa/messages.json
index 220b53cda5..c788c14451 100644
--- a/apps/desktop/src/locales/fa/messages.json
+++ b/apps/desktop/src/locales/fa/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/fi/messages.json b/apps/desktop/src/locales/fi/messages.json
index 7287c306da..96b7282f13 100644
--- a/apps/desktop/src/locales/fi/messages.json
+++ b/apps/desktop/src/locales/fi/messages.json
@@ -962,7 +962,7 @@
     "message": "Käynnistä automaattisesti kirjauduttaessa"
   },
   "openAtLoginDesc": {
-    "message": "Käynnistä Bitwardenin työpöytäsovellus automaattisesti kirjautumisen yhteydessä."
+    "message": "Käynnistä sovellus automaattisesti kirjautumisen yhteydessä."
   },
   "alwaysShowDock": {
     "message": "Näytä aina Dockissa"
@@ -1393,7 +1393,7 @@
     "message": "Avaa Windows Hellolla"
   },
   "additionalWindowsHelloSettings": {
-    "message": "Windows Hello -lisäasetukset"
+    "message": "Windows Hello -lisäasetukset."
   },
   "windowsHelloConsentMessage": {
     "message": "Vahvista Bitwarden."
@@ -1624,7 +1624,7 @@
     "message": "Vaadi selainintegraation vahvistus"
   },
   "enableBrowserIntegrationFingerprintDesc": {
-    "message": "Käytä ylimääräistä tietoturvakerrosta ja edellytä työpöytäsovelluksen ja selainlaajennuksen liitoksen todennus tunnistelausekkeella. Tämä vaatii aina yhteyden muodostuessa vahvistuksen käyttäjältä."
+    "message": "Paranna tietoturvaa vaatimalla työpöytäsovelluksen ja selainlaajennuksen kytköksen todennus tunnistelausekkeella. Tämä vaatii aina yhteyden muodostuessa vahvistuksen käyttäjältä."
   },
   "approve": {
     "message": "Salli"
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Itse ylläpidetty"
+  },
+  "accessDenied": {
+    "message": "Pääsy estetty. Sinulla ei ole oikeutta avata sivua."
   }
 }
diff --git a/apps/desktop/src/locales/fil/messages.json b/apps/desktop/src/locales/fil/messages.json
index 9613f221e9..590d96aeb8 100644
--- a/apps/desktop/src/locales/fil/messages.json
+++ b/apps/desktop/src/locales/fil/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/fr/messages.json b/apps/desktop/src/locales/fr/messages.json
index 0fe9681d2d..15c54705fa 100644
--- a/apps/desktop/src/locales/fr/messages.json
+++ b/apps/desktop/src/locales/fr/messages.json
@@ -129,7 +129,7 @@
     "message": "Réduire l'application lors de la copie des données d'un élément dans le presse-papiers."
   },
   "toggleVisibility": {
-    "message": "Afficher/Masquer"
+    "message": "Afficher/masquer la visibilité"
   },
   "toggleCollapse": {
     "message": "Déplier ou replier",
@@ -151,7 +151,7 @@
     "message": "Code de sécurité"
   },
   "identityName": {
-    "message": "identityName"
+    "message": "Nom d'identité"
   },
   "company": {
     "message": "Société"
@@ -269,7 +269,7 @@
     "message": "Deuxième prénom"
   },
   "lastName": {
-    "message": "Nom"
+    "message": "Nom de famille"
   },
   "fullName": {
     "message": "Nom complet"
@@ -352,7 +352,7 @@
     "message": "Élément ajouté"
   },
   "editedItem": {
-    "message": "Élément modifié"
+    "message": "Élément enregistré"
   },
   "deleteItem": {
     "message": "Supprimer l'élément"
@@ -367,7 +367,7 @@
     "message": "Êtes-vous sûr de vouloir envoyer cet élément vers la corbeille ?"
   },
   "deletedItem": {
-    "message": "L'élément a été envoyé à la corbeille"
+    "message": "Élément envoyé à la corbeille"
   },
   "overwritePasswordConfirmation": {
     "message": "Êtes-vous sûr de vouloir écraser le mot de passe actuel ?"
@@ -379,7 +379,7 @@
     "message": "Êtes-vous sûr de vouloir remplacer le mot de passe actuel ?"
   },
   "noneFolder": {
-    "message": "Pas de dossier",
+    "message": "Aucun dossier",
     "description": "This is the folder for uncategorized items"
   },
   "addFolder": {
@@ -464,7 +464,7 @@
     "message": "Êtes-vous sûr de vouloir supprimer cette pièce jointe ?"
   },
   "attachmentSaved": {
-    "message": "La pièce jointe a été enregistrée."
+    "message": "Pièce jointe enregistrée"
   },
   "file": {
     "message": "Fichier"
@@ -479,7 +479,7 @@
     "message": "Vous ne pouvez pas utiliser cette fonctionnalité tant que vous ne mettez pas à jour votre clé de chiffrement."
   },
   "editedFolder": {
-    "message": "Dossier modifié"
+    "message": "Dossier enregistré"
   },
   "addedFolder": {
     "message": "Dossier ajouté"
@@ -497,7 +497,7 @@
     "message": "Créer un compte"
   },
   "logIn": {
-    "message": "S'identifier"
+    "message": "Se connecter"
   },
   "submit": {
     "message": "Soumettre"
@@ -1269,7 +1269,7 @@
     "description": "Text for a button that toggles the visibility of the window. Shows the window when it is hidden or hides the window if it is currently open."
   },
   "hideToTray": {
-    "message": "Masquer"
+    "message": "Masquer dans la barre des tâches"
   },
   "alwaysOnTop": {
     "message": "Toujours au premier plan",
@@ -1472,10 +1472,10 @@
     "message": "Politique de confidentialité"
   },
   "unsavedChangesConfirmation": {
-    "message": "Êtes-vous sûr de vouloir quitter ? Si vous le faites maintenant, vos informations actuelles ne seront pas sauvegardées."
+    "message": "Êtes-vous sûr de vouloir quitter ? Si vous quittez maintenant, vos informations actuelles ne seront pas enregistrées."
   },
   "unsavedChangesTitle": {
-    "message": "Il y a des modifications non enregistrées"
+    "message": "Modifications non enregistrées"
   },
   "clone": {
     "message": "Cloner"
@@ -1490,7 +1490,7 @@
     "message": "Un mot de passe principal ou une autre méthode de déverrouillage est nécessaire pour accéder à nouveau à votre coffre."
   },
   "vaultTimeoutActionLogOutDesc": {
-    "message": "Un coffre déconnecté nécessite que vous vous ré-authentifiez pour y accéder de nouveau."
+    "message": "Une nouvelle authentification est requise pour accéder à nouveau à votre coffre."
   },
   "lock": {
     "message": "Verrouiller",
@@ -1528,7 +1528,7 @@
     "message": "La déconnexion supprimera tout accès à votre coffre et nécessitera une authentification en ligne après la période d'expiration. Êtes-vous sûr de vouloir utiliser ce paramètre ?"
   },
   "vaultTimeoutLogOutConfirmationTitle": {
-    "message": "Confirmation de l'action lors de l'expiration du délai"
+    "message": "Confirmation de l'action après délai d'expiration"
   },
   "enterpriseSingleSignOn": {
     "message": "Portail de connexion unique d'entreprise"
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Auto-hébergé"
+  },
+  "accessDenied": {
+    "message": "Accès refusé. Vous n'avez pas l'autorisation de voir cette page."
   }
 }
diff --git a/apps/desktop/src/locales/gl/messages.json b/apps/desktop/src/locales/gl/messages.json
index fbc7635f3b..ed828fa225 100644
--- a/apps/desktop/src/locales/gl/messages.json
+++ b/apps/desktop/src/locales/gl/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/he/messages.json b/apps/desktop/src/locales/he/messages.json
index 2cc3461e8a..39701c9fc0 100644
--- a/apps/desktop/src/locales/he/messages.json
+++ b/apps/desktop/src/locales/he/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/hi/messages.json b/apps/desktop/src/locales/hi/messages.json
index 2324d20019..1b1a8a1b8e 100644
--- a/apps/desktop/src/locales/hi/messages.json
+++ b/apps/desktop/src/locales/hi/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/hr/messages.json b/apps/desktop/src/locales/hr/messages.json
index dcf0ae8534..23b4bebbab 100644
--- a/apps/desktop/src/locales/hr/messages.json
+++ b/apps/desktop/src/locales/hr/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/hu/messages.json b/apps/desktop/src/locales/hu/messages.json
index 4016a73db9..b1897f6e4b 100644
--- a/apps/desktop/src/locales/hu/messages.json
+++ b/apps/desktop/src/locales/hu/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Saját kiszolgáló"
+  },
+  "accessDenied": {
+    "message": "A hozzáférés megtagadásra került. Nincs jogosultság az oldal megtekintésére."
   }
 }
diff --git a/apps/desktop/src/locales/id/messages.json b/apps/desktop/src/locales/id/messages.json
index 437838521a..c4a8b77566 100644
--- a/apps/desktop/src/locales/id/messages.json
+++ b/apps/desktop/src/locales/id/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/it/messages.json b/apps/desktop/src/locales/it/messages.json
index 90580d12aa..fbbcb2f08c 100644
--- a/apps/desktop/src/locales/it/messages.json
+++ b/apps/desktop/src/locales/it/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Accesso negato. Non hai i permessi necessari per visualizzare questa pagina."
   }
 }
diff --git a/apps/desktop/src/locales/ja/messages.json b/apps/desktop/src/locales/ja/messages.json
index d1f1235067..6e89627a5e 100644
--- a/apps/desktop/src/locales/ja/messages.json
+++ b/apps/desktop/src/locales/ja/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "自己ホスト型"
+  },
+  "accessDenied": {
+    "message": "アクセスが拒否されました。このページを表示する権限がありません。"
   }
 }
diff --git a/apps/desktop/src/locales/ka/messages.json b/apps/desktop/src/locales/ka/messages.json
index fbc7635f3b..ed828fa225 100644
--- a/apps/desktop/src/locales/ka/messages.json
+++ b/apps/desktop/src/locales/ka/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/km/messages.json b/apps/desktop/src/locales/km/messages.json
index fbc7635f3b..ed828fa225 100644
--- a/apps/desktop/src/locales/km/messages.json
+++ b/apps/desktop/src/locales/km/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/kn/messages.json b/apps/desktop/src/locales/kn/messages.json
index 2f1870a2b4..0d1ea3265a 100644
--- a/apps/desktop/src/locales/kn/messages.json
+++ b/apps/desktop/src/locales/kn/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/ko/messages.json b/apps/desktop/src/locales/ko/messages.json
index b5b4f69d78..2699d1797d 100644
--- a/apps/desktop/src/locales/ko/messages.json
+++ b/apps/desktop/src/locales/ko/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/lv/messages.json b/apps/desktop/src/locales/lv/messages.json
index 705aa4ba5c..17cbb79f5e 100644
--- a/apps/desktop/src/locales/lv/messages.json
+++ b/apps/desktop/src/locales/lv/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Pašizvietots"
+  },
+  "accessDenied": {
+    "message": "Piekļuve liegta. Nav nepieciešamo atļauju, lai skatītu šo lapu."
   }
 }
diff --git a/apps/desktop/src/locales/me/messages.json b/apps/desktop/src/locales/me/messages.json
index c6555d2e8d..98bb03ef7d 100644
--- a/apps/desktop/src/locales/me/messages.json
+++ b/apps/desktop/src/locales/me/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/ml/messages.json b/apps/desktop/src/locales/ml/messages.json
index 104d697f53..1829212999 100644
--- a/apps/desktop/src/locales/ml/messages.json
+++ b/apps/desktop/src/locales/ml/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/my/messages.json b/apps/desktop/src/locales/my/messages.json
index 545c17156b..ceeb67d0f7 100644
--- a/apps/desktop/src/locales/my/messages.json
+++ b/apps/desktop/src/locales/my/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/nb/messages.json b/apps/desktop/src/locales/nb/messages.json
index b431e2a14e..9123788514 100644
--- a/apps/desktop/src/locales/nb/messages.json
+++ b/apps/desktop/src/locales/nb/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/ne/messages.json b/apps/desktop/src/locales/ne/messages.json
index fbc7635f3b..ed828fa225 100644
--- a/apps/desktop/src/locales/ne/messages.json
+++ b/apps/desktop/src/locales/ne/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/nl/messages.json b/apps/desktop/src/locales/nl/messages.json
index bcd3fd9441..9e7834e88f 100644
--- a/apps/desktop/src/locales/nl/messages.json
+++ b/apps/desktop/src/locales/nl/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Zelfgehost"
+  },
+  "accessDenied": {
+    "message": "Toegang geweigerd. Je hebt geen toestemming om deze pagina te bekijken."
   }
 }
diff --git a/apps/desktop/src/locales/nn/messages.json b/apps/desktop/src/locales/nn/messages.json
index 0b7b4ce113..d0750b4d2c 100644
--- a/apps/desktop/src/locales/nn/messages.json
+++ b/apps/desktop/src/locales/nn/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/or/messages.json b/apps/desktop/src/locales/or/messages.json
index ede0694974..02495ffc37 100644
--- a/apps/desktop/src/locales/or/messages.json
+++ b/apps/desktop/src/locales/or/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/pl/messages.json b/apps/desktop/src/locales/pl/messages.json
index 2dd103dcd0..2cd2638418 100644
--- a/apps/desktop/src/locales/pl/messages.json
+++ b/apps/desktop/src/locales/pl/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Samodzielnie hostowany"
+  },
+  "accessDenied": {
+    "message": "Odmowa dostępu. Nie masz uprawnień do przeglądania tej strony."
   }
 }
diff --git a/apps/desktop/src/locales/pt_BR/messages.json b/apps/desktop/src/locales/pt_BR/messages.json
index 5e909f4735..6db0402ba4 100644
--- a/apps/desktop/src/locales/pt_BR/messages.json
+++ b/apps/desktop/src/locales/pt_BR/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/pt_PT/messages.json b/apps/desktop/src/locales/pt_PT/messages.json
index fde7d53d0f..91f2a682ad 100644
--- a/apps/desktop/src/locales/pt_PT/messages.json
+++ b/apps/desktop/src/locales/pt_PT/messages.json
@@ -239,7 +239,7 @@
     "message": "Sra."
   },
   "mx": {
-    "message": "Mx"
+    "message": "Neutro"
   },
   "dr": {
     "message": "Dr."
@@ -339,7 +339,7 @@
     "description": "This describes a field that is 'linked' (related) to another field."
   },
   "linkedValue": {
-    "message": "Linked value",
+    "message": "Valor associado",
     "description": "This describes a value that is 'linked' (related) to another value."
   },
   "remove": {
@@ -542,7 +542,7 @@
     "message": "É necessário reescrever a palavra-passe mestra."
   },
   "masterPasswordMinlength": {
-    "message": "Master password must be at least $VALUE$ characters long.",
+    "message": "A palavra-passe mestra deve ter pelo menos $VALUE$ caracteres.",
     "description": "The Master Password must be at least a specific number of characters long.",
     "placeholders": {
       "value": {
@@ -615,7 +615,7 @@
     }
   },
   "rememberMe": {
-    "message": "Memorizar-me"
+    "message": "Memorizar"
   },
   "sendVerificationCodeEmailAgain": {
     "message": "Enviar e-mail com o código de verificação novamente"
@@ -699,7 +699,7 @@
     "message": "URL do servidor da API"
   },
   "webVaultUrl": {
-    "message": "URL do servidor do cofre web"
+    "message": "URL do servidor do cofre Web"
   },
   "identityUrl": {
     "message": "URL do servidor de identidade"
@@ -799,11 +799,11 @@
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "yourAccountsFingerprint": {
-    "message": "Frase da impressão digital da sua conta",
+    "message": "Frase de impressão digital da sua conta",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "goToWebVault": {
-    "message": "Ir para o cofre web"
+    "message": "Ir para o cofre Web"
   },
   "getMobileApp": {
     "message": "Obter a aplicação móvel"
@@ -846,10 +846,10 @@
     "message": "Verificação de dois passos"
   },
   "vaultTimeout": {
-    "message": "Expiração do cofre"
+    "message": "Tempo limite do cofre"
   },
   "vaultTimeoutDesc": {
-    "message": "Escolha a que altura expira o seu cofre, realizando a ação de expiração do mesmo."
+    "message": "Escolha quando é que o seu cofre executará a ação de tempo limite do cofre."
   },
   "immediately": {
     "message": "Imediatamente"
@@ -911,10 +911,10 @@
     "description": "Clipboard is the operating system thing where you copy/paste data to on your device."
   },
   "enableFavicon": {
-    "message": "Show website icons"
+    "message": "Mostrar ícones do site"
   },
   "faviconDesc": {
-    "message": "Show a recognizable image next to each login."
+    "message": "Mostrar uma imagem reconhecível junto a cada credencial."
   },
   "enableMinToTray": {
     "message": "Minimizar para ícone de bandeja"
@@ -953,28 +953,28 @@
     "message": "Quando a aplicação é iniciada pela primeira vez, mostrar apenas um ícone na bandeja do sistema."
   },
   "startToMenuBar": {
-    "message": "Start to menu bar"
+    "message": "Iniciar na barra de menus"
   },
   "startToMenuBarDesc": {
-    "message": "When the application is first started, only show an icon in the menu bar."
+    "message": "Quando a aplicação é iniciada pela primeira vez, mostrar apenas um ícone na barra de menu."
   },
   "openAtLogin": {
-    "message": "Start automatically on login"
+    "message": "Iniciar automaticamente ao iniciar sessão"
   },
   "openAtLoginDesc": {
-    "message": "Start the Bitwarden desktop application automatically on login."
+    "message": "Iniciar a aplicação para computador Bitwarden automaticamente ao iniciar a sessão."
   },
   "alwaysShowDock": {
-    "message": "Always show in the Dock"
+    "message": "Mostrar sempre na Dock"
   },
   "alwaysShowDockDesc": {
-    "message": "Show the Bitwarden icon in the Dock even when minimized to the menu bar."
+    "message": "Mostrar o ícone do Bitwarden na Dock mesmo quando minimizado na barra de menus."
   },
   "confirmTrayTitle": {
-    "message": "Confirm hiding tray"
+    "message": "Confirmar a ocultação do tabuleiro"
   },
   "confirmTrayDesc": {
-    "message": "Turning off this setting will also turn off all other tray related settings."
+    "message": "Desativar esta definição também desativará todas as outras definições relacionadas com o tabuleiro."
   },
   "language": {
     "message": "Idioma"
@@ -1063,7 +1063,7 @@
     "message": "Gerir subscrição"
   },
   "premiumManageAlert": {
-    "message": "Pode gerir a sua subscrição no cofre web bitwarden.com. Pretende visitar o site agora?"
+    "message": "Pode gerir a sua subscrição no cofre Web bitwarden.com. Pretende visitar o site agora?"
   },
   "premiumRefresh": {
     "message": "Atualizar subscrição"
@@ -1096,7 +1096,7 @@
     "message": "Adquirir Premium"
   },
   "premiumPurchaseAlert": {
-    "message": "Pode adquirir uma subscrição Premium no cofre web bitwarden.com. Pretende visitar o site agora?"
+    "message": "Pode adquirir uma subscrição Premium no cofre Web bitwarden.com. Pretende visitar o site agora?"
   },
   "premiumCurrentMember": {
     "message": "É um membro Premium!"
@@ -1127,7 +1127,7 @@
     "message": "Não existem palavras-passe para listar."
   },
   "undo": {
-    "message": "Desfazer"
+    "message": "Anular"
   },
   "redo": {
     "message": "Refazer"
@@ -1226,11 +1226,11 @@
     "description": "Domain name. Ex. website.com"
   },
   "domainName": {
-    "message": "Domain name",
+    "message": "Nome do domínio",
     "description": "Domain name. Ex. website.com"
   },
   "host": {
-    "message": "Servidor",
+    "message": "Domínio",
     "description": "A URL's host value. For example, the host of https://sub.domain.com:443 is 'sub.domain.com:443'."
   },
   "exact": {
@@ -1294,51 +1294,51 @@
     "message": "Formato do ficheiro"
   },
   "hCaptchaUrl": {
-    "message": "hCaptcha Url",
+    "message": "URL do hCaptcha",
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "loadAccessibilityCookie": {
-    "message": "Load accessibility cookie"
+    "message": "Carregar cookie de acessibilidade"
   },
   "registerAccessibilityUser": {
-    "message": "Register as an accessibility user at",
+    "message": "Registar como utilizador de acessibilidade em",
     "description": "ex. Register as an accessibility user at hcaptcha.com"
   },
   "copyPasteLink": {
-    "message": "Copy and paste the link sent to your email below"
+    "message": "Copie e cole o link enviado para o seu e-mail abaixo"
   },
   "enterhCaptchaUrl": {
-    "message": "Enter URL to load accessibility cookie for hCaptcha",
+    "message": "Introduza o URL para carregar o cookie de acessibilidade do hCaptcha",
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "hCaptchaUrlRequired": {
-    "message": "hCaptcha Url is required",
+    "message": "É necessário o URL do hCaptcha",
     "description": "hCaptcha is the name of a website, should not be translated"
   },
   "invalidUrl": {
-    "message": "Invalid Url"
+    "message": "URL inválido"
   },
   "done": {
-    "message": "Done"
+    "message": "Concluído"
   },
   "accessibilityCookieSaved": {
-    "message": "Accessibility cookie saved!"
+    "message": "Cookie de acessibilidade guardado!"
   },
   "noAccessibilityCookieSaved": {
-    "message": "No accessibility cookie saved"
+    "message": "Nenhum cookie de acessibilidade guardado"
   },
   "warning": {
     "message": "AVISO",
     "description": "WARNING (should stay in capitalized letters if the language permits)"
   },
   "confirmVaultExport": {
-    "message": "Confirm vault export"
+    "message": "Confirmar a exportação do cofre"
   },
   "exportWarningDesc": {
     "message": "Esta exportação contém os dados do seu cofre num formato não encriptado. Não deve armazenar ou enviar o ficheiro exportado através de canais não seguros (como o e-mail). Elimine-o imediatamente após terminar a sua utilização."
   },
   "encExportKeyWarningDesc": {
-    "message": "Esta exportação encripta os seus dados utilizando a chave de encriptação da sua conta. Se alguma vez mudar a chave de encriptação da sua conta, deve exportar novamente, uma vez que não conseguirá desencriptar este ficheiro de exportação."
+    "message": "Esta exportação encripta os seus dados utilizando a chave de encriptação da sua conta. Se alguma vez alterar a chave de encriptação da sua conta, deve exportar novamente, uma vez que não conseguirá desencriptar este ficheiro de exportação."
   },
   "encExportAccountWarningDesc": {
     "message": "As chaves de encriptação da conta são únicas para cada conta de utilizador Bitwarden, pelo que não é possível importar uma exportação encriptada para uma conta diferente."
@@ -1393,7 +1393,7 @@
     "message": "Desbloquear com o Windows Hello"
   },
   "additionalWindowsHelloSettings": {
-    "message": "Additional Windows Hello settings"
+    "message": "Definições adicionais do Windows Hello"
   },
   "windowsHelloConsentMessage": {
     "message": "Verificar para o Bitwarden."
@@ -1402,22 +1402,22 @@
     "message": "Desbloquear com Touch ID"
   },
   "additionalTouchIdSettings": {
-    "message": "Additional Touch ID settings"
+    "message": "Definições adicionais do Touch ID"
   },
   "touchIdConsentMessage": {
-    "message": "desbloqueie o seu cofre"
+    "message": "desbloquear o cofre"
   },
   "autoPromptWindowsHello": {
-    "message": "Ask for Windows Hello on app start"
+    "message": "Pedir o Windows Hello ao iniciar a aplicação"
   },
   "autoPromptTouchId": {
-    "message": "Ask for Touch ID on app start"
+    "message": "Pedir o Touch ID ao iniciar a aplicação"
   },
   "requirePasswordOnStart": {
-    "message": "Require password or PIN on app start"
+    "message": "Exigir palavra-passe ou PIN ao iniciar a aplicação"
   },
   "recommendedForSecurity": {
-    "message": "Recommended for security."
+    "message": "Recomendado por segurança."
   },
   "lockWithMasterPassOnRestart": {
     "message": "Bloquear com a palavra-passe mestra ao reiniciar"
@@ -1429,7 +1429,7 @@
     "message": "Proceda da seguinte forma para eliminar a sua conta e todos os dados do cofre."
   },
   "deleteAccountWarning": {
-    "message": "A eliminação da sua conta é permanente. Não pode ser desfeita."
+    "message": "A eliminação da sua conta é permanente. Não pode ser anulada."
   },
   "accountDeleted": {
     "message": "Conta eliminada"
@@ -1484,7 +1484,7 @@
     "message": "Uma ou mais políticas da organização estão a afetar as suas definições do gerador."
   },
   "vaultTimeoutAction": {
-    "message": "Ação de expiração do cofre"
+    "message": "Ação de tempo limite do cofre"
   },
   "vaultTimeoutActionLockDesc": {
     "message": "É necessária uma palavra-passe mestra ou outro método de desbloqueio para aceder novamente ao seu cofre."
@@ -1528,7 +1528,7 @@
     "message": "Ao terminar sessão removerá todo o acesso ao seu cofre e requer autenticação online após o período de tempo limite. Tem a certeza de que pretende utilizar esta definição?"
   },
   "vaultTimeoutLogOutConfirmationTitle": {
-    "message": "Confirmação de expiração do cofre"
+    "message": "Confirmação da ação de tempo limite"
   },
   "enterpriseSingleSignOn": {
     "message": "Início de sessão único para empresas"
@@ -1540,7 +1540,7 @@
     "message": "Para concluir o início de sessão com SSO, por favor, defina uma palavra-passe mestra para aceder e proteger o seu cofre."
   },
   "currentMasterPass": {
-    "message": "Current master password"
+    "message": "Palavra-passe mestra atual"
   },
   "newMasterPass": {
     "message": "Nova palavra-passe mestra"
@@ -1597,46 +1597,46 @@
     "message": "Os Termos de utilização e a Política de privacidade não foram aceites."
   },
   "enableBrowserIntegration": {
-    "message": "Allow browser integration"
+    "message": "Permitir a integração do navegador"
   },
   "enableBrowserIntegrationDesc": {
-    "message": "Used for biometrics in browser."
+    "message": "Utilizado para a biometria no navegador."
   },
   "enableDuckDuckGoBrowserIntegration": {
-    "message": "Allow DuckDuckGo browser integration"
+    "message": "Permitir a integração do navegador DuckDuckGo"
   },
   "enableDuckDuckGoBrowserIntegrationDesc": {
-    "message": "Use your Bitwarden vault when browsing with DuckDuckGo."
+    "message": "Utilize o seu cofre Bitwarden quando navegar com o DuckDuckGo."
   },
   "browserIntegrationUnsupportedTitle": {
     "message": "Integração com o navegador não suportada"
   },
   "browserIntegrationMasOnlyDesc": {
-    "message": "Unfortunately browser integration is only supported in the Mac App Store version for now."
+    "message": "Infelizmente, a integração do navegador só é suportada na versão da Mac App Store por enquanto."
   },
   "browserIntegrationWindowsStoreDesc": {
-    "message": "Unfortunately browser integration is currently not supported in the Microsoft Store version."
+    "message": "Infelizmente, a integração do navegador não é atualmente suportada na versão da Microsoft Store."
   },
   "browserIntegrationLinuxDesc": {
     "message": "Infelizmente, a integração com o navegador não é atualmente suportada na versão Linux."
   },
   "enableBrowserIntegrationFingerprint": {
-    "message": "Require verification for browser integration"
+    "message": "Exigir verificação para a integração do navegador"
   },
   "enableBrowserIntegrationFingerprintDesc": {
-    "message": "Add an additional layer of security by requiring fingerprint phrase confirmation when establishing a link between your desktop and browser. This requires user action and verification each time a connection is created."
+    "message": "Adicione uma camada adicional de segurança, exigindo a confirmação da frase de impressão digital ao estabelecer uma ligação entre o computador e o navegador. Isto requer a ação e a verificação do utilizador sempre que é criada uma ligação."
   },
   "approve": {
     "message": "Aprovar"
   },
   "verifyBrowserTitle": {
-    "message": "Verify browser connection"
+    "message": "Verificar a ligação do navegador"
   },
   "verifyBrowserDesc": {
-    "message": "Please ensure the shown fingerprint is identical to the fingerprint showed in the browser extension."
+    "message": "Por favor, certifique-se de que a impressão digital apresentada é idêntica à impressão digital apresentada na extensão do navegador."
   },
   "verifyNativeMessagingConnectionTitle": {
-    "message": "$APPID$ wants to connect to Bitwarden",
+    "message": "O(A) $APPID$ quer ligar-se ao Bitwarden",
     "placeholders": {
       "appid": {
         "content": "$1",
@@ -1645,25 +1645,25 @@
     }
   },
   "verifyNativeMessagingConnectionDesc": {
-    "message": "Would you like to approve this request?"
+    "message": "Gostaria de aprovar este pedido?"
   },
   "verifyNativeMessagingConnectionWarning": {
-    "message": "If you did not initiate this request, do not approve it."
+    "message": "Se não tiver iniciado este pedido, não o aprove."
   },
   "biometricsNotEnabledTitle": {
-    "message": "Biometrics not set up"
+    "message": "Biometria não configurada"
   },
   "biometricsNotEnabledDesc": {
-    "message": "Browser biometrics requires desktop biometrics to be set up in the settings first."
+    "message": "A biometria do navegador requer que a biometria do computador seja primeiro configurada nas definições."
   },
   "personalOwnershipSubmitError": {
-    "message": "Due to an enterprise policy, you are restricted from saving items to your individual vault. Change the ownership option to an organization and choose from available collections."
+    "message": "Devido a uma política empresarial, está impedido de guardar itens no seu cofre pessoal. Altere a opção Propriedade para uma organização e escolha entre as coleções disponíveis."
   },
   "hintEqualsPassword": {
-    "message": "Your password hint cannot be the same as your password."
+    "message": "A dica da sua palavra-passe não pode ser igual à sua palavra-passe."
   },
   "personalOwnershipPolicyInEffect": {
-    "message": "An organization policy is affecting your ownership options."
+    "message": "Uma política da organização está a afetar as suas opções de propriedade."
   },
   "allSends": {
     "message": "Todos os Sends",
@@ -1700,30 +1700,30 @@
     "message": "Data de validade"
   },
   "expirationDateDesc": {
-    "message": "If set, access to this Send will expire on the specified date and time.",
+    "message": "Se definido, o acesso a este Send expirará na data e hora especificadas.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "maxAccessCount": {
-    "message": "Maximum access count",
+    "message": "Número máximo de acessos",
     "description": "This text will be displayed after a Send has been accessed the maximum amount of times."
   },
   "maxAccessCountDesc": {
-    "message": "If set, users will no longer be able to access this Send once the maximum access count is reached.",
+    "message": "Se definido, os utilizadores deixarão de poder aceder a este Send quando a contagem máxima de acessos for atingida.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "currentAccessCount": {
-    "message": "Current access count"
+    "message": "Número de acessos atual"
   },
   "disableSend": {
-    "message": "Deactivate this Send so that no one can access it.",
+    "message": "Desative este Send para que ninguém possa aceder ao mesmo.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendPasswordDesc": {
-    "message": "Optionally require a password for users to access this Send.",
+    "message": "Opcionalmente, exigir uma palavra-passe para os utilizadores acederem a este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendNotesDesc": {
-    "message": "Private notes about this Send.",
+    "message": "Notas privadas sobre este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendLink": {
@@ -1735,7 +1735,7 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "textHiddenByDefault": {
-    "message": "When accessing the Send, hide the text by default",
+    "message": "Ao aceder ao Send, ocultar o texto por defeito",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "createdSend": {
@@ -1817,7 +1817,7 @@
     "message": "Tem a certeza de que pretende remover a palavra-passe?"
   },
   "maxAccessCountReached": {
-    "message": "Max access count reached"
+    "message": "Número máximo de acessos atingido"
   },
   "expired": {
     "message": "Expirado"
@@ -1868,7 +1868,7 @@
     "message": "Minutos"
   },
   "vaultTimeoutPolicyInEffect": {
-    "message": "Your organization policies have set your maximum allowed vault timeout to $HOURS$ hour(s) and $MINUTES$ minute(s).",
+    "message": "As políticas da sua organização definiram o tempo limite máximo permitido do cofre de $HOURS$ hora(s) e $MINUTES$ minuto(s).",
     "placeholders": {
       "hours": {
         "content": "$1",
@@ -1881,7 +1881,7 @@
     }
   },
   "vaultTimeoutPolicyWithActionInEffect": {
-    "message": "Your organization policies are affecting your vault timeout. Maximum allowed vault timeout is $HOURS$ hour(s) and $MINUTES$ minute(s). Your vault timeout action is set to $ACTION$.",
+    "message": "As políticas da sua organização estão a afetar o tempo limite do cofre. O tempo limite máximo permitido do cofre é de $HOURS$ hora(s) e $MINUTES$ minuto(s). A sua ação de tempo limite do cofre está definida para $ACTION$.",
     "placeholders": {
       "hours": {
         "content": "$1",
@@ -1898,7 +1898,7 @@
     }
   },
   "vaultTimeoutActionPolicyInEffect": {
-    "message": "Your organization policies have set your vault timeout action to $ACTION$.",
+    "message": "As políticas da sua organização definiram a ação de tempo limite do cofre para $ACTION$.",
     "placeholders": {
       "action": {
         "content": "$1",
@@ -1913,7 +1913,7 @@
     "message": "Inscrição automática"
   },
   "resetPasswordAutoEnrollInviteWarning": {
-    "message": "This organization has an enterprise policy that will automatically enroll you in password reset. Enrollment will allow organization administrators to change your master password."
+    "message": "Esta organização tem uma política empresarial que o inscreverá automaticamente na redefinição de palavra-passe. A inscrição permitirá que os administradores da organização alterem a sua palavra-passe mestra."
   },
   "vaultExportDisabled": {
     "message": "Exportação do cofre removida"
@@ -1931,7 +1931,7 @@
     "message": "Palavra-passe mestra removida"
   },
   "convertOrganizationEncryptionDesc": {
-    "message": "$ORGANIZATION$ is using SSO with a self-hosted key server. A master password is no longer required to log in for members of this organization.",
+    "message": "A $ORGANIZATION$ está a utilizar o SSO com um servidor de chaves auto-hospedado. Já não é necessária uma palavra-passe mestra para iniciar sessão para os membros desta organização.",
     "placeholders": {
       "organization": {
         "content": "$1",
@@ -1949,7 +1949,7 @@
     "message": "Saiu da organização."
   },
   "ssoKeyConnectorError": {
-    "message": "Key connector error: make sure key connector is available and working correctly."
+    "message": "Erro no Key Connector: certifique-se de que o Key Connector está disponível e a funcionar corretamente."
   },
   "lockAllVaults": {
     "message": "Bloquear todos os cofres"
@@ -2003,13 +2003,13 @@
     "message": "Desbloqueado"
   },
   "generator": {
-    "message": "Generator"
+    "message": "Gerador"
   },
   "whatWouldYouLikeToGenerate": {
     "message": "O que é que gostaria de gerar?"
   },
   "passwordType": {
-    "message": "Password type"
+    "message": "Tipo de palavra-passe"
   },
   "regenerateUsername": {
     "message": "Regenerar nome de utilizador"
@@ -2034,16 +2034,16 @@
     "message": "Use your domain's configured catch-all inbox."
   },
   "random": {
-    "message": "Random"
+    "message": "Aleatório"
   },
   "randomWord": {
-    "message": "Random word"
+    "message": "Palavra aleatória"
   },
   "websiteName": {
     "message": "Nome do site"
   },
   "service": {
-    "message": "Service"
+    "message": "Serviço"
   },
   "allVaults": {
     "message": "Todos os cofres"
@@ -2055,35 +2055,35 @@
     "message": "Procurar no meu cofre"
   },
   "forwardedEmail": {
-    "message": "Forwarded email alias"
+    "message": "Alias de e-mail reencaminhado"
   },
   "forwardedEmailDesc": {
-    "message": "Generate an email alias with an external forwarding service."
+    "message": "Gerar um alias de e-mail com um serviço de reencaminhamento externo."
   },
   "hostname": {
-    "message": "Hostname",
+    "message": "Nome de domínio",
     "description": "Part of a URL."
   },
   "apiAccessToken": {
-    "message": "API Access Token"
+    "message": "Token de acesso à API"
   },
   "apiKey": {
-    "message": "API key"
+    "message": "Chave API"
   },
   "premiumSubcriptionRequired": {
     "message": "É necessária uma subscrição Premium"
   },
   "organizationIsDisabled": {
-    "message": "Organization suspended"
+    "message": "Organização suspensa"
   },
   "disabledOrganizationFilterError": {
-    "message": "Items in suspended organizations cannot be accessed. Contact your organization owner for assistance."
+    "message": "Não é possível aceder aos itens de organizações suspensas. Contacte o proprietário da organização para obter assistência."
   },
   "neverLockWarning": {
     "message": "Tem a certeza de que deseja utilizar a opção \"Nunca\"? Ao definir as opções de bloqueio para \"Nunca\" armazena a chave de encriptação do seu cofre no seu dispositivo. Se utilizar esta opção deve assegurar-se de que mantém o seu dispositivo devidamente protegido."
   },
   "vault": {
-    "message": "Vault"
+    "message": "Cofre"
   },
   "loginWithMasterPassword": {
     "message": "Iniciar sessão com a palavra-passe mestra"
@@ -2113,35 +2113,35 @@
     "message": "Iniciar sessão com outro dispositivo"
   },
   "logInInitiated": {
-    "message": "Log in initiated"
+    "message": "A preparar o início de sessão"
   },
   "notificationSentDevice": {
-    "message": "A notification has been sent to your device."
+    "message": "Foi enviada uma notificação para o seu dispositivo."
   },
   "fingerprintMatchInfo": {
-    "message": "Please make sure your vault is unlocked and Fingerprint phrase matches the other device."
+    "message": "Por favor, certifique-se de que o cofre está desbloqueado e que a frase de impressão digital corresponde à do outro dispositivo."
   },
   "fingerprintPhraseHeader": {
-    "message": "Fingerprint phrase"
+    "message": "Frase de impressão digital"
   },
   "needAnotherOption": {
-    "message": "Log in with device must be set up in the settings of the Bitwarden app. Need another option?"
+    "message": "O início de sessão com o dispositivo deve ser ativado nas definições da aplicação Bitwarden. Necessita de outra opção?"
   },
   "viewAllLoginOptions": {
-    "message": "View all login options"
+    "message": "Ver todas as opções de início de sessão"
   },
   "resendNotification": {
-    "message": "Resend notification"
+    "message": "Reenviar notificação"
   },
   "toggleCharacterCount": {
-    "message": "Toggle character count",
+    "message": "Mostrar/ocultar contagem de caracteres",
     "description": "'Character count' describes a feature that displays a number next to each character of the password."
   },
   "areYouTryingtoLogin": {
-    "message": "Are you trying to log in?"
+    "message": "Está a tentar iniciar sessão?"
   },
   "logInAttemptBy": {
-    "message": "Login attempt by $EMAIL$",
+    "message": "Tentativa de início de sessão por $EMAIL$",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -2150,25 +2150,25 @@
     }
   },
   "deviceType": {
-    "message": "Device Type"
+    "message": "Tipo de dispositivo"
   },
   "ipAddress": {
     "message": "Endereço IP"
   },
   "time": {
-    "message": "Time"
+    "message": "Tempo"
   },
   "confirmLogIn": {
-    "message": "Confirm login"
+    "message": "Confirmar início de sessão"
   },
   "denyLogIn": {
-    "message": "Deny login"
+    "message": "Recusar início de sessão"
   },
   "approveLoginRequests": {
-    "message": "Approve login requests"
+    "message": "Aprovar pedidos de início de sessão"
   },
   "logInConfirmedForEmailOnDevice": {
-    "message": "Login confirmed for $EMAIL$ on $DEVICE$",
+    "message": "Início de sessão confirmado para $EMAIL$ em $DEVICE$",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -2181,13 +2181,13 @@
     }
   },
   "youDeniedALogInAttemptFromAnotherDevice": {
-    "message": "You denied a login attempt from another device. If this really was you, try to log in with the device again."
+    "message": "Negou uma tentativa de início de sessão de outro dispositivo. Se foi realmente o caso, tente iniciar sessão com o dispositivo novamente."
   },
   "justNow": {
-    "message": "Just now"
+    "message": "Agora mesmo"
   },
   "requestedXMinutesAgo": {
-    "message": "Requested $MINUTES$ minutes ago",
+    "message": "Pedido há $MINUTES$ minutos",
     "placeholders": {
       "minutes": {
         "content": "$1",
@@ -2196,16 +2196,16 @@
     }
   },
   "loginRequestHasAlreadyExpired": {
-    "message": "Login request has already expired."
+    "message": "O pedido de início de sessão já expirou."
   },
   "thisRequestIsNoLongerValid": {
-    "message": "This request is no longer valid."
+    "message": "Este pedido já não é válido."
   },
   "approveLoginRequestDesc": {
-    "message": "Use this device to approve login requests made from other devices."
+    "message": "Utilize este dispositivo para aprovar pedidos de início de sessão efetuados a partir de outros dispositivos."
   },
   "confirmLoginAtemptForMail": {
-    "message": "Confirm login attempt for $EMAIL$",
+    "message": "Confirmar tentativa de início de sessão de $EMAIL$",
     "placeholders": {
       "email": {
         "content": "$1",
@@ -2214,31 +2214,31 @@
     }
   },
   "logInRequested": {
-    "message": "Log in requested"
+    "message": "Início de sessão pedido"
   },
   "exposedMasterPassword": {
-    "message": "Exposed Master Password"
+    "message": "Palavra-passe mestra exposta"
   },
   "exposedMasterPasswordDesc": {
-    "message": "Password found in a data breach. Use a unique password to protect your account. Are you sure you want to use an exposed password?"
+    "message": "Palavra-passe encontrada numa violação de dados. Utilize uma palavra-passe única para proteger a sua conta. Tem a certeza de que pretende utilizar uma palavra-passe exposta?"
   },
   "weakAndExposedMasterPassword": {
-    "message": "Weak and Exposed Master Password"
+    "message": "Palavra-passe mestra fraca e exposta"
   },
   "weakAndBreachedMasterPasswordDesc": {
-    "message": "Weak password identified and found in a data breach. Use a strong and unique password to protect your account. Are you sure you want to use this password?"
+    "message": "Palavra-passe fraca identificada e encontrada numa violação de dados. Utilize uma palavra-passe forte e única para proteger a sua conta. Tem a certeza de que pretende utilizar esta palavra-passe?"
   },
   "checkForBreaches": {
-    "message": "Check known data breaches for this password"
+    "message": "Verificar violações de dados conhecidas para esta palavra-passe"
   },
   "important": {
-    "message": "Important:"
+    "message": "Importante:"
   },
   "masterPasswordHint": {
-    "message": "Your master password cannot be recovered if you forget it!"
+    "message": "A sua palavra-passe mestra não pode ser recuperada se a esquecer!"
   },
   "characterMinimum": {
-    "message": "$LENGTH$ character minimum",
+    "message": "$LENGTH$ caracteres no mínimo",
     "placeholders": {
       "length": {
         "content": "$1",
@@ -2250,7 +2250,7 @@
     "message": "O Bitwarden recomenda a atualização das suas definições biométricas para exigir a sua palavra-passe mestra (ou PIN) no primeiro desbloqueio. Gostaria de atualizar as suas definições agora?"
   },
   "windowsBiometricUpdateWarningTitle": {
-    "message": "Recommended Settings Update"
+    "message": "Atualização de definições recomendadas"
   },
   "region": {
     "message": "Região"
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Auto-hospedado"
+  },
+  "accessDenied": {
+    "message": "Acesso negado. Não tem permissão para visualizar esta página."
   }
 }
diff --git a/apps/desktop/src/locales/ro/messages.json b/apps/desktop/src/locales/ro/messages.json
index c5fc551e18..e0babc049c 100644
--- a/apps/desktop/src/locales/ro/messages.json
+++ b/apps/desktop/src/locales/ro/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/ru/messages.json b/apps/desktop/src/locales/ru/messages.json
index e940c97686..0dfccf048b 100644
--- a/apps/desktop/src/locales/ru/messages.json
+++ b/apps/desktop/src/locales/ru/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Собственный хостинг"
+  },
+  "accessDenied": {
+    "message": "Доступ запрещен. У вас нет разрешения на просмотр этой страницы."
   }
 }
diff --git a/apps/desktop/src/locales/si/messages.json b/apps/desktop/src/locales/si/messages.json
index e8a79147aa..7fe72ca122 100644
--- a/apps/desktop/src/locales/si/messages.json
+++ b/apps/desktop/src/locales/si/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/sk/messages.json b/apps/desktop/src/locales/sk/messages.json
index 773be1cd07..30418ea8ca 100644
--- a/apps/desktop/src/locales/sk/messages.json
+++ b/apps/desktop/src/locales/sk/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Vlastný hosting"
+  },
+  "accessDenied": {
+    "message": "Prístup zamietnutý. Nemáte oprávnenie na zobrazenie tejto stránky."
   }
 }
diff --git a/apps/desktop/src/locales/sl/messages.json b/apps/desktop/src/locales/sl/messages.json
index 4bccab8c51..5d4f40ed14 100644
--- a/apps/desktop/src/locales/sl/messages.json
+++ b/apps/desktop/src/locales/sl/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/sr/messages.json b/apps/desktop/src/locales/sr/messages.json
index fb225b1763..cea5d01ff9 100644
--- a/apps/desktop/src/locales/sr/messages.json
+++ b/apps/desktop/src/locales/sr/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Личан хостинг"
+  },
+  "accessDenied": {
+    "message": "Одбијен приступ. Немате дозволу да видите ову страницу."
   }
 }
diff --git a/apps/desktop/src/locales/sv/messages.json b/apps/desktop/src/locales/sv/messages.json
index 247f646408..8dab78a718 100644
--- a/apps/desktop/src/locales/sv/messages.json
+++ b/apps/desktop/src/locales/sv/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/te/messages.json b/apps/desktop/src/locales/te/messages.json
index fbc7635f3b..ed828fa225 100644
--- a/apps/desktop/src/locales/te/messages.json
+++ b/apps/desktop/src/locales/te/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/th/messages.json b/apps/desktop/src/locales/th/messages.json
index e68d7d13c1..45c05455ba 100644
--- a/apps/desktop/src/locales/th/messages.json
+++ b/apps/desktop/src/locales/th/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/tr/messages.json b/apps/desktop/src/locales/tr/messages.json
index 294ab336c3..9e98dbee2c 100644
--- a/apps/desktop/src/locales/tr/messages.json
+++ b/apps/desktop/src/locales/tr/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Barındırılan"
+  },
+  "accessDenied": {
+    "message": "Erişim engellendi. Bu sayfayı görüntüleme iznine sahip değilsiniz."
   }
 }
diff --git a/apps/desktop/src/locales/uk/messages.json b/apps/desktop/src/locales/uk/messages.json
index 4e4c214ed9..5823480bde 100644
--- a/apps/desktop/src/locales/uk/messages.json
+++ b/apps/desktop/src/locales/uk/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Власне розміщення"
+  },
+  "accessDenied": {
+    "message": "Доступ заборонено. У вас немає дозволу на перегляд цієї сторінки."
   }
 }
diff --git a/apps/desktop/src/locales/vi/messages.json b/apps/desktop/src/locales/vi/messages.json
index e4fcbede49..89b4d9e3ca 100644
--- a/apps/desktop/src/locales/vi/messages.json
+++ b/apps/desktop/src/locales/vi/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/desktop/src/locales/zh_CN/messages.json b/apps/desktop/src/locales/zh_CN/messages.json
index 8184e19b76..f455937ba8 100644
--- a/apps/desktop/src/locales/zh_CN/messages.json
+++ b/apps/desktop/src/locales/zh_CN/messages.json
@@ -2074,10 +2074,10 @@
     "message": "需要高级版订阅"
   },
   "organizationIsDisabled": {
-    "message": "组织已暂停"
+    "message": "组织已停用"
   },
   "disabledOrganizationFilterError": {
-    "message": "无法访问已暂停组织中的项目。请联系您的组织所有者获取帮助。"
+    "message": "无法访问已停用组织中的项目。请联系您的组织所有者获取协助。"
   },
   "neverLockWarning": {
     "message": "确定要使用「从不」选项吗？将锁定选项设置为「从不」会将密码库的加密密钥存储在您的设备上。如果使用此选项，应确保您的设备得到妥善的保护。"
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "自托管"
+  },
+  "accessDenied": {
+    "message": "访问被拒绝。您没有权限查看此页面。"
   }
 }
diff --git a/apps/desktop/src/locales/zh_TW/messages.json b/apps/desktop/src/locales/zh_TW/messages.json
index a5df7cdde5..4425253521 100644
--- a/apps/desktop/src/locales/zh_TW/messages.json
+++ b/apps/desktop/src/locales/zh_TW/messages.json
@@ -2265,5 +2265,8 @@
   },
   "selfHosted": {
     "message": "Self-hosted"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }

From df2c6e283f6e050b9258ad86fc700728d43c8739 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 19 Jun 2023 09:05:40 +0000
Subject: [PATCH 11/13] Autosync the updated translations (#5625)

Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
---
 apps/browser/src/_locales/ar/messages.json    |   3 +
 apps/browser/src/_locales/az/messages.json    |  11 +-
 apps/browser/src/_locales/be/messages.json    |  17 +-
 apps/browser/src/_locales/bg/messages.json    |   3 +
 apps/browser/src/_locales/bn/messages.json    |   3 +
 apps/browser/src/_locales/bs/messages.json    |   3 +
 apps/browser/src/_locales/ca/messages.json    |   3 +
 apps/browser/src/_locales/cs/messages.json    |   3 +
 apps/browser/src/_locales/cy/messages.json    |   3 +
 apps/browser/src/_locales/da/messages.json    |   3 +
 apps/browser/src/_locales/de/messages.json    |   3 +
 apps/browser/src/_locales/el/messages.json    |   3 +
 apps/browser/src/_locales/en_GB/messages.json |   3 +
 apps/browser/src/_locales/en_IN/messages.json |   3 +
 apps/browser/src/_locales/es/messages.json    |   3 +
 apps/browser/src/_locales/et/messages.json    |  11 +-
 apps/browser/src/_locales/eu/messages.json    |   3 +
 apps/browser/src/_locales/fa/messages.json    |   3 +
 apps/browser/src/_locales/fi/messages.json    |   3 +
 apps/browser/src/_locales/fil/messages.json   |   3 +
 apps/browser/src/_locales/fr/messages.json    |   3 +
 apps/browser/src/_locales/gl/messages.json    |   3 +
 apps/browser/src/_locales/he/messages.json    |   3 +
 apps/browser/src/_locales/hi/messages.json    |   3 +
 apps/browser/src/_locales/hr/messages.json    |   3 +
 apps/browser/src/_locales/hu/messages.json    |   3 +
 apps/browser/src/_locales/id/messages.json    |   3 +
 apps/browser/src/_locales/it/messages.json    |   3 +
 apps/browser/src/_locales/ja/messages.json    |   3 +
 apps/browser/src/_locales/ka/messages.json    |   3 +
 apps/browser/src/_locales/km/messages.json    |   3 +
 apps/browser/src/_locales/kn/messages.json    |   3 +
 apps/browser/src/_locales/ko/messages.json    |   3 +
 apps/browser/src/_locales/lt/messages.json    |  11 +-
 apps/browser/src/_locales/lv/messages.json    |   3 +
 apps/browser/src/_locales/ml/messages.json    |   3 +
 apps/browser/src/_locales/my/messages.json    |   3 +
 apps/browser/src/_locales/nb/messages.json    |   3 +
 apps/browser/src/_locales/ne/messages.json    |   3 +
 apps/browser/src/_locales/nl/messages.json    |   3 +
 apps/browser/src/_locales/nn/messages.json    |   3 +
 apps/browser/src/_locales/or/messages.json    |   3 +
 apps/browser/src/_locales/pl/messages.json    |   3 +
 apps/browser/src/_locales/pt_BR/messages.json |  13 +-
 apps/browser/src/_locales/pt_PT/messages.json | 267 +++++++++---------
 apps/browser/src/_locales/ro/messages.json    |   3 +
 apps/browser/src/_locales/ru/messages.json    |   3 +
 apps/browser/src/_locales/si/messages.json    |   3 +
 apps/browser/src/_locales/sk/messages.json    |   3 +
 apps/browser/src/_locales/sl/messages.json    |  13 +-
 apps/browser/src/_locales/sr/messages.json    |   3 +
 apps/browser/src/_locales/sv/messages.json    |   3 +
 apps/browser/src/_locales/te/messages.json    |   3 +
 apps/browser/src/_locales/th/messages.json    |   3 +
 apps/browser/src/_locales/tr/messages.json    |   3 +
 apps/browser/src/_locales/uk/messages.json    |   3 +
 apps/browser/src/_locales/vi/messages.json    |   3 +
 apps/browser/src/_locales/zh_CN/messages.json |   7 +-
 apps/browser/src/_locales/zh_TW/messages.json |   3 +
 apps/browser/store/locales/lt/copy.resx       |  30 +-
 apps/browser/store/locales/pt_PT/copy.resx    |  30 +-
 61 files changed, 370 insertions(+), 193 deletions(-)

diff --git a/apps/browser/src/_locales/ar/messages.json b/apps/browser/src/_locales/ar/messages.json
index 519115d2a8..077e0623e4 100644
--- a/apps/browser/src/_locales/ar/messages.json
+++ b/apps/browser/src/_locales/ar/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/az/messages.json b/apps/browser/src/_locales/az/messages.json
index 0c12f845d5..c062ebbc29 100644
--- a/apps/browser/src/_locales/az/messages.json
+++ b/apps/browser/src/_locales/az/messages.json
@@ -1462,16 +1462,16 @@
     "message": "Element avto-dolduruldu"
   },
   "insecurePageWarning": {
-    "message": "Warning: This is an unsecured HTTP page, and any information you submit can potentially be seen and changed by others. This Login was originally saved on a secure (HTTPS) page."
+    "message": "Xəbərdarlıq: Bu, güvənli olmayan bir HTTP səhifəsidir və göndərdiyiniz istənilən məlumat başqaları tərəfindən görünə və dəyişdirilə bilər. Bu Giriş, orijinal olaraq güvənli (HTTPS) bir səhifədə saxlanılmışdır."
   },
   "insecurePageWarningFillPrompt": {
-    "message": "Do you still wish to fill this login?"
+    "message": "Hələ də bu girişi doldurmaq istəyirsiniz?"
   },
   "autofillIframeWarning": {
-    "message": "The form is hosted by a different domain than the URI of your saved login. Choose OK to auto-fill anyway, or Cancel to stop."
+    "message": "Form sahibliyi, saxlanılmış girişinizin URI-ından fərqli bir domen tərəfindən həyata keçirilir. Yenə də avto-doldurmaq üçün \"Oldu\"ya, dayandırmaq üçün \"İmtina\"ya basın."
   },
   "autofillIframeWarningTip": {
-    "message": "To prevent this warning in the future, save this URI, $HOSTNAME$, to your Bitwarden login item for this site.",
+    "message": "Gələcəkdə bu xəbərdarlığın qarşısını almaq üçün, $HOSTNAME$ URI-nı bu sayt üçün Bitwarden giriş elementinizdə saxlayın.",
     "placeholders": {
       "hostname": {
         "content": "$1",
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "ABŞ",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Müraciət rədd edildi. Bu səhifəyə baxmaq üçün icazəniz yoxdur."
   }
 }
diff --git a/apps/browser/src/_locales/be/messages.json b/apps/browser/src/_locales/be/messages.json
index 80800f4aa3..b44b55578f 100644
--- a/apps/browser/src/_locales/be/messages.json
+++ b/apps/browser/src/_locales/be/messages.json
@@ -1462,16 +1462,16 @@
     "message": "Аўтазапоўнены элемент"
   },
   "insecurePageWarning": {
-    "message": "Warning: This is an unsecured HTTP page, and any information you submit can potentially be seen and changed by others. This Login was originally saved on a secure (HTTPS) page."
+    "message": "Папярэджанне: гэта старонка HTTP не абаронена. Любая інфармацыя, якую вы адпраўляеце тэарэтычна можа перахоплена і зменена любым карыстальнікам. Гэты лагін першапачаткова захаваны на абароненай старонцы (HTTPS)."
   },
   "insecurePageWarningFillPrompt": {
-    "message": "Do you still wish to fill this login?"
+    "message": "Вы ўсё яшчэ хочаце запоўніць гэты лагін?"
   },
   "autofillIframeWarning": {
-    "message": "The form is hosted by a different domain than the URI of your saved login. Choose OK to auto-fill anyway, or Cancel to stop."
+    "message": "Форма размешчана на іншым дамене, які адрозніваецца ад URI вашага захаванага лагіна. Націсніце \"Добра\", каб усё роўна запоўніць або \"Скасаваць\" для спынення."
   },
   "autofillIframeWarningTip": {
-    "message": "To prevent this warning in the future, save this URI, $HOSTNAME$, to your Bitwarden login item for this site.",
+    "message": "Каб больш не атрымліваць гэта папярэджанне, захавайце гэты URI, $HOSTNAME$ у свае элементы ўваходу Bitwarden для гэтага сайта.",
     "placeholders": {
       "hostname": {
         "content": "$1",
@@ -2222,17 +2222,20 @@
     }
   },
   "region": {
-    "message": "Region"
+    "message": "Рэгіён"
   },
   "opensInANewWindow": {
     "message": "Адкрываць у новым акне"
   },
   "eu": {
-    "message": "EU",
+    "message": "ЕС",
     "description": "European Union"
   },
   "us": {
-    "message": "US",
+    "message": "ЗША",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Доступ забаронены. У вас не дастаткова правоў для прагляду гэтай старонкі."
   }
 }
diff --git a/apps/browser/src/_locales/bg/messages.json b/apps/browser/src/_locales/bg/messages.json
index b17692bc83..4cf4a4bf72 100644
--- a/apps/browser/src/_locales/bg/messages.json
+++ b/apps/browser/src/_locales/bg/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "САЩ",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Достъпът е отказан. Нямате право за преглед на тази страница."
   }
 }
diff --git a/apps/browser/src/_locales/bn/messages.json b/apps/browser/src/_locales/bn/messages.json
index 76143e7619..ba9e128f4c 100644
--- a/apps/browser/src/_locales/bn/messages.json
+++ b/apps/browser/src/_locales/bn/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/bs/messages.json b/apps/browser/src/_locales/bs/messages.json
index b3047a9878..2625f7d878 100644
--- a/apps/browser/src/_locales/bs/messages.json
+++ b/apps/browser/src/_locales/bs/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/ca/messages.json b/apps/browser/src/_locales/ca/messages.json
index 91bbfdb48b..836917f18f 100644
--- a/apps/browser/src/_locales/ca/messages.json
+++ b/apps/browser/src/_locales/ca/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "EUA",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Accés denegat. No teniu permís per veure aquesta pàgina."
   }
 }
diff --git a/apps/browser/src/_locales/cs/messages.json b/apps/browser/src/_locales/cs/messages.json
index d83282e08a..8201b3fd71 100644
--- a/apps/browser/src/_locales/cs/messages.json
+++ b/apps/browser/src/_locales/cs/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Přístup byl odepřen. Nemáte oprávnění k zobrazení této stránky."
   }
 }
diff --git a/apps/browser/src/_locales/cy/messages.json b/apps/browser/src/_locales/cy/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/cy/messages.json
+++ b/apps/browser/src/_locales/cy/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/da/messages.json b/apps/browser/src/_locales/da/messages.json
index 5aebf5dd80..2fefddc172 100644
--- a/apps/browser/src/_locales/da/messages.json
+++ b/apps/browser/src/_locales/da/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "USA",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Adgang nægtet. Nødvendig tilladelse til at se siden mangler."
   }
 }
diff --git a/apps/browser/src/_locales/de/messages.json b/apps/browser/src/_locales/de/messages.json
index c7827d4ddc..fe219f0446 100644
--- a/apps/browser/src/_locales/de/messages.json
+++ b/apps/browser/src/_locales/de/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Zugriff verweigert. Du hast keine Berechtigung, diese Seite anzuzeigen."
   }
 }
diff --git a/apps/browser/src/_locales/el/messages.json b/apps/browser/src/_locales/el/messages.json
index 4f85e42e08..e06dd29f85 100644
--- a/apps/browser/src/_locales/el/messages.json
+++ b/apps/browser/src/_locales/el/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Δεν επιτρέπεται η πρόσβαση. Δεν έχετε άδεια για να δείτε αυτή τη σελίδα."
   }
 }
diff --git a/apps/browser/src/_locales/en_GB/messages.json b/apps/browser/src/_locales/en_GB/messages.json
index 653ff32074..75e82d8d2f 100644
--- a/apps/browser/src/_locales/en_GB/messages.json
+++ b/apps/browser/src/_locales/en_GB/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/en_IN/messages.json b/apps/browser/src/_locales/en_IN/messages.json
index 3fe6222cfc..3602873c75 100644
--- a/apps/browser/src/_locales/en_IN/messages.json
+++ b/apps/browser/src/_locales/en_IN/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/es/messages.json b/apps/browser/src/_locales/es/messages.json
index afd3ea4ce8..6e7e19c3ed 100644
--- a/apps/browser/src/_locales/es/messages.json
+++ b/apps/browser/src/_locales/es/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "EE.UU.",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Acceso denegado. No tiene permiso para ver esta página."
   }
 }
diff --git a/apps/browser/src/_locales/et/messages.json b/apps/browser/src/_locales/et/messages.json
index 02ee8d0438..7bf0ad7c5e 100644
--- a/apps/browser/src/_locales/et/messages.json
+++ b/apps/browser/src/_locales/et/messages.json
@@ -1462,16 +1462,16 @@
     "message": "Kirje täideti"
   },
   "insecurePageWarning": {
-    "message": "Warning: This is an unsecured HTTP page, and any information you submit can potentially be seen and changed by others. This Login was originally saved on a secure (HTTPS) page."
+    "message": "Hoiatus: See on ebaturvaline HTTP lehekülg. Teised osapooled võivad sinu sisestatud infot potentsiaalselt näha ja muuta. Algselt oli see kirje salvestatud turvalise (HTTPS) lehe jaoks."
   },
   "insecurePageWarningFillPrompt": {
-    "message": "Do you still wish to fill this login?"
+    "message": "Soovid kirje automaattäita?"
   },
   "autofillIframeWarning": {
-    "message": "The form is hosted by a different domain than the URI of your saved login. Choose OK to auto-fill anyway, or Cancel to stop."
+    "message": "See vorm on majutatud teistsugusel domeenil kui sinu salvestatud URI. Vajuta OK, et automaattäita või Tühista, et täitmine peatada."
   },
   "autofillIframeWarningTip": {
-    "message": "To prevent this warning in the future, save this URI, $HOSTNAME$, to your Bitwarden login item for this site.",
+    "message": "Selleks, et antud teavitust edaspidi ei kuvataks, salvesta see URI $HOSTNAME$ Bitwardeni kirjesse.",
     "placeholders": {
       "hostname": {
         "content": "$1",
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "USA",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/eu/messages.json b/apps/browser/src/_locales/eu/messages.json
index e2189ce6a6..d98e30bc57 100644
--- a/apps/browser/src/_locales/eu/messages.json
+++ b/apps/browser/src/_locales/eu/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/fa/messages.json b/apps/browser/src/_locales/fa/messages.json
index 0e4a59e164..8aa803a223 100644
--- a/apps/browser/src/_locales/fa/messages.json
+++ b/apps/browser/src/_locales/fa/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/fi/messages.json b/apps/browser/src/_locales/fi/messages.json
index 69b77b2612..68c680c70e 100644
--- a/apps/browser/src/_locales/fi/messages.json
+++ b/apps/browser/src/_locales/fi/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Pääsy estetty. Sinulla ei ole oikeutta avata sivua."
   }
 }
diff --git a/apps/browser/src/_locales/fil/messages.json b/apps/browser/src/_locales/fil/messages.json
index e98884c200..6e0c2903ec 100644
--- a/apps/browser/src/_locales/fil/messages.json
+++ b/apps/browser/src/_locales/fil/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/fr/messages.json b/apps/browser/src/_locales/fr/messages.json
index 8f4e769c69..163de06453 100644
--- a/apps/browser/src/_locales/fr/messages.json
+++ b/apps/browser/src/_locales/fr/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Accès refusé. Vous n'avez pas l'autorisation de voir cette page."
   }
 }
diff --git a/apps/browser/src/_locales/gl/messages.json b/apps/browser/src/_locales/gl/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/gl/messages.json
+++ b/apps/browser/src/_locales/gl/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/he/messages.json b/apps/browser/src/_locales/he/messages.json
index fc90bade6c..b4a1489a6f 100644
--- a/apps/browser/src/_locales/he/messages.json
+++ b/apps/browser/src/_locales/he/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/hi/messages.json b/apps/browser/src/_locales/hi/messages.json
index df561ad0e4..67cec2d36f 100644
--- a/apps/browser/src/_locales/hi/messages.json
+++ b/apps/browser/src/_locales/hi/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/hr/messages.json b/apps/browser/src/_locales/hr/messages.json
index 37ecb3de8c..252b07461a 100644
--- a/apps/browser/src/_locales/hr/messages.json
+++ b/apps/browser/src/_locales/hr/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/hu/messages.json b/apps/browser/src/_locales/hu/messages.json
index c5e8214b63..3c56ed48ef 100644
--- a/apps/browser/src/_locales/hu/messages.json
+++ b/apps/browser/src/_locales/hu/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "A hozzáférés megtagadásra került. Nincs jogosultság az oldal megtekintésére."
   }
 }
diff --git a/apps/browser/src/_locales/id/messages.json b/apps/browser/src/_locales/id/messages.json
index 6addc264fb..95ba7f3387 100644
--- a/apps/browser/src/_locales/id/messages.json
+++ b/apps/browser/src/_locales/id/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/it/messages.json b/apps/browser/src/_locales/it/messages.json
index 1971331fd9..3c61dc67f6 100644
--- a/apps/browser/src/_locales/it/messages.json
+++ b/apps/browser/src/_locales/it/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Accesso negato. Non hai i permessi necessari per visualizzare questa pagina."
   }
 }
diff --git a/apps/browser/src/_locales/ja/messages.json b/apps/browser/src/_locales/ja/messages.json
index 630dfb3e21..5955d14144 100644
--- a/apps/browser/src/_locales/ja/messages.json
+++ b/apps/browser/src/_locales/ja/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "米国",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "アクセスが拒否されました。このページを表示する権限がありません。"
   }
 }
diff --git a/apps/browser/src/_locales/ka/messages.json b/apps/browser/src/_locales/ka/messages.json
index 2f484324f3..77d24a674b 100644
--- a/apps/browser/src/_locales/ka/messages.json
+++ b/apps/browser/src/_locales/ka/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/km/messages.json b/apps/browser/src/_locales/km/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/km/messages.json
+++ b/apps/browser/src/_locales/km/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/kn/messages.json b/apps/browser/src/_locales/kn/messages.json
index baa61fad17..25656d0fbb 100644
--- a/apps/browser/src/_locales/kn/messages.json
+++ b/apps/browser/src/_locales/kn/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/ko/messages.json b/apps/browser/src/_locales/ko/messages.json
index 962fe7347c..5496e48938 100644
--- a/apps/browser/src/_locales/ko/messages.json
+++ b/apps/browser/src/_locales/ko/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/lt/messages.json b/apps/browser/src/_locales/lt/messages.json
index e6a9dbdc5c..1b9a21bd03 100644
--- a/apps/browser/src/_locales/lt/messages.json
+++ b/apps/browser/src/_locales/lt/messages.json
@@ -596,13 +596,13 @@
     "message": "Rodyti korteles skirtuko puslapyje"
   },
   "showCardsCurrentTabDesc": {
-    "message": "List card items on the Tab page for easy auto-fill."
+    "message": "Pateikti kortelių elementų skirtuko puslapyje sąrašą, kad būtų lengva automatiškai užpildyti."
   },
   "showIdentitiesCurrentTab": {
-    "message": "Show identities on Tab page"
+    "message": "Rodyti tapatybes skirtuko puslapyje"
   },
   "showIdentitiesCurrentTabDesc": {
-    "message": "List identity items on the Tab page for easy auto-fill."
+    "message": "Pateikti tapatybės elementų skirtuko puslapyje, kad būtų lengva automatiškai užpildyti."
   },
   "clearClipboard": {
     "message": "Išvalyti iškarpinę",
@@ -829,7 +829,7 @@
     "message": "Kopijuoti vienkartinį kodą (TOTP) automatiškai"
   },
   "disableAutoTotpCopyDesc": {
-    "message": "If a login has an authenticator key, copy the TOTP verification code to your clip-board when you auto-fill the login."
+    "message": "Jei prisijungimas turi autentifikatoriaus raktą, nukopijuokite TOTP tikrinimo kodą į iškarpinę, kai automatiškai užpildysite prisijungimą."
   },
   "enableAutoBiometricsPrompt": {
     "message": "Paleidžiant patvirtinti biometrinius duomenis"
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/lv/messages.json b/apps/browser/src/_locales/lv/messages.json
index 38c892aaed..6a274fd349 100644
--- a/apps/browser/src/_locales/lv/messages.json
+++ b/apps/browser/src/_locales/lv/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "ASV",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Piekļuve liegta. Nav nepieciešamo atļauju, lai skatītu šo lapu."
   }
 }
diff --git a/apps/browser/src/_locales/ml/messages.json b/apps/browser/src/_locales/ml/messages.json
index 4c4e9936e0..052e05cacd 100644
--- a/apps/browser/src/_locales/ml/messages.json
+++ b/apps/browser/src/_locales/ml/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/my/messages.json b/apps/browser/src/_locales/my/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/my/messages.json
+++ b/apps/browser/src/_locales/my/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/nb/messages.json b/apps/browser/src/_locales/nb/messages.json
index 8ede2fb938..f8958da337 100644
--- a/apps/browser/src/_locales/nb/messages.json
+++ b/apps/browser/src/_locales/nb/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/ne/messages.json b/apps/browser/src/_locales/ne/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/ne/messages.json
+++ b/apps/browser/src/_locales/ne/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/nl/messages.json b/apps/browser/src/_locales/nl/messages.json
index 68a6ba26b1..4a6dbb73fb 100644
--- a/apps/browser/src/_locales/nl/messages.json
+++ b/apps/browser/src/_locales/nl/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Toegang geweigerd. Je hebt geen toestemming om deze pagina te bekijken."
   }
 }
diff --git a/apps/browser/src/_locales/nn/messages.json b/apps/browser/src/_locales/nn/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/nn/messages.json
+++ b/apps/browser/src/_locales/nn/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/or/messages.json b/apps/browser/src/_locales/or/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/or/messages.json
+++ b/apps/browser/src/_locales/or/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/pl/messages.json b/apps/browser/src/_locales/pl/messages.json
index de2c505ced..71b307728f 100644
--- a/apps/browser/src/_locales/pl/messages.json
+++ b/apps/browser/src/_locales/pl/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Odmowa dostępu. Nie masz uprawnień do przeglądania tej strony."
   }
 }
diff --git a/apps/browser/src/_locales/pt_BR/messages.json b/apps/browser/src/_locales/pt_BR/messages.json
index 87585d561d..6b53aa165c 100644
--- a/apps/browser/src/_locales/pt_BR/messages.json
+++ b/apps/browser/src/_locales/pt_BR/messages.json
@@ -202,7 +202,7 @@
     "message": "Explore os fóruns da comunidade"
   },
   "contactSupport": {
-    "message": "Contact Bitwarden support"
+    "message": "Contate o suporte Bitwarden"
   },
   "sync": {
     "message": "Sincronizar"
@@ -1489,7 +1489,7 @@
     "message": "New master password"
   },
   "confirmNewMasterPass": {
-    "message": "Confirm new master password"
+    "message": "Confirme a nova senha mestre"
   },
   "masterPasswordPolicyInEffect": {
     "message": "Uma ou mais políticas da organização exigem que a sua senha mestra cumpra aos seguintes requisitos:"
@@ -2189,7 +2189,7 @@
     }
   },
   "autofillSelectInfoWithoutCommand": {
-    "message": "Select an item from this page or set a shortcut in settings."
+    "message": "Selecione um item desta página ou defina um atalho nas configurações."
   },
   "gotIt": {
     "message": "Entendi"
@@ -2222,10 +2222,10 @@
     }
   },
   "region": {
-    "message": "Region"
+    "message": "Região"
   },
   "opensInANewWindow": {
-    "message": "Opens in a new window"
+    "message": "Abrir em uma nova janela"
   },
   "eu": {
     "message": "EU",
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Acesso negado. Você não tem permissão para ver esta página."
   }
 }
diff --git a/apps/browser/src/_locales/pt_PT/messages.json b/apps/browser/src/_locales/pt_PT/messages.json
index 06474f83c4..164a036d69 100644
--- a/apps/browser/src/_locales/pt_PT/messages.json
+++ b/apps/browser/src/_locales/pt_PT/messages.json
@@ -101,7 +101,7 @@
     "message": "Sem credenciais correspondentes"
   },
   "unlockVaultMenu": {
-    "message": "Desbloqueie o seu cofre"
+    "message": "Desbloquear o cofre"
   },
   "loginToVaultMenu": {
     "message": "Inicie sessão para abrir o seu cofre"
@@ -153,7 +153,7 @@
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "yourAccountsFingerprint": {
-    "message": "Frase da impressão digital da sua conta",
+    "message": "Frase de impressão digital da sua conta",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "twoStepLogin": {
@@ -224,7 +224,7 @@
     "message": "Gera automaticamente palavras-passe fortes e únicas para as suas credenciais."
   },
   "bitWebVault": {
-    "message": "Cofre web Bitwarden"
+    "message": "Cofre Web Bitwarden"
   },
   "importItems": {
     "message": "Importar itens"
@@ -345,7 +345,7 @@
     "message": "Por favor, considere ajudar-nos com uma boa avaliação!"
   },
   "browserNotSupportClipboard": {
-    "message": "O seu navegador web não suporta a cópia fácil da área de transferência. Em vez disso, copie manualmente."
+    "message": "O seu navegador Web não suporta a cópia fácil da área de transferência. Em vez disso, copie manualmente."
   },
   "verifyIdentity": {
     "message": "Verificar identidade"
@@ -373,7 +373,7 @@
     "message": "Palavra-passe mestra inválida"
   },
   "vaultTimeout": {
-    "message": "Expiração do cofre"
+    "message": "Tempo limite do cofre"
   },
   "lockNow": {
     "message": "Bloquear agora"
@@ -439,7 +439,7 @@
     "message": "É necessário reescrever a palavra-passe mestra."
   },
   "masterPasswordMinlength": {
-    "message": "Master password must be at least $VALUE$ characters long.",
+    "message": "A palavra-passe mestra deve ter pelo menos $VALUE$ caracteres.",
     "description": "The Master Password must be at least a specific number of characters long.",
     "placeholders": {
       "value": {
@@ -587,22 +587,22 @@
     "description": "This is the folder for uncategorized items"
   },
   "enableAddLoginNotification": {
-    "message": "Ask to add login"
+    "message": "Pedir para adicionar credencial"
   },
   "addLoginNotificationDesc": {
     "message": "Pedir para adicionar um item se não o encontrar no seu cofre."
   },
   "showCardsCurrentTab": {
-    "message": "Show cards on Tab page"
+    "message": "Mostrar cartões na página Separador"
   },
   "showCardsCurrentTabDesc": {
-    "message": "List card items on the Tab page for easy auto-fill."
+    "message": "Listar itens de cartões na página Separador para facilitar o preenchimento automático."
   },
   "showIdentitiesCurrentTab": {
-    "message": "Show identities on Tab page"
+    "message": "Mostrar identidades na página Separador"
   },
   "showIdentitiesCurrentTabDesc": {
-    "message": "List identity items on the Tab page for easy auto-fill."
+    "message": "Listar itens de identidades na página Separador para facilitar o preenchimento automático."
   },
   "clearClipboard": {
     "message": "Limpar área de transferência",
@@ -619,10 +619,10 @@
     "message": "Guardar"
   },
   "enableChangedPasswordNotification": {
-    "message": "Ask to update existing login"
+    "message": "Pedir para atualizar credencial existente"
   },
   "changedPasswordNotificationDesc": {
-    "message": "Ask to update a login's password when a change is detected on a website."
+    "message": "Pedir para atualizar a palavra-passe de uma credencial quando for detetada uma alteração num site."
   },
   "notificationChangeDesc": {
     "message": "Pretende atualizar esta palavra-passe no Bitwarden?"
@@ -631,10 +631,10 @@
     "message": "Atualizar"
   },
   "enableContextMenuItem": {
-    "message": "Show context menu options"
+    "message": "Mostrar opções do menu de contexto"
   },
   "contextMenuItemDesc": {
-    "message": "Use a secondary click to access password generation and matching logins for the website. "
+    "message": "Utilize um clique secundário para aceder à geração de palavras-passe e às credenciais correspondentes do site. "
   },
   "defaultUriMatchDetection": {
     "message": "Deteção de correspondência de URI predefinida",
@@ -678,7 +678,7 @@
     "message": "Esta exportação contém os dados do seu cofre num formato não encriptado. Não deve armazenar ou enviar o ficheiro exportado através de canais não seguros (como o e-mail). Elimine-o imediatamente após terminar a sua utilização."
   },
   "encExportKeyWarningDesc": {
-    "message": "Esta exportação encripta os seus dados utilizando a chave de encriptação da sua conta. Se alguma vez mudar a chave de encriptação da sua conta, deve exportar novamente, uma vez que não conseguirá desencriptar este ficheiro de exportação."
+    "message": "Esta exportação encripta os seus dados utilizando a chave de encriptação da sua conta. Se alguma vez alterar a chave de encriptação da sua conta, deve exportar novamente, uma vez que não conseguirá desencriptar este ficheiro de exportação."
   },
   "encExportAccountWarningDesc": {
     "message": "As chaves de encriptação da conta são únicas para cada conta de utilizador Bitwarden, pelo que não é possível importar uma exportação encriptada para uma conta diferente."
@@ -772,7 +772,7 @@
     "message": "Gerir subscrição"
   },
   "premiumManageAlert": {
-    "message": "Pode gerir a sua subscrição no cofre web bitwarden.com. Pretende visitar o site agora?"
+    "message": "Pode gerir a sua subscrição no cofre Web bitwarden.com. Pretende visitar o site agora?"
   },
   "premiumRefresh": {
     "message": "Atualizar subscrição"
@@ -805,7 +805,7 @@
     "message": "Adquirir Premium"
   },
   "premiumPurchaseAlert": {
-    "message": "Pode adquirir uma subscrição Premium no cofre web bitwarden.com. Pretende visitar o site agora?"
+    "message": "Pode adquirir uma subscrição Premium no cofre Web bitwarden.com. Pretende visitar o site agora?"
   },
   "premiumCurrentMember": {
     "message": "É um membro Premium!"
@@ -826,13 +826,13 @@
     "message": "Atualização concluída"
   },
   "enableAutoTotpCopy": {
-    "message": "Copy TOTP automatically"
+    "message": "Copiar TOTP automaticamente"
   },
   "disableAutoTotpCopyDesc": {
     "message": "Se uma credencial tiver uma chave de autenticação, copie o código de verificação TOTP para a sua área de transferência quando preencher automaticamente o início de sessão."
   },
   "enableAutoBiometricsPrompt": {
-    "message": "Ask for biometrics on launch"
+    "message": "Pedir biometria ao iniciar"
   },
   "premiumRequired": {
     "message": "É necessária uma subscrição Premium"
@@ -862,7 +862,7 @@
     }
   },
   "rememberMe": {
-    "message": "Memorizar-me"
+    "message": "Memorizar"
   },
   "sendVerificationCodeEmailAgain": {
     "message": "Enviar e-mail com o código de verificação novamente"
@@ -889,10 +889,10 @@
     "message": "Início de sessão indisponível"
   },
   "noTwoStepProviders": {
-    "message": "Esta conta tem a verificação de dois passos configurada, no entanto, nenhum dos fornecedores da verificação de dois passos configurada é suportado por este navegador web."
+    "message": "Esta conta tem a verificação de dois passos configurada, no entanto, nenhum dos fornecedores da verificação de dois passos configurada é suportado por este navegador Web."
   },
   "noTwoStepProviders2": {
-    "message": "Por favor, utilize um navegador web suportado (como o Chrome) e/ou adicione fornecedores adicionais que sejam mais bem suportados nos navegadores web (como uma aplicação de autenticação)."
+    "message": "Por favor, utilize um navegador Web suportado (como o Chrome) e/ou adicione fornecedores adicionais que sejam mais bem suportados nos navegadores web (como uma aplicação de autenticação)."
   },
   "twoStepOptions": {
     "message": "Opções de verificação de dois passos"
@@ -955,7 +955,7 @@
     "message": "URL do servidor da API"
   },
   "webVaultUrl": {
-    "message": "URL do servidor do cofre web"
+    "message": "URL do servidor do cofre Web"
   },
   "identityUrl": {
     "message": "URL do servidor de identidade"
@@ -973,13 +973,13 @@
     "message": "Preencher automaticamente ao carregar a página"
   },
   "enableAutoFillOnPageLoadDesc": {
-    "message": "Se for detetado um formulário de início de sessão, o preenchimento automático é efetuado quando a página web é carregada."
+    "message": "Se for detetado um formulário de início de sessão, o preenchimento automático é efetuado quando a página Web é carregada."
   },
   "experimentalFeature": {
-    "message": "Compromised or untrusted websites can exploit auto-fill on page load."
+    "message": "Os sites comprometidos ou não confiáveis podem explorar o preenchimento automático ao carregar a página."
   },
   "learnMoreAboutAutofill": {
-    "message": "Learn more about auto-fill"
+    "message": "Saber mais sobre o preenchimento automático"
   },
   "defaultAutoFillOnPageLoad": {
     "message": "Definição de preenchimento automático predefinido para itens de início de sessão"
@@ -1056,16 +1056,16 @@
     "message": "Este navegador não pode processar pedidos U2F nesta janela pop-up. Pretende abrir este pop-up numa nova janela para poder iniciar sessão utilizando o U2F?"
   },
   "enableFavicon": {
-    "message": "Show website icons"
+    "message": "Mostrar ícones do site"
   },
   "faviconDesc": {
-    "message": "Show a recognizable image next to each login."
+    "message": "Mostrar uma imagem reconhecível junto a cada credencial."
   },
   "enableBadgeCounter": {
-    "message": "Show badge counter"
+    "message": "Mostrar distintivo de contador"
   },
   "badgeCounterDesc": {
-    "message": "Indicate how many logins you have for the current web page."
+    "message": "Indica quantas credenciais tem para a página Web atual."
   },
   "cardholderName": {
     "message": "Titular do cartão"
@@ -1143,7 +1143,7 @@
     "message": "Dr."
   },
   "mx": {
-    "message": "Mx"
+    "message": "Neutro"
   },
   "firstName": {
     "message": "Nome próprio"
@@ -1278,7 +1278,7 @@
     "description": "Domain name. Ex. website.com"
   },
   "host": {
-    "message": "Servidor",
+    "message": "Domínio",
     "description": "A URL's host value. For example, the host of https://sub.domain.com:443 is 'sub.domain.com:443'."
   },
   "exact": {
@@ -1415,7 +1415,7 @@
     "message": "Uma ou mais políticas da organização estão a afetar as suas definições do gerador."
   },
   "vaultTimeoutAction": {
-    "message": "Ação de expiração do cofre"
+    "message": "Ação de tempo limite do cofre"
   },
   "lock": {
     "message": "Bloquear",
@@ -1450,7 +1450,7 @@
     "message": "Ao terminar sessão removerá todo o acesso ao seu cofre e requer autenticação online após o período de tempo limite. Tem a certeza de que pretende utilizar esta definição?"
   },
   "vaultTimeoutLogOutConfirmationTitle": {
-    "message": "Confirmação de expiração do cofre"
+    "message": "Confirmação da ação de tempo limite"
   },
   "autoFillAndSave": {
     "message": "Preencher automaticamente e guardar"
@@ -1462,16 +1462,16 @@
     "message": "Item preenchido automaticamente "
   },
   "insecurePageWarning": {
-    "message": "Warning: This is an unsecured HTTP page, and any information you submit can potentially be seen and changed by others. This Login was originally saved on a secure (HTTPS) page."
+    "message": "Aviso: Esta é uma página HTTP não segura, e qualquer informação que submeta pode ser vista e alterada por outros. Esta credencial foi originalmente guardada numa página segura (HTTPS)."
   },
   "insecurePageWarningFillPrompt": {
-    "message": "Do you still wish to fill this login?"
+    "message": "Ainda deseja preencher este início de sessão?"
   },
   "autofillIframeWarning": {
-    "message": "The form is hosted by a different domain than the URI of your saved login. Choose OK to auto-fill anyway, or Cancel to stop."
+    "message": "O formulário está alojado num domínio diferente do URI da sua credencial guardada. Selecione OK para preencher automaticamente na mesma ou Cancelar para parar."
   },
   "autofillIframeWarningTip": {
-    "message": "To prevent this warning in the future, save this URI, $HOSTNAME$, to your Bitwarden login item for this site.",
+    "message": "Para evitar este aviso no futuro, guarde este URI, $HOSTNAME$, no seu item de início de sessão do Bitwarden deste site.",
     "placeholders": {
       "hostname": {
         "content": "$1",
@@ -1483,10 +1483,10 @@
     "message": "Definir palavra-passe mestra"
   },
   "currentMasterPass": {
-    "message": "Current master password"
+    "message": "Palavra-passe mestra atual"
   },
   "newMasterPass": {
-    "message": "New master password"
+    "message": "Nova palavra-passe mestra"
   },
   "confirmNewMasterPass": {
     "message": "Confirmar a nova palavra-passe mestra"
@@ -1567,61 +1567,61 @@
     "message": "Iniciar a aplicação para computador Bitwarden"
   },
   "startDesktopDesc": {
-    "message": "The Bitwarden desktop application needs to be started before unlock with biometrics can be used."
+    "message": "A aplicação para computador do Bitwarden tem de ser iniciada antes de se poder utilizar o desbloqueio com biometria."
   },
   "errorEnableBiometricTitle": {
-    "message": "Unable to set up biometrics"
+    "message": "Não é possível configurar a biometria"
   },
   "errorEnableBiometricDesc": {
-    "message": "Action was canceled by the desktop application"
+    "message": "A ação foi cancelada pela aplicação para computador"
   },
   "nativeMessagingInvalidEncryptionDesc": {
-    "message": "Desktop application invalidated the secure communication channel. Please retry this operation"
+    "message": "A aplicação para computador invalidou o canal de comunicação seguro. Por favor, tente novamente esta operação"
   },
   "nativeMessagingInvalidEncryptionTitle": {
-    "message": "Desktop communication interrupted"
+    "message": "Interrupção da comunicação com o computador"
   },
   "nativeMessagingWrongUserDesc": {
-    "message": "The desktop application is logged into a different account. Please ensure both applications are logged into the same account."
+    "message": "A aplicação para computador tem a sessão iniciada numa conta diferente. Por favor, certifique-se de que ambas as aplicações têm a sessão iniciada na mesma conta."
   },
   "nativeMessagingWrongUserTitle": {
-    "message": "Account missmatch"
+    "message": "Incompatibilidade de contas"
   },
   "biometricsNotEnabledTitle": {
-    "message": "Biometrics not set up"
+    "message": "Biometria não configurada"
   },
   "biometricsNotEnabledDesc": {
-    "message": "Browser biometrics requires desktop biometric to be set up in the settings first."
+    "message": "A biometria do navegador requer que a biometria do computador seja primeiro configurada nas definições."
   },
   "biometricsNotSupportedTitle": {
-    "message": "Biometrics not supported"
+    "message": "Biometria não suportada"
   },
   "biometricsNotSupportedDesc": {
-    "message": "Browser biometrics is not supported on this device."
+    "message": "A biometria do navegador não é suportada neste dispositivo."
   },
   "nativeMessaginPermissionErrorTitle": {
-    "message": "Permission not provided"
+    "message": "Autorização não concedida"
   },
   "nativeMessaginPermissionErrorDesc": {
-    "message": "Without permission to communicate with the Bitwarden Desktop Application we cannot provide biometrics in the browser extension. Please try again."
+    "message": "Sem autorização para comunicar com a aplicação para computador do Bitwarden, não podemos fornecer dados biométricos na extensão do navegador. Por favor, tente novamente."
   },
   "nativeMessaginPermissionSidebarTitle": {
-    "message": "Permission request error"
+    "message": "Erro no pedido de autorização"
   },
   "nativeMessaginPermissionSidebarDesc": {
-    "message": "This action cannot be done in the sidebar, please retry the action in the popup or popout."
+    "message": "Esta ação não pode ser realizada na barra lateral. Por favor, repita a ação no pop-up ou no popout."
   },
   "personalOwnershipSubmitError": {
-    "message": "Due to an Enterprise Policy, you are restricted from saving items to your personal vault. Change the Ownership option to an organization and choose from available collections."
+    "message": "Devido a uma política empresarial, está impedido de guardar itens no seu cofre pessoal. Altere a opção Propriedade para uma organização e escolha entre as coleções disponíveis."
   },
   "personalOwnershipPolicyInEffect": {
-    "message": "An organization policy is affecting your ownership options."
+    "message": "Uma política da organização está a afetar as suas opções de propriedade."
   },
   "excludedDomains": {
-    "message": "Excluded domains"
+    "message": "Domínios excluídos"
   },
   "excludedDomainsDesc": {
-    "message": "Bitwarden will not ask to save login details for these domains. You must refresh the page for changes to take effect."
+    "message": "O Bitwarden não pedirá para guardar os detalhes de início de sessão destes domínios. É necessário atualizar a página para que as alterações tenham efeito."
   },
   "excludedDomainsInvalidDomain": {
     "message": "$DOMAIN$ não é um domínio válido",
@@ -1732,10 +1732,10 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "oneDay": {
-    "message": "1 day"
+    "message": "1 dia"
   },
   "days": {
-    "message": "$DAYS$ days",
+    "message": "$DAYS$ dias",
     "placeholders": {
       "days": {
         "content": "$1",
@@ -1747,55 +1747,55 @@
     "message": "Personalizado"
   },
   "maximumAccessCount": {
-    "message": "Maximum Access Count"
+    "message": "Número máximo de acessos"
   },
   "maximumAccessCountDesc": {
-    "message": "If set, users will no longer be able to access this Send once the maximum access count is reached.",
+    "message": "Se definido, os utilizadores deixarão de poder aceder a este Send quando a contagem máxima de acessos for atingida.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendPasswordDesc": {
-    "message": "Optionally require a password for users to access this Send.",
+    "message": "Opcionalmente, exigir uma palavra-passe para os utilizadores acederem a este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendNotesDesc": {
-    "message": "Private notes about this Send.",
+    "message": "Notas privadas sobre este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendDisableDesc": {
-    "message": "Deactivate this Send so that no one can access it.",
+    "message": "Desative este Send para que ninguém possa aceder ao mesmo.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendShareDesc": {
-    "message": "Copy this Send's link to clipboard upon save.",
+    "message": "Copiar o link deste Send para a área de transferência ao guardar.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendTextDesc": {
-    "message": "The text you want to send."
+    "message": "O texto que deseja enviar."
   },
   "sendHideText": {
-    "message": "Hide this Send's text by default.",
+    "message": "Ocultar o texto deste Send por defeito.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "currentAccessCount": {
-    "message": "Current access count"
+    "message": "Número de acessos atual"
   },
   "createSend": {
-    "message": "New Send",
+    "message": "Novo Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "newPassword": {
     "message": "Nova palavra-passe"
   },
   "sendDisabled": {
-    "message": "Send removed",
+    "message": "Send removido",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendDisabledWarning": {
-    "message": "Due to an enterprise policy, you are only able to delete an existing Send.",
+    "message": "Devido a uma política da empresa, só é possível eliminar um Send existente.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "createdSend": {
-    "message": "Send created",
+    "message": "Send criado",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "editedSend": {
@@ -1803,13 +1803,13 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendLinuxChromiumFileWarning": {
-    "message": "In order to choose a file, open the extension in the sidebar (if possible) or pop out to a new window by clicking this banner."
+    "message": "Para escolher um ficheiro, abra a extensão na barra lateral (se possível) ou abra uma nova janela clicando neste banner."
   },
   "sendFirefoxFileWarning": {
-    "message": "In order to choose a file using Firefox, open the extension in the sidebar or pop out to a new window by clicking this banner."
+    "message": "Para escolher um ficheiro utilizando o Firefox, abra a extensão na barra lateral ou abra uma nova janela clicando neste banner."
   },
   "sendSafariFileWarning": {
-    "message": "In order to choose a file using Safari, pop out to a new window by clicking this banner."
+    "message": "Para escolher um ficheiro utilizando o Safari, abra uma nova janela clicando neste banner."
   },
   "sendFileCalloutHeader": {
     "message": "Antes de começar"
@@ -1848,19 +1848,19 @@
     "message": "Uma ou mais políticas da organização estão a afetar as suas opções do Send."
   },
   "passwordPrompt": {
-    "message": "Master password re-prompt"
+    "message": "Pedir novamente a palavra-passe mestra"
   },
   "passwordConfirmation": {
-    "message": "Master password confirmation"
+    "message": "Confirmação da palavra-passe mestra"
   },
   "passwordConfirmationDesc": {
-    "message": "This action is protected. To continue, please re-enter your master password to verify your identity."
+    "message": "Esta ação está protegida. Para continuar, por favor, reintroduza a sua palavra-passe mestra para verificar a sua identidade."
   },
   "emailVerificationRequired": {
-    "message": "Email verification required"
+    "message": "Verificação de e-mail necessária"
   },
   "emailVerificationRequiredDesc": {
-    "message": "You must verify your email to use this feature. You can verify your email in the web vault."
+    "message": "Tem de verificar o seu e-mail para utilizar esta funcionalidade. Pode verificar o seu e-mail no cofre Web."
   },
   "updatedMasterPassword": {
     "message": "Palavra-passe mestra atualizada"
@@ -1878,13 +1878,13 @@
     "message": "Inscrição automática"
   },
   "resetPasswordAutoEnrollInviteWarning": {
-    "message": "This organization has an enterprise policy that will automatically enroll you in password reset. Enrollment will allow organization administrators to change your master password."
+    "message": "Esta organização tem uma política empresarial que o inscreverá automaticamente na redefinição de palavra-passe. A inscrição permitirá que os administradores da organização alterem a sua palavra-passe mestra."
   },
   "selectFolder": {
     "message": "Selecionar pasta..."
   },
   "ssoCompleteRegistration": {
-    "message": "In order to complete logging in with SSO, please set a master password to access and protect your vault."
+    "message": "Para concluir o início de sessão com SSO, por favor, defina uma palavra-passe mestra para aceder e proteger o seu cofre."
   },
   "hours": {
     "message": "Horas"
@@ -1893,7 +1893,7 @@
     "message": "Minutos"
   },
   "vaultTimeoutPolicyInEffect": {
-    "message": "Your organization policies have set your maximum allowed vault timeout to $HOURS$ hour(s) and $MINUTES$ minute(s).",
+    "message": "As políticas da sua organização definiram o tempo limite máximo permitido do cofre de $HOURS$ hora(s) e $MINUTES$ minuto(s).",
     "placeholders": {
       "hours": {
         "content": "$1",
@@ -1906,7 +1906,7 @@
     }
   },
   "vaultTimeoutPolicyWithActionInEffect": {
-    "message": "Your organization policies are affecting your vault timeout. Maximum allowed vault timeout is $HOURS$ hour(s) and $MINUTES$ minute(s). Your vault timeout action is set to $ACTION$.",
+    "message": "As políticas da sua organização estão a afetar o tempo limite do cofre. O tempo limite máximo permitido do cofre é de $HOURS$ hora(s) e $MINUTES$ minuto(s). A sua ação de tempo limite do cofre está definida para $ACTION$.",
     "placeholders": {
       "hours": {
         "content": "$1",
@@ -1923,7 +1923,7 @@
     }
   },
   "vaultTimeoutActionPolicyInEffect": {
-    "message": "Your organization policies have set your vault timeout action to $ACTION$.",
+    "message": "As políticas da sua organização definiram a ação de tempo limite do cofre para $ACTION$.",
     "placeholders": {
       "action": {
         "content": "$1",
@@ -1932,22 +1932,22 @@
     }
   },
   "vaultTimeoutTooLarge": {
-    "message": "Your vault timeout exceeds the restrictions set by your organization."
+    "message": "O tempo limite do seu cofre excede as restrições definidas pela sua organização."
   },
   "vaultExportDisabled": {
-    "message": "Vault export unavailable"
+    "message": "Exportação de cofre indisponível"
   },
   "personalVaultExportPolicyInEffect": {
     "message": "Uma ou mais políticas da organização impedem-no de exportar o seu cofre pessoal."
   },
   "copyCustomFieldNameInvalidElement": {
-    "message": "Unable to identify a valid form element. Try inspecting the HTML instead."
+    "message": "Não foi possível identificar um elemento de formulário válido. Em alternativa, tente inspecionar o HTML."
   },
   "copyCustomFieldNameNotUnique": {
-    "message": "No unique identifier found."
+    "message": "Não foi encontrado um identificador único."
   },
   "convertOrganizationEncryptionDesc": {
-    "message": "$ORGANIZATION$ is using SSO with a self-hosted key server. A master password is no longer required to log in for members of this organization.",
+    "message": "A $ORGANIZATION$ está a utilizar o SSO com um servidor de chaves auto-hospedado. Já não é necessária uma palavra-passe mestra para iniciar sessão para os membros desta organização.",
     "placeholders": {
       "organization": {
         "content": "$1",
@@ -1971,7 +1971,7 @@
     "message": "Saiu da organização."
   },
   "toggleCharacterCount": {
-    "message": "Toggle character count"
+    "message": "Mostrar/ocultar contagem de caracteres"
   },
   "sessionTimeout": {
     "message": "A sua sessão expirou. Por favor, volte atrás e tente iniciar sessão novamente."
@@ -2032,13 +2032,13 @@
     "message": "Serviço"
   },
   "forwardedEmail": {
-    "message": "Forwarded email alias"
+    "message": "Alias de e-mail reencaminhado"
   },
   "forwardedEmailDesc": {
-    "message": "Generate an email alias with an external forwarding service."
+    "message": "Gerar um alias de e-mail com um serviço de reencaminhamento externo."
   },
   "hostname": {
-    "message": "Hostname",
+    "message": "Nome de domínio",
     "description": "Part of a URL."
   },
   "apiAccessToken": {
@@ -2048,16 +2048,16 @@
     "message": "Chave da API"
   },
   "ssoKeyConnectorError": {
-    "message": "Key connector error: make sure key connector is available and working correctly."
+    "message": "Erro no Key Connector: certifique-se de que o Key Connector está disponível e a funcionar corretamente."
   },
   "premiumSubcriptionRequired": {
     "message": "É necessária uma subscrição Premium"
   },
   "organizationIsDisabled": {
-    "message": "Organization suspended."
+    "message": "Organização suspensa."
   },
   "disabledOrganizationFilterError": {
-    "message": "Items in suspended Organizations cannot be accessed. Contact your Organization owner for assistance."
+    "message": "Não é possível aceder aos itens de organizações suspensas. Contacte o proprietário da organização para obter assistência."
   },
   "loggingInTo": {
     "message": "A iniciar sessão em $DOMAIN$",
@@ -2078,16 +2078,16 @@
     "message": "para voltar às definições predefinidas"
   },
   "serverVersion": {
-    "message": "Server version"
+    "message": "Versão do servidor"
   },
   "selfHosted": {
-    "message": "Self-hosted"
+    "message": "Auto-hospedado"
   },
   "thirdParty": {
-    "message": "Third-party"
+    "message": "De terceiros"
   },
   "thirdPartyServerMessage": {
-    "message": "Connected to third-party server implementation, $SERVERNAME$. Please verify bugs using the official server, or report them to the third-party server.",
+    "message": "Ligado à implementação de um servidor de terceiros, $SERVERNAME$. Por favor, verifique os erros utilizando o servidor oficial ou reporte-os ao servidor de terceiros.",
     "placeholders": {
       "servername": {
         "content": "$1",
@@ -2096,7 +2096,7 @@
     }
   },
   "lastSeenOn": {
-    "message": "last seen on: $DATE$",
+    "message": "visto pela última vez em: $DATE$",
     "placeholders": {
       "date": {
         "content": "$1",
@@ -2120,52 +2120,52 @@
     "message": "Memorizar e-mail"
   },
   "loginWithDevice": {
-    "message": "Log in with device"
+    "message": "Iniciar sessão com o dispositivo"
   },
   "loginWithDeviceEnabledInfo": {
-    "message": "Log in with device must be set up in the settings of the Bitwarden app. Need another option?"
+    "message": "O início de sessão com o dispositivo deve ser ativado nas definições da aplicação Bitwarden. Necessita de outra opção?"
   },
   "fingerprintPhraseHeader": {
-    "message": "Fingerprint phrase"
+    "message": "Frase de impressão digital"
   },
   "fingerprintMatchInfo": {
-    "message": "Please make sure your vault is unlocked and the Fingerprint phrase matches on the other device."
+    "message": "Por favor, certifique-se de que o cofre está desbloqueado e que a frase de impressão digital corresponde à do outro dispositivo."
   },
   "resendNotification": {
-    "message": "Resend notification"
+    "message": "Reenviar notificação"
   },
   "viewAllLoginOptions": {
-    "message": "View all log in options"
+    "message": "Ver todas as opções de início de sessão"
   },
   "notificationSentDevice": {
-    "message": "A notification has been sent to your device."
+    "message": "Foi enviada uma notificação para o seu dispositivo."
   },
   "logInInitiated": {
-    "message": "Log in initiated"
+    "message": "A preparar o início de sessão"
   },
   "exposedMasterPassword": {
-    "message": "Exposed Master Password"
+    "message": "Palavra-passe mestra exposta"
   },
   "exposedMasterPasswordDesc": {
-    "message": "Password found in a data breach. Use a unique password to protect your account. Are you sure you want to use an exposed password?"
+    "message": "Palavra-passe encontrada numa violação de dados. Utilize uma palavra-passe única para proteger a sua conta. Tem a certeza de que pretende utilizar uma palavra-passe exposta?"
   },
   "weakAndExposedMasterPassword": {
-    "message": "Weak and Exposed Master Password"
+    "message": "Palavra-passe mestra fraca e exposta"
   },
   "weakAndBreachedMasterPasswordDesc": {
-    "message": "Weak password identified and found in a data breach. Use a strong and unique password to protect your account. Are you sure you want to use this password?"
+    "message": "Palavra-passe fraca identificada e encontrada numa violação de dados. Utilize uma palavra-passe forte e única para proteger a sua conta. Tem a certeza de que pretende utilizar esta palavra-passe?"
   },
   "checkForBreaches": {
-    "message": "Check known data breaches for this password"
+    "message": "Verificar violações de dados conhecidas para esta palavra-passe"
   },
   "important": {
-    "message": "Important:"
+    "message": "Importante:"
   },
   "masterPasswordHint": {
-    "message": "Your master password cannot be recovered if you forget it!"
+    "message": "A sua palavra-passe mestra não pode ser recuperada se a esquecer!"
   },
   "characterMinimum": {
-    "message": "$LENGTH$ character minimum",
+    "message": "$LENGTH$ caracteres no mínimo",
     "placeholders": {
       "length": {
         "content": "$1",
@@ -2174,13 +2174,13 @@
     }
   },
   "autofillPageLoadPolicyActivated": {
-    "message": "Your organization policies have turned on auto-fill on page load."
+    "message": "As políticas da sua organização ativaram o preenchimento automático ao carregar a página."
   },
   "howToAutofill": {
-    "message": "How to auto-fill"
+    "message": "Como preencher automaticamente"
   },
   "autofillSelectInfoWithCommand": {
-    "message": "Select an item from this page or use the shortcut: $COMMAND$",
+    "message": "Selecione um item desta página ou utilize o atalho: $COMMAND$",
     "placeholders": {
       "command": {
         "content": "$1",
@@ -2189,22 +2189,22 @@
     }
   },
   "autofillSelectInfoWithoutCommand": {
-    "message": "Select an item from this page or set a shortcut in settings."
+    "message": "Selecione um item desta página ou defina um atalho nas definições."
   },
   "gotIt": {
-    "message": "Got it"
+    "message": "Percebido"
   },
   "autofillSettings": {
-    "message": "Auto-fill settings"
+    "message": "Definições de preenchimento automático"
   },
   "autofillShortcut": {
-    "message": "Auto-fill keyboard shortcut"
+    "message": "Atalho de teclado de preenchimento automático"
   },
   "autofillShortcutNotSet": {
-    "message": "The auto-fill shortcut is not set. Change this in the browser's settings."
+    "message": "O atalho de preenchimento automático não está definido. Altere-o nas definições do navegador."
   },
   "autofillShortcutText": {
-    "message": "The auto-fill shortcut is: $COMMAND$. Change this in the browser's settings.",
+    "message": "O atalho de preenchimento automático é: $COMMAND$. Altere-o nas definições do navegador.",
     "placeholders": {
       "command": {
         "content": "$1",
@@ -2213,7 +2213,7 @@
     }
   },
   "autofillShortcutTextSafari": {
-    "message": "Default auto-fill shortcut: $COMMAND$.",
+    "message": "Atalho de preenchimento automático predefinido: $COMMAND$.",
     "placeholders": {
       "command": {
         "content": "$1",
@@ -2225,7 +2225,7 @@
     "message": "Região"
   },
   "opensInANewWindow": {
-    "message": "Opens in a new window"
+    "message": "Abrir numa nova janela"
   },
   "eu": {
     "message": "UE",
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "EUA",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Acesso negado. Não tem permissão para visualizar esta página."
   }
 }
diff --git a/apps/browser/src/_locales/ro/messages.json b/apps/browser/src/_locales/ro/messages.json
index 47a684aa1a..63ded6f3b0 100644
--- a/apps/browser/src/_locales/ro/messages.json
+++ b/apps/browser/src/_locales/ro/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/ru/messages.json b/apps/browser/src/_locales/ru/messages.json
index 9da7f861dc..5a48ee8521 100644
--- a/apps/browser/src/_locales/ru/messages.json
+++ b/apps/browser/src/_locales/ru/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "США",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Доступ запрещен. У вас нет разрешения на просмотр этой страницы."
   }
 }
diff --git a/apps/browser/src/_locales/si/messages.json b/apps/browser/src/_locales/si/messages.json
index 94baba9b6d..6cdde8fd67 100644
--- a/apps/browser/src/_locales/si/messages.json
+++ b/apps/browser/src/_locales/si/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/sk/messages.json b/apps/browser/src/_locales/sk/messages.json
index 2fa04daf3d..0d0bb2efa4 100644
--- a/apps/browser/src/_locales/sk/messages.json
+++ b/apps/browser/src/_locales/sk/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "USA",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Prístup zamietnutý. Nemáte oprávnenie na zobrazenie tejto stránky."
   }
 }
diff --git a/apps/browser/src/_locales/sl/messages.json b/apps/browser/src/_locales/sl/messages.json
index 53c32c686c..dcdf3d9d25 100644
--- a/apps/browser/src/_locales/sl/messages.json
+++ b/apps/browser/src/_locales/sl/messages.json
@@ -1042,11 +1042,11 @@
     "message": "Logična vrednost"
   },
   "cfTypeLinked": {
-    "message": "Linked",
+    "message": "Povezano polje",
     "description": "This describes a field that is 'linked' (tied) to another field."
   },
   "linkedValue": {
-    "message": "Linked value",
+    "message": "Povezana vrednost",
     "description": "This describes a value that is 'linked' (tied) to another value."
   },
   "popup2faCloseMessage": {
@@ -1762,18 +1762,18 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendDisableDesc": {
-    "message": "Onemogoči to pošiljko, da nihče ne more dostopati do nje",
+    "message": "Onemogoči to pošiljko, da nihče ne more dostopati do nje.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendShareDesc": {
-    "message": "Kopiraj povezavo te pošiljke v odložišče po shranjevanju",
+    "message": "Kopiraj povezavo te pošiljke v odložišče, ko shranim.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendTextDesc": {
     "message": "Besedilo, ki ga želite poslati"
   },
   "sendHideText": {
-    "message": "Privzeto skrij besedilo te pošiljke",
+    "message": "Privzeto skrij besedilo te pošiljke.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "currentAccessCount": {
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/sr/messages.json b/apps/browser/src/_locales/sr/messages.json
index 952ae90145..bf563899e7 100644
--- a/apps/browser/src/_locales/sr/messages.json
+++ b/apps/browser/src/_locales/sr/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Одбијен приступ. Немате дозволу да видите ову страницу."
   }
 }
diff --git a/apps/browser/src/_locales/sv/messages.json b/apps/browser/src/_locales/sv/messages.json
index 79afc8729d..b099263830 100644
--- a/apps/browser/src/_locales/sv/messages.json
+++ b/apps/browser/src/_locales/sv/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/te/messages.json b/apps/browser/src/_locales/te/messages.json
index 69d26333a8..27c985453e 100644
--- a/apps/browser/src/_locales/te/messages.json
+++ b/apps/browser/src/_locales/te/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/th/messages.json b/apps/browser/src/_locales/th/messages.json
index 1e43987ab0..da7c1104f2 100644
--- a/apps/browser/src/_locales/th/messages.json
+++ b/apps/browser/src/_locales/th/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/tr/messages.json b/apps/browser/src/_locales/tr/messages.json
index cdc8e109fe..3a79113609 100644
--- a/apps/browser/src/_locales/tr/messages.json
+++ b/apps/browser/src/_locales/tr/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "ABD",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Erişim engellendi. Bu sayfayı görüntüleme iznine sahip değilsiniz."
   }
 }
diff --git a/apps/browser/src/_locales/uk/messages.json b/apps/browser/src/_locales/uk/messages.json
index 1969bc3362..a239bc17ab 100644
--- a/apps/browser/src/_locales/uk/messages.json
+++ b/apps/browser/src/_locales/uk/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "США",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Доступ заборонено. У вас немає дозволу на перегляд цієї сторінки."
   }
 }
diff --git a/apps/browser/src/_locales/vi/messages.json b/apps/browser/src/_locales/vi/messages.json
index fee4c66f3a..66aab88a3b 100644
--- a/apps/browser/src/_locales/vi/messages.json
+++ b/apps/browser/src/_locales/vi/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/src/_locales/zh_CN/messages.json b/apps/browser/src/_locales/zh_CN/messages.json
index 2275865d06..e2ef261360 100644
--- a/apps/browser/src/_locales/zh_CN/messages.json
+++ b/apps/browser/src/_locales/zh_CN/messages.json
@@ -2054,10 +2054,10 @@
     "message": "需要高级版订阅"
   },
   "organizationIsDisabled": {
-    "message": "组织已暂停。"
+    "message": "组织已停用。"
   },
   "disabledOrganizationFilterError": {
-    "message": "无法访问已暂停组织中的项目。请联系您的组织所有者获取帮助。"
+    "message": "无法访问已停用组织中的项目。请联系您的组织所有者获取协助。"
   },
   "loggingInTo": {
     "message": "正在登录到 $DOMAIN$",
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "美国",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "访问被拒绝。您没有权限查看此页面。"
   }
 }
diff --git a/apps/browser/src/_locales/zh_TW/messages.json b/apps/browser/src/_locales/zh_TW/messages.json
index 42e082f136..fef6ab9ee3 100644
--- a/apps/browser/src/_locales/zh_TW/messages.json
+++ b/apps/browser/src/_locales/zh_TW/messages.json
@@ -2234,5 +2234,8 @@
   "us": {
     "message": "US",
     "description": "United States"
+  },
+  "accessDenied": {
+    "message": "Access denied. You do not have permission to view this page."
   }
 }
diff --git a/apps/browser/store/locales/lt/copy.resx b/apps/browser/store/locales/lt/copy.resx
index d2aa4024c0..e2d30250e0 100644
--- a/apps/browser/store/locales/lt/copy.resx
+++ b/apps/browser/store/locales/lt/copy.resx
@@ -124,31 +124,31 @@
     <value>Saugi ir nemokama slaptažodžių tvarkyklė visiems įrenginiams</value>
   </data>
   <data name="Description" xml:space="preserve">
-    <value>Bitwarden, Inc. is the parent company of 8bit Solutions LLC.
+    <value>Bitwarden, Inc. yra pagrindinė 8bit Solutions LLC įmonė.
 
-NAMED BEST PASSWORD MANAGER BY THE VERGE, U.S. NEWS &amp; WORLD REPORT, CNET, AND MORE.
+ĮVARDINTA GERIAUSIU SLAPTAŽODŽIŲ TVARKYTOJU.
 
-Manage, store, secure, and share unlimited passwords across unlimited devices from anywhere. Bitwarden delivers open source password management solutions to everyone, whether at  home, at work, or on the go.
+Tvarkykite, saugokite, saugokite ir bendrinkite neribotą skaičių slaptažodžių neribotuose įrenginiuose iš bet kurios vietos. „Bitwarden“ teikia atvirojo kodo slaptažodžių valdymo sprendimus visiems – tiek namuose, tiek darbe, tiek keliaujant.
 
-Generate strong, unique, and random passwords based on security requirements for every website you frequent.
+Generuokite stiprius, unikalius ir atsitiktinius slaptažodžius pagal saugos reikalavimus kiekvienai lankomai svetainei.
 
-Bitwarden Send quickly transmits encrypted information --- files and plaintext -- directly to anyone.
+„Bitwarden Send“ greitai perduoda užšifruotą informaciją – failus ir paprastą tekstą – tiesiogiai bet kam.
 
-Bitwarden offers Teams and Enterprise plans for companies so you can securely share passwords with colleagues.
+Bitwarden siūlo komandų ir įmonių planus įmonėms, kad galėtumėte saugiai dalytis slaptažodžiais su kolegomis.
 
-Why Choose Bitwarden:
+Kodėl verta rinktis „Bitwarden“:
 
-World-Class Encryption
-Passwords are protected with advanced end-to-end encryption (AES-256 bit, salted hashing, and PBKDF2 SHA-256) so your data stays secure and private.
+Pasaulinės klasės šifravimas
+Slaptažodžiai yra apsaugoti naudojant pažangų šifravimą nuo galo iki galo (AES-256 bitai, žyma su grotelėmis ir PBKDF2 SHA-256), todėl jūsų duomenys išliks saugūs ir privatūs.
 
-Built-in Password Generator
-Generate strong, unique, and random passwords based on security requirements for every website you frequent.
+Integruotas slaptažodžių generatorius
+Generuokite stiprius, unikalius ir atsitiktinius slaptažodžius pagal saugos reikalavimus kiekvienai lankomai svetainei.
 
-Global Translations 
-Bitwarden translations exist in 40 languages and are growing, thanks to our global community.
+Pasauliniai vertimai
+„Bitwarden“ vertimai egzistuoja 40 kalbų ir mūsų pasaulinės bendruomenės dėka auga.
 
-Cross-Platform Applications 
-Secure and share sensitive data within your Bitwarden Vault from any browser, mobile device, or desktop OS, and more.
+Įvairių platformų programos
+Apsaugokite ir bendrinkite neskelbtinus duomenis savo „Bitwarden Vault“ iš bet kurios naršyklės, mobiliojo įrenginio ar stalinio kompiuterio OS ir kt.
 </value>
   </data>
   <data name="AssetTitle" xml:space="preserve">
diff --git a/apps/browser/store/locales/pt_PT/copy.resx b/apps/browser/store/locales/pt_PT/copy.resx
index 199b5e9810..f17e5bebff 100644
--- a/apps/browser/store/locales/pt_PT/copy.resx
+++ b/apps/browser/store/locales/pt_PT/copy.resx
@@ -124,31 +124,31 @@
     <value>Um gestor de palavras-passe seguro e gratuito para todos os seus dispositivos</value>
   </data>
   <data name="Description" xml:space="preserve">
-    <value>Bitwarden, Inc. is the parent company of 8bit Solutions LLC.
+    <value>A Bitwarden, Inc. é a empresa-mãe da 8bit Solutions LLC.
 
-NAMED BEST PASSWORD MANAGER BY THE VERGE, U.S. NEWS &amp; WORLD REPORT, CNET, AND MORE.
+NOMEADO O MELHOR GESTOR DE PALAVRAS-PASSE PELO THE VERGE, U.S. NEWS &amp; WORLD REPORT, CNET E MUITO MAIS.
 
-Manage, store, secure, and share unlimited passwords across unlimited devices from anywhere. Bitwarden delivers open source password management solutions to everyone, whether at  home, at work, or on the go.
+Gerir, armazenar, proteger e partilhar palavras-passe ilimitadas em dispositivos ilimitados a partir de qualquer lugar. O Bitwarden fornece soluções de gestão de palavras-passe de código aberto para todos, seja em casa, no trabalho ou onde estiver.
 
-Generate strong, unique, and random passwords based on security requirements for every website you frequent.
+Gera palavras-passe fortes, únicas e aleatórias com base em requisitos de segurança para todos os sites que frequenta.
 
-Bitwarden Send quickly transmits encrypted information --- files and plaintext -- directly to anyone.
+O Bitwarden Send transmite rapidamente informações encriptadas - ficheiros e texto simples - diretamente a qualquer pessoa.
 
-Bitwarden offers Teams and Enterprise plans for companies so you can securely share passwords with colleagues.
+O Bitwarden oferece os planos Equipas e Empresarial destinados a empresas, para que possa partilhar de forma segura as palavras-passe com os seus colegas.
 
-Why Choose Bitwarden:
+Razões para escolher o Bitwarden:
 
-World-Class Encryption
-Passwords are protected with advanced end-to-end encryption (AES-256 bit, salted hashing, and PBKDF2 SHA-256) so your data stays secure and private.
+Encriptação de classe mundial
+As palavras-passe são protegidas com encriptação avançada de ponta a ponta (AES-256 bit, salted hashtag e PBKDF2 SHA-256) para que os seus dados permaneçam seguros e privados.
 
-Built-in Password Generator
-Generate strong, unique, and random passwords based on security requirements for every website you frequent.
+Gerador de palavras-passe incorporado
+Gera palavras-passe fortes, únicas e aleatórias com base nos requisitos de segurança para todos os sites que frequenta.
 
-Global Translations 
-Bitwarden translations exist in 40 languages and are growing, thanks to our global community.
+Traduções globais 
+O Bitwarden está traduzido em 40 idiomas e está a crescer, graças à nossa comunidade global.
 
-Cross-Platform Applications 
-Secure and share sensitive data within your Bitwarden Vault from any browser, mobile device, or desktop OS, and more.
+Aplicações multiplataforma 
+Proteja e partilhe dados confidenciais no seu cofre Bitwarden a partir de qualquer navegador, dispositivo móvel ou sistema operativo de computador, e muito mais.
 </value>
   </data>
   <data name="AssetTitle" xml:space="preserve">

From 7dbc30ee059606e0fb2a21d135f1f4cbd92e1b8a Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 19 Jun 2023 10:59:10 +0000
Subject: [PATCH 12/13] Autosync the updated translations (#5627)

Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
---
 apps/web/src/locales/af/messages.json    |  58 ++
 apps/web/src/locales/ar/messages.json    |  58 ++
 apps/web/src/locales/az/messages.json    |  58 ++
 apps/web/src/locales/be/messages.json    |  58 ++
 apps/web/src/locales/bg/messages.json    |  58 ++
 apps/web/src/locales/bn/messages.json    |  58 ++
 apps/web/src/locales/bs/messages.json    |  58 ++
 apps/web/src/locales/ca/messages.json    |  58 ++
 apps/web/src/locales/cs/messages.json    |  58 ++
 apps/web/src/locales/cy/messages.json    |  58 ++
 apps/web/src/locales/da/messages.json    |  58 ++
 apps/web/src/locales/de/messages.json    |  58 ++
 apps/web/src/locales/el/messages.json    |  58 ++
 apps/web/src/locales/en_GB/messages.json |  58 ++
 apps/web/src/locales/en_IN/messages.json |  58 ++
 apps/web/src/locales/eo/messages.json    |  58 ++
 apps/web/src/locales/es/messages.json    |  58 ++
 apps/web/src/locales/et/messages.json    |  58 ++
 apps/web/src/locales/eu/messages.json    |  58 ++
 apps/web/src/locales/fa/messages.json    |  58 ++
 apps/web/src/locales/fi/messages.json    |  60 +-
 apps/web/src/locales/fil/messages.json   |  58 ++
 apps/web/src/locales/fr/messages.json    |  58 ++
 apps/web/src/locales/gl/messages.json    |  58 ++
 apps/web/src/locales/he/messages.json    |  58 ++
 apps/web/src/locales/hi/messages.json    |  58 ++
 apps/web/src/locales/hr/messages.json    |  58 ++
 apps/web/src/locales/hu/messages.json    |  58 ++
 apps/web/src/locales/id/messages.json    |  58 ++
 apps/web/src/locales/it/messages.json    |  58 ++
 apps/web/src/locales/ja/messages.json    |  58 ++
 apps/web/src/locales/ka/messages.json    |  58 ++
 apps/web/src/locales/km/messages.json    |  58 ++
 apps/web/src/locales/kn/messages.json    |  58 ++
 apps/web/src/locales/ko/messages.json    |  58 ++
 apps/web/src/locales/lv/messages.json    |  58 ++
 apps/web/src/locales/ml/messages.json    |  58 ++
 apps/web/src/locales/my/messages.json    |  58 ++
 apps/web/src/locales/nb/messages.json    |  58 ++
 apps/web/src/locales/ne/messages.json    |  58 ++
 apps/web/src/locales/nl/messages.json    |  58 ++
 apps/web/src/locales/nn/messages.json    |  58 ++
 apps/web/src/locales/or/messages.json    |  58 ++
 apps/web/src/locales/pl/messages.json    |  58 ++
 apps/web/src/locales/pt_BR/messages.json | 116 +++-
 apps/web/src/locales/pt_PT/messages.json | 700 ++++++++++++-----------
 apps/web/src/locales/ro/messages.json    |  58 ++
 apps/web/src/locales/ru/messages.json    |  58 ++
 apps/web/src/locales/si/messages.json    |  58 ++
 apps/web/src/locales/sk/messages.json    |  58 ++
 apps/web/src/locales/sl/messages.json    |  58 ++
 apps/web/src/locales/sr/messages.json    |  86 ++-
 apps/web/src/locales/sr_CS/messages.json |  58 ++
 apps/web/src/locales/sv/messages.json    |  64 ++-
 apps/web/src/locales/te/messages.json    |  58 ++
 apps/web/src/locales/th/messages.json    |  58 ++
 apps/web/src/locales/tr/messages.json    |  62 +-
 apps/web/src/locales/uk/messages.json    |  60 +-
 apps/web/src/locales/vi/messages.json    |  58 ++
 apps/web/src/locales/zh_CN/messages.json |  66 ++-
 apps/web/src/locales/zh_TW/messages.json |  58 ++
 61 files changed, 3913 insertions(+), 375 deletions(-)

diff --git a/apps/web/src/locales/af/messages.json b/apps/web/src/locales/af/messages.json
index 23d2b02c02..372b02423a 100644
--- a/apps/web/src/locales/af/messages.json
+++ b/apps/web/src/locales/af/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/ar/messages.json b/apps/web/src/locales/ar/messages.json
index 050c10195c..0ccf2e2a8e 100644
--- a/apps/web/src/locales/ar/messages.json
+++ b/apps/web/src/locales/ar/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/az/messages.json b/apps/web/src/locales/az/messages.json
index 39faf0806a..c50dd801c6 100644
--- a/apps/web/src/locales/az/messages.json
+++ b/apps/web/src/locales/az/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "İstifadəçi, hesab bərpası vasitəsilə verilən bir parolu güncəllədi."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Təşkilatınızın barmaq izi ifadəsi",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Hesabın ana parolu yoxdur"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Onlar üçün ana parol tənzimləmədən $USER$ silinməsi, tam hesablarına müraciəti məhdudlaşdıra bilər. Davam etmək istədiyinizə əminsiniz?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Ana parol yoxdur"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Ana parolu olmayan üzvləri onlar üçün parol tənzimləmədən silmək, tam hesablarına müraciəti məhdudlaşdıra bilər."
   }
 }
diff --git a/apps/web/src/locales/be/messages.json b/apps/web/src/locales/be/messages.json
index 87b82e5ea6..2aa7457a2e 100644
--- a/apps/web/src/locales/be/messages.json
+++ b/apps/web/src/locales/be/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Карыстальнік абнавіў пароль пры аднаўленні ўліковага запісу."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Фраза адбітку пальца вашай арганізацыі",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Зацвярджэнне прылады"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Зацвердзіце запыт уваходу ніжэй, каб дазволіць удзельнікам завяршыць уваход. Тэрмін дзеяння не зацверджаных уваходаў міне праз 1 тыдзень. Праверце звесткі ўдзельнікаў перад тым, як зацвярджаць іх."
+  },
+  "deviceInfo": {
+    "message": "Звесткі аб прыладзе"
+  },
+  "time": {
+    "message": "Час"
+  },
+  "denyAllRequests": {
+    "message": "Адхіліць усе запыты"
+  },
+  "denyRequest": {
+    "message": "Адхіліць запыты"
+  },
+  "approveRequest": {
+    "message": "Ухваліць запыт"
+  },
+  "noDeviceRequests": {
+    "message": "Няма запытаў ад прылады"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Тут будуць адлюстроўвацца запыты на ўхваленне прылады ўдзельніка"
+  },
+  "loginRequestDenied": {
+    "message": "Запыт на ўваход адхілены"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Усе запыты на ўваход адхілены"
+  },
+  "loginRequestApproved": {
+    "message": "Запыт на ўваход ухвалены"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Уліковы запіс не мае асноўнага пароля"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Выдаленне $USER$ без прызначэння галоўнага пароля можа стаць прычынай абмежавання доступу да яго ўліковага запісу. Вы ўпэўнены, што хочаце працягнуць?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Без асноўнага пароля"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Выдаленне ўдзельнікаў у якіх адсутнічае асноўны пароль і для якіх ён не быў прызначаны папярэдне можа стаць прычынай абмежавання доступу да іх уліковага запісу."
   }
 }
diff --git a/apps/web/src/locales/bg/messages.json b/apps/web/src/locales/bg/messages.json
index ad960a9915..4ae383487b 100644
--- a/apps/web/src/locales/bg/messages.json
+++ b/apps/web/src/locales/bg/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Потребителят промени парола издадена чрез възстановяването на профили."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Уникална фраза, идентифицираща организацията ви",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Одобрение на устройства"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Одобрете заявките за вписване по-долу, за да разрешите на съответния член да завърши вписването си. Неодобрените заявки се премахват след 1 седмица. Потвърдете информацията за члена, преди да одобрите заявката му."
+  },
+  "deviceInfo": {
+    "message": "Информация за устройството"
+  },
+  "time": {
+    "message": "Време"
+  },
+  "denyAllRequests": {
+    "message": "Отхвърляне на всички заявки"
+  },
+  "denyRequest": {
+    "message": "Отхвърляне на заявката"
+  },
+  "approveRequest": {
+    "message": "Одобряване на заявката"
+  },
+  "noDeviceRequests": {
+    "message": "Няма заявки от устройства"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Тук се показват заявките за одобрение на устройства от членовете"
+  },
+  "loginRequestDenied": {
+    "message": "Заявката за вписване е отказана"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Всички заявки за вписване са отказани"
+  },
+  "loginRequestApproved": {
+    "message": "Заявката за вписване е одобрена"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Потребителят няма главна парола"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Ако премахнете $USER$ без да настроите главна парола, този потребител може да загуби пълния достъп до регистрацията си. Наистина ли искате да продължите?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Няма главна парола"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Ако премахвате членове без да настроите главни пароли за тях, те може да загубят пълния достъп до регистрациите си."
   }
 }
diff --git a/apps/web/src/locales/bn/messages.json b/apps/web/src/locales/bn/messages.json
index 075c6717d5..42d740fd59 100644
--- a/apps/web/src/locales/bn/messages.json
+++ b/apps/web/src/locales/bn/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/bs/messages.json b/apps/web/src/locales/bs/messages.json
index 15caf7c535..67536c3dd9 100644
--- a/apps/web/src/locales/bs/messages.json
+++ b/apps/web/src/locales/bs/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/ca/messages.json b/apps/web/src/locales/ca/messages.json
index f1b140dd2c..dbbf3004a9 100644
--- a/apps/web/src/locales/ca/messages.json
+++ b/apps/web/src/locales/ca/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "L'usuari ha actualitzat una contrasenya emesa mitjançant la recuperació del compte."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Frase d'empremta digital de l'organització",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Aprovacions de dispositius"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Aprova les sol·licituds d'inici de sessió a continuació per permetre que el membre sol·licitant acabe d'iniciar la sessió. Les sol·licituds no aprovades caduquen al cap d'una setmana. Verifiqueu la informació del membre abans d'aprovar-les."
+  },
+  "deviceInfo": {
+    "message": "Informació del dispositiu"
+  },
+  "time": {
+    "message": "Hora"
+  },
+  "denyAllRequests": {
+    "message": "Denega totes les sol·licituds"
+  },
+  "denyRequest": {
+    "message": "Denega la sol·licitud"
+  },
+  "approveRequest": {
+    "message": "Aprova la sol·licitud"
+  },
+  "noDeviceRequests": {
+    "message": "No hi ha sol·licituds de dispositiu"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Les sol·licituds d'aprovació del dispositiu dels membres es mostraran ací"
+  },
+  "loginRequestDenied": {
+    "message": "S'ha denegat la sol·licitud d'inici de sessió"
+  },
+  "allLoginRequestsDenied": {
+    "message": "S'han denegat totes les sol·licituds d'inici de sessió"
+  },
+  "loginRequestApproved": {
+    "message": "S'ha aprovat la sol·licitud d'inici de sessió"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "El compte no té contrasenya mestra"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "La supressió de l'usuari/a $USER$ sense establir-li una contrasenya mestra pot restringir l'accés al seu compte complet. Esteu segur que voleu continuar?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Sense contrasenya mestra"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "La supressió de membres que no tenen contrasenyes mestres sense establir-ne una pot restringir l'accés al seu compte complet."
   }
 }
diff --git a/apps/web/src/locales/cs/messages.json b/apps/web/src/locales/cs/messages.json
index 7a2eee2c14..faee5a4719 100644
--- a/apps/web/src/locales/cs/messages.json
+++ b/apps/web/src/locales/cs/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Uživatel aktualizoval heslo vydané prostřednictvím obnovení účtu."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Fráze otisku prstu Vaší organizace",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Schválení zařízení"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Abyste umožnili žádajícímu členovi dokončit přihlášení, schvalte níže uvedené žádosti o přihlášení. Platnost neschválených žádostí vyprší po 1 týdnu. Před schválením ověřte údaje člena."
+  },
+  "deviceInfo": {
+    "message": "Informace o zařízení"
+  },
+  "time": {
+    "message": "Čas"
+  },
+  "denyAllRequests": {
+    "message": "Odmítnout všechny žádosti"
+  },
+  "denyRequest": {
+    "message": "Odmítnout žádost"
+  },
+  "approveRequest": {
+    "message": "Schválit žádost"
+  },
+  "noDeviceRequests": {
+    "message": "Žádné žádosti ze zařízení"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Zde se zobrazí žádosti o schválení zařízení člena"
+  },
+  "loginRequestDenied": {
+    "message": "Žádost o přihlášení zamítnuta"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Všechny žádosti o přihlášení zamítnuty"
+  },
+  "loginRequestApproved": {
+    "message": "Žádost o přihlášení schválena"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Účet nemá hlavní heslo"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Odebrání $USER$ bez nastavení hlavního hesla může uživateli omezit přístup k jeho celému účtu. Opravdu chcete pokračovat?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Žádné hlavní heslo"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Odebrání členů bez nastavení jejich hlavních hesel jim může omezit přístup k jejich celým účtům."
   }
 }
diff --git a/apps/web/src/locales/cy/messages.json b/apps/web/src/locales/cy/messages.json
index 7595e610b1..2d39dc77ba 100644
--- a/apps/web/src/locales/cy/messages.json
+++ b/apps/web/src/locales/cy/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/da/messages.json b/apps/web/src/locales/da/messages.json
index 48432de1a7..0ae0562ced 100644
--- a/apps/web/src/locales/da/messages.json
+++ b/apps/web/src/locales/da/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Bruger har opdateret en adgangskode udstedt via kontogendannelse."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Din organisations fingeraftrykssætning",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Enhedsgodkendelser"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Godkend login-anmodninger nedenfor, så anmodende medlemmer kan fuldføre login-processen. Ikke-godkendte anmodninger udløber efter 1 uge. Bekræft medlemmets oplysninger før godkendelse."
+  },
+  "deviceInfo": {
+    "message": "Enhedsinfo"
+  },
+  "time": {
+    "message": "Tid"
+  },
+  "denyAllRequests": {
+    "message": "Afvis alle anmodninger"
+  },
+  "denyRequest": {
+    "message": "Afvis anmodning"
+  },
+  "approveRequest": {
+    "message": "Godkend anmodning"
+  },
+  "noDeviceRequests": {
+    "message": "Ingen enhedsanmodninger"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Medlemmers enhedsgodkendelsesanmodninger vil fremgå her"
+  },
+  "loginRequestDenied": {
+    "message": "Login-anmodning afvist"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Alle login-anmodninger afvist"
+  },
+  "loginRequestApproved": {
+    "message": "Login-anmodning godkendt"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Konto har ikke hovedadgangskode"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Fjernelse af $USER$ uden opsætning af en hovedadgangskode for brugeren kan begrænse den fulde kontoadgang. Fortsæt alligevel?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Ingen hovedadgangskode"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Fjernelse af medlemmer uden hovedadgangskoder uden at opsætte én for dem, kan begrænse den fulde kontoadgang."
   }
 }
diff --git a/apps/web/src/locales/de/messages.json b/apps/web/src/locales/de/messages.json
index 614a34b02e..515e08f378 100644
--- a/apps/web/src/locales/de/messages.json
+++ b/apps/web/src/locales/de/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Der Benutzer hat ein Passwort aktualisiert, das durch die Kontowiederherstellung ausgestellt wurde."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Fingerabdruck-Phrase deiner Organisation",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Geräte-Genehmigungen"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Bestätige die Anmeldeanfragen unten, damit das anfragende Mitglied die Anmeldung abschließen kann. Nicht genehmigte Anfragen laufen nach einer Woche ab. Überprüfe die Informationen des Mitglieds vor der Genehmigung."
+  },
+  "deviceInfo": {
+    "message": "Geräteinformation"
+  },
+  "time": {
+    "message": "Zeit"
+  },
+  "denyAllRequests": {
+    "message": "Alle Anfragen ablehnen"
+  },
+  "denyRequest": {
+    "message": "Anfrage ablehnen"
+  },
+  "approveRequest": {
+    "message": "Anfrage genehmigen"
+  },
+  "noDeviceRequests": {
+    "message": "Keine Geräteanfragen"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Geräte-Genehmigungsanfragen von Mitgliedern werden hier erscheinen"
+  },
+  "loginRequestDenied": {
+    "message": "Anmeldeanfrage abgelehnt"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Alle Anmeldeanfragen abgelehnt"
+  },
+  "loginRequestApproved": {
+    "message": "Anmeldeanfrage genehmigt"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Konto hat kein Master-Passwort"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "$USER$ zu entfernen, ohne ein Master-Passwort zu setzen, könnte den Zugang zum vollen Konto einschränken. Bist du sicher, dass du fortfahren möchtest?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Kein Master-Passwort"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Mitglieder ohne Master-Passwort zu entfernen, ohne ein solches zu setzen, kann den Zugang zu deren vollem Konto einschränken."
   }
 }
diff --git a/apps/web/src/locales/el/messages.json b/apps/web/src/locales/el/messages.json
index f306623670..56d7513061 100644
--- a/apps/web/src/locales/el/messages.json
+++ b/apps/web/src/locales/el/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/en_GB/messages.json b/apps/web/src/locales/en_GB/messages.json
index d83c808609..8e793a7f4d 100644
--- a/apps/web/src/locales/en_GB/messages.json
+++ b/apps/web/src/locales/en_GB/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/en_IN/messages.json b/apps/web/src/locales/en_IN/messages.json
index 97d57c86b7..576e095163 100644
--- a/apps/web/src/locales/en_IN/messages.json
+++ b/apps/web/src/locales/en_IN/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/eo/messages.json b/apps/web/src/locales/eo/messages.json
index 6b33860e04..99e426a42e 100644
--- a/apps/web/src/locales/eo/messages.json
+++ b/apps/web/src/locales/eo/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/es/messages.json b/apps/web/src/locales/es/messages.json
index c265a165d4..b1943d40e0 100644
--- a/apps/web/src/locales/es/messages.json
+++ b/apps/web/src/locales/es/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "El usuario actualizó una contraseña solicitada a través de la recuperación de la cuenta."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Frase de la huella digital de su organización",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Aprobaciones de dispositivo"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Aprobar las solicitudes de inicio de sesión a continuación para permitir que el miembro solicitante termine de iniciar sesión. Las solicitudes no aprobadas caducan después de 1 semana. Verifique la información del miembro antes de aprobar."
+  },
+  "deviceInfo": {
+    "message": "Información del dispositivo"
+  },
+  "time": {
+    "message": "Hora"
+  },
+  "denyAllRequests": {
+    "message": "Rechazar todas las solicitudes"
+  },
+  "denyRequest": {
+    "message": "Rechazar solicitud"
+  },
+  "approveRequest": {
+    "message": "Aprobar solicitud"
+  },
+  "noDeviceRequests": {
+    "message": "No hay solicitudes de dispositivo"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Las solicitudes de aprobación del dispositivo de los miembros aparecerán aquí"
+  },
+  "loginRequestDenied": {
+    "message": "Solicitud de inicio de sesión denegada"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Todas las solicitudes de inicio de sesión denegadas"
+  },
+  "loginRequestApproved": {
+    "message": "Solicitud de inicio de sesión aprobada"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "La cuenta no tiene contraseña maestra"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Eliminar $USER$ sin establecer una contraseña maestra puede restringir el acceso a su cuenta completa. ¿Está seguro de que desea continuar?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Sin contraseña maestra"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Quitar miembros que no tengan contraseñas maestras sin establecer una para ellos puede restringir el acceso a su cuenta completa."
   }
 }
diff --git a/apps/web/src/locales/et/messages.json b/apps/web/src/locales/et/messages.json
index a9d5dc7180..164db84bcc 100644
--- a/apps/web/src/locales/et/messages.json
+++ b/apps/web/src/locales/et/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/eu/messages.json b/apps/web/src/locales/eu/messages.json
index e9f83043ec..e5dd2ea0dd 100644
--- a/apps/web/src/locales/eu/messages.json
+++ b/apps/web/src/locales/eu/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/fa/messages.json b/apps/web/src/locales/fa/messages.json
index a0788ccc87..0d70e40b21 100644
--- a/apps/web/src/locales/fa/messages.json
+++ b/apps/web/src/locales/fa/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/fi/messages.json b/apps/web/src/locales/fi/messages.json
index 861ed16512..2302822a16 100644
--- a/apps/web/src/locales/fi/messages.json
+++ b/apps/web/src/locales/fi/messages.json
@@ -6826,7 +6826,7 @@
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The account recovery administration policy with automatic enrollment will turn on when this option is used.'"
   },
   "memberDecryptionTdeDescriptionEnd": {
-    "message": "automaattisella liitoksella otetaan tämän asetuksen yhteydessä käyttöön.",
+    "message": "automaattisella liitoksella otetaan tämän asetuksen käyttöönoton yhteydessä käyttöön.",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The master password reset policy with automatic enrollment will turn on when this option is used.'"
   },
   "notFound": {
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Käyttäjä vaihtoi tilin palautusavun määrittämän salasanan."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Organisaatiosi tunnistelauseke",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Laitteiden hyväksynnät"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Salli jäsenien kirjautuminen hyväksymällä heidän kirjautumispyyntönsä alta. Hyväksymättömät pyynnöt erääntyvät viikon kuluttua. Vahvista jäsenen tiedot ennen hyväksymistä."
+  },
+  "deviceInfo": {
+    "message": "Laitteen tiedot"
+  },
+  "time": {
+    "message": "Aika"
+  },
+  "denyAllRequests": {
+    "message": "Hylkää kaikki pyynnöt"
+  },
+  "denyRequest": {
+    "message": "Hylkää pyyntö"
+  },
+  "approveRequest": {
+    "message": "Hyväksy pyyntö"
+  },
+  "noDeviceRequests": {
+    "message": "Laitepyyntöjä ei ole"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Jäsenien laitteiden hyväksyntäpyynnöt löytyvät täältä."
+  },
+  "loginRequestDenied": {
+    "message": "Kirjautumispyyntö hylättiin"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Kaikki kirjautumispyynnöt hylättiin"
+  },
+  "loginRequestApproved": {
+    "message": "Kirjautumispyyntö hyväksyttiin"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Tilille ei ole asetettu pääsalasanaa"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Käyttäjän $USER$ poistaminen asettamatta hänen tililleen pääsalasanaa voi estää häntä kirjautumasta hänen omalle tililleen. Haluatko varmasti jatkaa?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Ei pääsalasanaa"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Jäsenien, joiden tileille ei ole asetettu pääsalasanoja, poistaminen voi estää heitä kirjautumasta heidän omille tileilleen."
   }
 }
diff --git a/apps/web/src/locales/fil/messages.json b/apps/web/src/locales/fil/messages.json
index 7dc03130dd..d78a4e26b3 100644
--- a/apps/web/src/locales/fil/messages.json
+++ b/apps/web/src/locales/fil/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/fr/messages.json b/apps/web/src/locales/fr/messages.json
index 8696bdb08a..dcac82ba59 100644
--- a/apps/web/src/locales/fr/messages.json
+++ b/apps/web/src/locales/fr/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "L'utilisateur a mis à jour un mot de passe émis lors de la récupération du compte."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Phrase d'empreinte de votre organisation",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Approbations de l'appareil"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approuver les demandes de connexion ci-dessous pour permettre au membre requérant de terminer la connexion. Les demandes non approuvées expirent après 1 semaine. Vérifiez les informations du membre avant d'approuver."
+  },
+  "deviceInfo": {
+    "message": "Informations sur l'appareil"
+  },
+  "time": {
+    "message": "Temps"
+  },
+  "denyAllRequests": {
+    "message": "Refuser toutes les demandes"
+  },
+  "denyRequest": {
+    "message": "Refuser la demande"
+  },
+  "approveRequest": {
+    "message": "Approuver la demande"
+  },
+  "noDeviceRequests": {
+    "message": "Aucune demande de l'appareil"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Les demandes d'approbation de l'appareil du membre apparaîtront ici"
+  },
+  "loginRequestDenied": {
+    "message": "Demande de connexion refusée"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Toutes demandes de connexion refusées"
+  },
+  "loginRequestApproved": {
+    "message": "Demande de connexion approuvée"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Le compte n'a pas de mot de passe principal"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "La suppression de $USER$ sans lui définir un mot de passe principal, peut restreindre l'accès à son compte dans son intégralité. Êtes-vous sûr de vouloir continuer ?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Aucun mot de passe principal"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "La suppression des membres qui n'ont pas de mot de passe principal sans leur en définir un, peut restreindre l'accès à leur compte dans soin intégralité."
   }
 }
diff --git a/apps/web/src/locales/gl/messages.json b/apps/web/src/locales/gl/messages.json
index 7595e610b1..2d39dc77ba 100644
--- a/apps/web/src/locales/gl/messages.json
+++ b/apps/web/src/locales/gl/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/he/messages.json b/apps/web/src/locales/he/messages.json
index 19696d8fe1..ec3172d43b 100644
--- a/apps/web/src/locales/he/messages.json
+++ b/apps/web/src/locales/he/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/hi/messages.json b/apps/web/src/locales/hi/messages.json
index 02913eecf5..65abad1f02 100644
--- a/apps/web/src/locales/hi/messages.json
+++ b/apps/web/src/locales/hi/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/hr/messages.json b/apps/web/src/locales/hr/messages.json
index 107ef8398a..f1a4792a10 100644
--- a/apps/web/src/locales/hr/messages.json
+++ b/apps/web/src/locales/hr/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/hu/messages.json b/apps/web/src/locales/hu/messages.json
index eb326f55a2..a0aedcc6ae 100644
--- a/apps/web/src/locales/hu/messages.json
+++ b/apps/web/src/locales/hu/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "A felhasználó frissítette a fiók helyreállítás során kiadott jelszót."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "A szervezet ujjnyomat kifejezése",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "A fióknak nincs mesterjelszava."
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Ha eltávolítjuk $USER$ mesterjelszavát anélkül, hogy beállítanánk a mesterjelszót, korlátozhatjuk a hozzáférést a teljes fiókhoz. Biztosan folytatni akarjuk?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Nincs mesterjelszó."
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "A mesterjelszavakkal nem rendelkező tagok eltávolítása anélkül, hogy beállítanánk egyet, korlátozhatjuk a hozzáférést a teljes fiókhoz."
   }
 }
diff --git a/apps/web/src/locales/id/messages.json b/apps/web/src/locales/id/messages.json
index d1aadca483..11adc8c684 100644
--- a/apps/web/src/locales/id/messages.json
+++ b/apps/web/src/locales/id/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/it/messages.json b/apps/web/src/locales/it/messages.json
index 781acee518..c2c81e9ef6 100644
--- a/apps/web/src/locales/it/messages.json
+++ b/apps/web/src/locales/it/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "L'utente ha aggiornato una password emessa tramite il recupero dell'account."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Frase impronta della tua organizzazione",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Approvazioni dispositivi"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approva le richieste di accesso qui sotto per consentire ai membri di completare l'accesso. Le richieste non approvate scadono dopo 1 settimana. Verifica le informazioni del membro prima di approvare."
+  },
+  "deviceInfo": {
+    "message": "Informazioni dispositivo"
+  },
+  "time": {
+    "message": "Ora"
+  },
+  "denyAllRequests": {
+    "message": "Nega tutte le richieste"
+  },
+  "denyRequest": {
+    "message": "Nega richiesta"
+  },
+  "approveRequest": {
+    "message": "Approva richiesta"
+  },
+  "noDeviceRequests": {
+    "message": "Nessuna richiesta dispositivo"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Le richieste di approvazione dei dispositivi dei membri appariranno qui"
+  },
+  "loginRequestDenied": {
+    "message": "Richiesta di accesso negata"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Tutte le richieste di accesso negate"
+  },
+  "loginRequestApproved": {
+    "message": "Richiesta di accesso approvata"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "L'account non ha una password principale"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Rimuovere $USER$ senza impostare una password principale per lui potrebbe limitare l'accesso al suo account completo. Sei sicuro di voler continuare?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Nessuna password principale"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Rimuovere membri che non hanno una password principali senza impostarne una per loro potrebbe limitare l'accesso al loro account completo."
   }
 }
diff --git a/apps/web/src/locales/ja/messages.json b/apps/web/src/locales/ja/messages.json
index 5ee525b8e2..22fe2d94c6 100644
--- a/apps/web/src/locales/ja/messages.json
+++ b/apps/web/src/locales/ja/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "ユーザーはアカウント回復で発行されたパスワードを更新しました。"
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "組織のフィンガープリントフレーズ",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "デバイスの承認"
+  },
+  "deviceApprovalsDesc": {
+    "message": "リクエストしたメンバーがログインを完了できるようにするには、以下のログインリクエストを承認してください。未承認のリクエストは1週間後に失効します。承認する前にメンバーの情報を確認してください。"
+  },
+  "deviceInfo": {
+    "message": "デバイス情報"
+  },
+  "time": {
+    "message": "時間"
+  },
+  "denyAllRequests": {
+    "message": "すべてのリクエストを拒否"
+  },
+  "denyRequest": {
+    "message": "リクエストを拒否"
+  },
+  "approveRequest": {
+    "message": "リクエストを承認"
+  },
+  "noDeviceRequests": {
+    "message": "デバイスリクエストはありません"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "メンバーデバイスの承認リクエストがここに表示されます"
+  },
+  "loginRequestDenied": {
+    "message": "ログイン要求を拒否しました"
+  },
+  "allLoginRequestsDenied": {
+    "message": "すべてのログイン要求を拒否しました"
+  },
+  "loginRequestApproved": {
+    "message": "ログインリクエストを承認しました"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "アカウントにマスターパスワードがありません"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "マスターパスワードを設定せずに $USER$ を削除すると、フルアカウントへのアクセスが制限される可能性があります。続行してもよろしいですか？",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "マスターパスワードがありません"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "マスターパスワードを設定せずにマスターパスワードを持たないメンバーを削除すると、フルアカウントへのアクセスが制限される可能性があります。"
   }
 }
diff --git a/apps/web/src/locales/ka/messages.json b/apps/web/src/locales/ka/messages.json
index 5e7369c3e0..923a262387 100644
--- a/apps/web/src/locales/ka/messages.json
+++ b/apps/web/src/locales/ka/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/km/messages.json b/apps/web/src/locales/km/messages.json
index 7595e610b1..2d39dc77ba 100644
--- a/apps/web/src/locales/km/messages.json
+++ b/apps/web/src/locales/km/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/kn/messages.json b/apps/web/src/locales/kn/messages.json
index e330147c5c..67ac3f2aff 100644
--- a/apps/web/src/locales/kn/messages.json
+++ b/apps/web/src/locales/kn/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/ko/messages.json b/apps/web/src/locales/ko/messages.json
index 3e0ce79be9..859624feb0 100644
--- a/apps/web/src/locales/ko/messages.json
+++ b/apps/web/src/locales/ko/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/lv/messages.json b/apps/web/src/locales/lv/messages.json
index 179fbc6c06..6d72c673f8 100644
--- a/apps/web/src/locales/lv/messages.json
+++ b/apps/web/src/locales/lv/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Lietotājs atjaunināja konta atkopšanas izsniegtu paroli."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Apvienības atpazīšanas vārdkopa",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Ierīču apstiprinājumi"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Zemāk var apstiprināt pieteikšanās pieprasījumus, lai ļautu dalībniekam pabeigt pieteikšanos. Neapstiprināti pieprasījumi izbeidzas pēc 1 nedēļas. Pirms apstiprināšanas jāpārskata dalībnieka informācija."
+  },
+  "deviceInfo": {
+    "message": "Ierīces informācija"
+  },
+  "time": {
+    "message": "Laiks"
+  },
+  "denyAllRequests": {
+    "message": "Noraidīt visus pieprasījumus"
+  },
+  "denyRequest": {
+    "message": "Noraidīt pieprasījumu"
+  },
+  "approveRequest": {
+    "message": "Apstiprināt pieprasījumu"
+  },
+  "noDeviceRequests": {
+    "message": "Nav ierīču pieprasījumu"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Šeit parādīsies dalībnieku ierīču apstiprinājuma pieprasījumi"
+  },
+  "loginRequestDenied": {
+    "message": "Pieteikšanās pieprasījums ir atteikts"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Visi pieteikšanās pieprasījumi ir atteikti"
+  },
+  "loginRequestApproved": {
+    "message": "Pieteikšanās pieprasījums ir apstiprināts"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Kontam nav galvenās paroles"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "$USER$ noņemšana bez galvenās paroles iestatīšanas var ierobežot piekļuvi lietotāja kontam. Vai tiešām turpināt?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Nav galvenās paroles"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Dalībnieku, kuriem nav galvenās paroles, noņemšana bez tās iestatīšanas var ierobežot piekļuvi to kontam."
   }
 }
diff --git a/apps/web/src/locales/ml/messages.json b/apps/web/src/locales/ml/messages.json
index 78817866d2..6e6fa30ef4 100644
--- a/apps/web/src/locales/ml/messages.json
+++ b/apps/web/src/locales/ml/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/my/messages.json b/apps/web/src/locales/my/messages.json
index 7595e610b1..2d39dc77ba 100644
--- a/apps/web/src/locales/my/messages.json
+++ b/apps/web/src/locales/my/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/nb/messages.json b/apps/web/src/locales/nb/messages.json
index eb63814dc6..f66c5ab6f8 100644
--- a/apps/web/src/locales/nb/messages.json
+++ b/apps/web/src/locales/nb/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/ne/messages.json b/apps/web/src/locales/ne/messages.json
index 00b22a5f77..fc8bf89030 100644
--- a/apps/web/src/locales/ne/messages.json
+++ b/apps/web/src/locales/ne/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/nl/messages.json b/apps/web/src/locales/nl/messages.json
index 9588f81390..0f02774b6c 100644
--- a/apps/web/src/locales/nl/messages.json
+++ b/apps/web/src/locales/nl/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Gebruiker heeft een via accountherstel uitgegeven wachtwoord bijgewerkt."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "De vingerafdrukzin van je organisatie",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Apparaat goedkeuringen"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Met het goedkeuren van onderstaande inlogverzoeken kan het verzoekende lid inloggen. Afgewezen verzoeken verlopen na 1 week. Controleer de informatie van het lid voordat je goedkeuring geeft."
+  },
+  "deviceInfo": {
+    "message": "Apparaatinformatie"
+  },
+  "time": {
+    "message": "Tijd"
+  },
+  "denyAllRequests": {
+    "message": "Alle aanvragen afwijzen"
+  },
+  "denyRequest": {
+    "message": "Aanvraag afwijzen"
+  },
+  "approveRequest": {
+    "message": "Aanvraag goedkeuren"
+  },
+  "noDeviceRequests": {
+    "message": "Geen apparaatverzoeken"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Hier verschijnen verzoeken van leden tot het goedkeuren van apparaten"
+  },
+  "loginRequestDenied": {
+    "message": "Inlogverzoek afgewezen"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Alle inlogverzoeken afgewezen"
+  },
+  "loginRequestApproved": {
+    "message": "Inlogverzoek goedgekeurd"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account heeft geen hoofdwachtwoord"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Het verwijderen van $USER$ zonder een hoofdwachtwoord in te stellen kan de toegang tot hun volledige account beperken. Weet u zeker dat u wilt doorgaan?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Geen hoofdwachtwoord"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Het verwijderen van leden die geen hoofdwachtwoorden hebben zonder er een in te stellen, kan de toegang tot hun volledige account beperken."
   }
 }
diff --git a/apps/web/src/locales/nn/messages.json b/apps/web/src/locales/nn/messages.json
index 34eb407911..29fb585647 100644
--- a/apps/web/src/locales/nn/messages.json
+++ b/apps/web/src/locales/nn/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/or/messages.json b/apps/web/src/locales/or/messages.json
index 7595e610b1..2d39dc77ba 100644
--- a/apps/web/src/locales/or/messages.json
+++ b/apps/web/src/locales/or/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/pl/messages.json b/apps/web/src/locales/pl/messages.json
index 271175c1c2..262ff982ed 100644
--- a/apps/web/src/locales/pl/messages.json
+++ b/apps/web/src/locales/pl/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Użytkownik zaktualizował hasło wydane poprzez odzyskiwanie konta."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Unikalny identyfikator Twojej organizacji",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Zatwierdzone urządzenia"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Zatwierdź poniższe prośby o zalogowanie, aby umożliwić dokończenie procesu wnioskującemu użytkownikowi. Niezatwierdzone prośby wygasają po 1 tygodniu. Zweryfikuj informacje użytkownika przed zatwierdzeniem."
+  },
+  "deviceInfo": {
+    "message": "Informacje o urządzeniu"
+  },
+  "time": {
+    "message": "Czas"
+  },
+  "denyAllRequests": {
+    "message": "Odrzuć wszystkie prośby"
+  },
+  "denyRequest": {
+    "message": "Odrzuć prośbę"
+  },
+  "approveRequest": {
+    "message": "Zatwierdź prośbę"
+  },
+  "noDeviceRequests": {
+    "message": "Brak urządzeń do zatwierdzenia"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Tutaj pojawią się prośby o zatwierdzenie urządzenia"
+  },
+  "loginRequestDenied": {
+    "message": "Odrzucono prośbę o zalogowanie"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Wszystkie prośby o zalogowanie zostały odrzucone"
+  },
+  "loginRequestApproved": {
+    "message": "Prośba o logowanie została zatwierdzona"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Konto nie posiada hasła głównego"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Usunięcie użytkownika $USER$ bez ustawienia mu hasła głównego może ograniczyć dostęp do jego pełnego konta. Czy na pewno chcesz kontynuować?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Brak hasła głównego"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Usuwanie użytkowników, którzy nie mają hasła głównego bez ustawienia go, może ograniczyć dostęp do ich pełnych kont."
   }
 }
diff --git a/apps/web/src/locales/pt_BR/messages.json b/apps/web/src/locales/pt_BR/messages.json
index 6644a96c82..c6bef6d26a 100644
--- a/apps/web/src/locales/pt_BR/messages.json
+++ b/apps/web/src/locales/pt_BR/messages.json
@@ -38,7 +38,7 @@
     "message": "Senha"
   },
   "newPassword": {
-    "message": "Nova Senha"
+    "message": "Nova senha"
   },
   "passphrase": {
     "message": "Frase Secreta"
@@ -50,7 +50,7 @@
     "message": "Campos Personalizados"
   },
   "cardholderName": {
-    "message": "Titular do Cartão"
+    "message": "Nome do titular do cartão"
   },
   "number": {
     "message": "Número"
@@ -2751,7 +2751,7 @@
     }
   },
   "viewCollectionWithName": {
-    "message": "View collection - $NAME$",
+    "message": "Ver coleção - $NAME$",
     "placeholders": {
       "name": {
         "content": "$1",
@@ -4493,10 +4493,10 @@
     "message": "Sua dica de senha senha não pode ser a mesma que a sua senha."
   },
   "enrollAccountRecovery": {
-    "message": "Enroll in account recovery"
+    "message": "Inscrever-se na recuperação de conta"
   },
   "enrolledAccountRecovery": {
-    "message": "Enrolled in account recovery"
+    "message": "Inscrito na recuperação de conta"
   },
   "withdrawAccountRecovery": {
     "message": "Withdraw from account recovery"
@@ -6445,7 +6445,7 @@
     "message": "Filtro de status de membros"
   },
   "inviteMember": {
-    "message": "Invite member"
+    "message": "Convidar membro"
   },
   "needsConfirmation": {
     "message": "Needs confirmation"
@@ -6496,7 +6496,7 @@
     }
   },
   "server": {
-    "message": "Server"
+    "message": "Servidor"
   },
   "exportData": {
     "message": "Exportar dados"
@@ -6514,40 +6514,40 @@
     }
   },
   "fileUpload": {
-    "message": "File upload"
+    "message": "Enviar de arquivo"
   },
   "acceptedFormats": {
     "message": "Formatos Aceitos:"
   },
   "copyPasteImportContents": {
-    "message": "Copy & paste import contents:"
+    "message": "Copiar e colar conteúdo para importação:"
   },
   "or": {
     "message": "ou"
   },
   "licenseAndBillingManagement": {
-    "message": "License and billing management"
+    "message": "Gerenciamento da licença e faturamento"
   },
   "automaticSync": {
-    "message": "Automatic sync"
+    "message": "Sincronização automática"
   },
   "manualUpload": {
-    "message": "Manual upload"
+    "message": "Upload manual"
   },
   "manualUploadDesc": {
     "message": "If you do not want to opt into billing sync, manually upload your license here."
   },
   "syncLicense": {
-    "message": "Sync license"
+    "message": "Sincronizar licença"
   },
   "licenseSyncSuccess": {
-    "message": "Successfully synced license"
+    "message": "Licença sincronizada com sucesso"
   },
   "licenseUploadSuccess": {
-    "message": "Successfully uploaded license"
+    "message": "Licença enviada com sucesso"
   },
   "lastLicenseSync": {
-    "message": "Last license sync"
+    "message": "Última sincronização de licença"
   },
   "billingSyncHelp": {
     "message": "Billing Sync help"
@@ -6565,7 +6565,7 @@
     }
   },
   "uploadLicense": {
-    "message": "Upload license"
+    "message": "Enviar licença"
   },
   "projectPeopleDescription": {
     "message": "Grant groups or people access to this project."
@@ -6583,7 +6583,7 @@
     "message": "Add people or groups to start collaborating"
   },
   "projectEmptyServiceAccountAccessPolicies": {
-    "message": "Add service accounts to grant access"
+    "message": "Adicione contas de serviço para conceder acesso"
   },
   "serviceAccountPeopleDescription": {
     "message": "Grant groups or people access to this service account."
@@ -6592,13 +6592,13 @@
     "message": "Assign projects to this service account. "
   },
   "serviceAccountEmptyProjectAccesspolicies": {
-    "message": "Add projects to grant access"
+    "message": "Adicionar projetos para conceder acesso"
   },
   "canReadWrite": {
-    "message": "Can read, write"
+    "message": "Pode ler e gravar"
   },
   "groupSlashUser": {
-    "message": "Group/User"
+    "message": "Grupo/Usuário"
   },
   "lowKdfIterations": {
     "message": "Low KDF Iterations"
@@ -6728,10 +6728,10 @@
     "message": "Removing people from a service account does not remove the access tokens they created. For security best practice, it is recommended to revoke access tokens created by people removed from a service account."
   },
   "smAccessRemovalWarningProjectTitle": {
-    "message": "Remove access to this project"
+    "message": "Remover acesso para esse projeto"
   },
   "smAccessRemovalWarningProjectMessage": {
-    "message": "This action will remove your access to the project."
+    "message": "Esta ação removerá seu acesso ao projeto."
   },
   "smAccessRemovalWarningSaTitle": {
     "message": "Remove access to this service account"
@@ -6740,13 +6740,13 @@
     "message": "This action will remove your access to the service account."
   },
   "removeAccess": {
-    "message": "Remove access"
+    "message": "Remover acesso"
   },
   "checkForBreaches": {
-    "message": "Check known data breaches for this password"
+    "message": "Verificar se essa senha aparece em vazamento de dados conhecidos"
   },
   "exposedMasterPassword": {
-    "message": "Exposed Master Password"
+    "message": "Senha mestre exposta"
   },
   "exposedMasterPasswordDesc": {
     "message": "Password found in a data breach. Use a unique password to protect your account. Are you sure you want to use an exposed password?"
@@ -6776,11 +6776,11 @@
     }
   },
   "inputTrimValidator": {
-    "message": "Input must not contain only whitespace.",
+    "message": "A entrada não pode conter somente espaços em branco.",
     "description": "Notification to inform the user that a form's input can't contain only whitespace."
   },
   "dismiss": {
-    "message": "Dismiss"
+    "message": "Descartar"
   },
   "notAvailableForFreeOrganization": {
     "message": "This feature is not available for free organizations. Contact your organization owner to upgrade."
@@ -6793,7 +6793,7 @@
     "message": "Require existing members to change their passwords"
   },
   "region": {
-    "message": "Region"
+    "message": "Região"
   },
   "eu": {
     "message": "EU",
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "A conta não tem uma senha mestre"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Nenhuma senha mestre"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/pt_PT/messages.json b/apps/web/src/locales/pt_PT/messages.json
index b127e71e20..673ae54a9c 100644
--- a/apps/web/src/locales/pt_PT/messages.json
+++ b/apps/web/src/locales/pt_PT/messages.json
@@ -1,6 +1,6 @@
 {
   "pageTitle": {
-    "message": "Cofre web $APP_NAME$",
+    "message": "Cofre Web $APP_NAME$",
     "description": "The title of the website in the browser window.",
     "placeholders": {
       "app_name": {
@@ -134,7 +134,7 @@
     "message": "Sra."
   },
   "mx": {
-    "message": "Mx"
+    "message": "Neutro"
   },
   "dr": {
     "message": "Dr."
@@ -198,7 +198,7 @@
     "description": "Domain name. Example: website.com"
   },
   "host": {
-    "message": "Servidor",
+    "message": "Domínio",
     "description": "A URL's host value. For example, the host of https://sub.domain.com:443 is 'sub.domain.com:443'."
   },
   "exact": {
@@ -281,19 +281,19 @@
     "message": "Procurar nos favoritos"
   },
   "searchLogin": {
-    "message": "Search logins",
+    "message": "Procurar credenciais",
     "description": "Search Login type"
   },
   "searchCard": {
-    "message": "Search cards",
+    "message": "Procurar cartões",
     "description": "Search Card type"
   },
   "searchIdentity": {
-    "message": "Search identities",
+    "message": "Procurar identidades",
     "description": "Search Identity type"
   },
   "searchSecureNote": {
-    "message": "Search secure notes",
+    "message": "Procurar notas seguras",
     "description": "Search Secure Note type"
   },
   "searchVault": {
@@ -306,10 +306,10 @@
     "message": "Procurar na organização"
   },
   "searchMembers": {
-    "message": "Search members"
+    "message": "Procurar membros"
   },
   "searchGroups": {
-    "message": "Search groups"
+    "message": "Procurar grupos"
   },
   "allItems": {
     "message": "Todos os itens"
@@ -393,7 +393,7 @@
     "message": "Selecionar"
   },
   "newItem": {
-    "message": "New item"
+    "message": "Novo item"
   },
   "addItem": {
     "message": "Adicionar item"
@@ -477,7 +477,7 @@
     "message": "Itens do cofre"
   },
   "filter": {
-    "message": "Filter"
+    "message": "Filtrar"
   },
   "moveSelectedToOrg": {
     "message": "Mover selecionados para a organização"
@@ -586,10 +586,10 @@
     "message": "Pasta eliminada"
   },
   "editInfo": {
-    "message": "Edit info"
+    "message": "Editar informações"
   },
   "access": {
-    "message": "Access"
+    "message": "Acessos"
   },
   "loggedOut": {
     "message": "Sessão terminada"
@@ -756,7 +756,7 @@
     "message": "Não existem itens para listar."
   },
   "noPermissionToViewAllCollectionItems": {
-    "message": "You do not have permission to view all items in this collection."
+    "message": "Não tem permissão para ver todos os itens desta coleção."
   },
   "noCollectionsInList": {
     "message": "Não existem coleções para listar."
@@ -768,7 +768,7 @@
     "message": "Não existem utilizadores para listar."
   },
   "noMembersInList": {
-    "message": "There are no members to list."
+    "message": "Não existem membros para listar."
   },
   "noEventsInList": {
     "message": "Não existem eventos para listar."
@@ -813,7 +813,7 @@
     }
   },
   "rememberMe": {
-    "message": "Memorizar-me"
+    "message": "Memorizar"
   },
   "sendVerificationCodeEmailAgain": {
     "message": "Enviar e-mail com o código de verificação novamente"
@@ -831,10 +831,10 @@
     "message": "Início de sessão indisponível"
   },
   "noTwoStepProviders": {
-    "message": "Esta conta tem a verificação de dois passos configurada, no entanto, nenhum dos fornecedores da verificação de dois passos configurada é suportado por este navegador web."
+    "message": "Esta conta tem a verificação de dois passos configurada, no entanto, nenhum dos fornecedores da verificação de dois passos configurada é suportado por este navegador Web."
   },
   "noTwoStepProviders2": {
-    "message": "Por favor, utilize um navegador web suportado (como o Chrome) e/ou adicione fornecedores adicionais que sejam mais bem suportados nos navegadores web (como uma aplicação de autenticação)."
+    "message": "Por favor, utilize um navegador Web suportado (como o Chrome) e/ou adicione fornecedores adicionais que sejam mais bem suportados nos navegadores web (como uma aplicação de autenticação)."
   },
   "twoStepOptions": {
     "message": "Opções de verificação de dois passos"
@@ -915,7 +915,7 @@
     }
   },
   "deleteSelectedCollectionsDesc": {
-    "message": "$COUNT$ collection(s) will be permanently deleted.",
+    "message": "$COUNT$ coleção(ões) será(ão) permanentemente eliminada(s).",
     "placeholders": {
       "count": {
         "content": "$1",
@@ -924,7 +924,7 @@
     }
   },
   "deleteSelectedConfirmation": {
-    "message": "Are you sure you want to continue?"
+    "message": "Tem a certeza de que deseja continuar?"
   },
   "moveSelectedItemsDesc": {
     "message": "Escolha uma pasta para a qual pretende mover o(s) $COUNT$ item(ns) selecionado(s).",
@@ -968,7 +968,7 @@
     "message": "Esta exportação contém os dados do seu cofre num formato não encriptado. Não deve armazenar ou enviar o ficheiro exportado através de canais não seguros (como o e-mail). Elimine-o imediatamente após terminar a sua utilização."
   },
   "encExportKeyWarningDesc": {
-    "message": "Esta exportação encripta os seus dados utilizando a chave de encriptação da sua conta. Se alguma vez mudar a chave de encriptação da sua conta, deve exportar novamente, uma vez que não conseguirá desencriptar este ficheiro de exportação."
+    "message": "Esta exportação encripta os seus dados utilizando a chave de encriptação da sua conta. Se alguma vez alterar a chave de encriptação da sua conta, deve exportar novamente, uma vez que não conseguirá desencriptar este ficheiro de exportação."
   },
   "encExportAccountWarningDesc": {
     "message": "As chaves de encriptação da conta são únicas para cada conta de utilizador Bitwarden, pelo que não é possível importar uma exportação encriptada para uma conta diferente."
@@ -1007,10 +1007,10 @@
     "message": "Defina uma palavra-passe do ficheiro para encriptar a exportação e importe-a para qualquer conta Bitwarden utilizando a palavra-passe de desencriptação."
   },
   "exportTypeHeading": {
-    "message": "Export type"
+    "message": "Tipo de exportação"
   },
   "accountRestricted": {
-    "message": "Account restricted"
+    "message": "Conta restringida"
   },
   "passwordProtected": {
     "message": "Protegido por palavra-passe"
@@ -1165,14 +1165,14 @@
     }
   },
   "kdfMemory": {
-    "message": "KDF memory (MB)",
+    "message": "Memória KDF (MB)",
     "description": "Memory refers to computer memory (RAM). MB is short for megabytes."
   },
   "argon2Warning": {
     "message": "Setting your KDF iterations, memory, and parallelism too high could result in poor performance when logging into (and unlocking) Bitwarden on slower or older devices. We recommend changing these individually in small increments and then test all of your devices."
   },
   "kdfParallelism": {
-    "message": "KDF parallelism"
+    "message": "Paralelismo KDF"
   },
   "argon2Desc": {
     "message": "Higher KDF iterations, memory, and parallelism can help protect your master password from being brute forced by an attacker."
@@ -1217,7 +1217,7 @@
     "message": "Proceda da seguinte forma para eliminar todos os itens do cofre da organização."
   },
   "purgeVaultWarning": {
-    "message": "A purgação do seu cofre é permanente. Não pode ser desfeita."
+    "message": "A purgação do seu cofre é permanente. Não pode ser anulada."
   },
   "vaultPurged": {
     "message": "Cofre purgado."
@@ -1229,7 +1229,7 @@
     "message": "Proceda da seguinte forma para eliminar a sua conta e todos os dados do cofre."
   },
   "deleteAccountWarning": {
-    "message": "A eliminação da sua conta é permanente. Não pode ser desfeita."
+    "message": "A eliminação da sua conta é permanente. Não pode ser anulada."
   },
   "accountDeleted": {
     "message": "Conta eliminada"
@@ -1265,7 +1265,7 @@
     }
   },
   "dataExportSuccess": {
-    "message": "Data successfully exported"
+    "message": "Dados exportados com sucesso"
   },
   "importWarning": {
     "message": "Está a importar dados para a $ORGANIZATION$. Os seus dados podem ser partilhados com membros desta organização. Deseja prosseguir?",
@@ -1317,7 +1317,7 @@
     "message": "Preferências"
   },
   "preferencesDesc": {
-    "message": "Personalize a sua experiência do cofre web."
+    "message": "Personalize a sua experiência do cofre Web."
   },
   "preferencesUpdated": {
     "message": "Preferências atualizadas"
@@ -1326,7 +1326,7 @@
     "message": "Idioma"
   },
   "languageDesc": {
-    "message": "Alterar o idioma utilizado pelo cofre web."
+    "message": "Alterar o idioma utilizado pelo cofre Web."
   },
   "enableFavicon": {
     "message": "Mostrar ícones do site"
@@ -1339,7 +1339,7 @@
     "description": "Allows scaling the web vault UI's width"
   },
   "enableFullWidthDesc": {
-    "message": "Permitir que o cofre web expanda a largura total da janela do navegador."
+    "message": "Permitir que o cofre Web expanda a largura total da janela do navegador."
   },
   "default": {
     "message": "Predefinido"
@@ -1516,7 +1516,7 @@
     "message": "Devido a limitações da plataforma, as YubiKeys não podem ser utilizadas em todas as aplicações Bitwarden. Deverá configurar outro fornecedor de verificação de dois passos para que possa aceder à sua conta quando as YubiKeys não puderem ser utilizadas. Plataformas suportadas:"
   },
   "twoFactorYubikeySupportUsb": {
-    "message": "Cofre web, aplicação para computador, CLI e todas as extensões do navegador num dispositivo com uma porta USB que possa aceitar a sua YubiKey."
+    "message": "Cofre Web, aplicação para computador, CLI e todas as extensões do navegador num dispositivo com uma porta USB que possa aceitar a sua YubiKey."
   },
   "twoFactorYubikeySupportMobile": {
     "message": "Aplicações móveis num dispositivo com capacidades NFC ou uma porta de dados que possa aceitar a sua YubiKey."
@@ -1573,7 +1573,7 @@
     "message": "Chave secreta"
   },
   "twoFactorDuoApiHostname": {
-    "message": "Servidor API"
+    "message": "Nome de domínio da API"
   },
   "twoFactorEmailDesc": {
     "message": "Siga estes passos para ativar a verificação de dois passos com o e-mail:"
@@ -1618,7 +1618,7 @@
     "message": "Devido a limitações da plataforma, o FIDO U2F não pode ser utilizado em todas as aplicações Bitwarden. Deve configurar outro fornecedor de verificação de dois passos para poder aceder à sua conta quando o FIDO U2F não puder ser utilizado. Plataformas suportadas:"
   },
   "twoFactorU2fSupportWeb": {
-    "message": "Cofre web e extensões do navegador num computador de secretária/portátil com um navegador compatível com U2F (Chrome, Opera, Vivaldi ou Firefox com FIDO U2F ativado)."
+    "message": "Cofre Web e extensões do navegador num computador de secretária/portátil com um navegador compatível com U2F (Chrome, Opera, Vivaldi ou Firefox com FIDO U2F ativado)."
   },
   "twoFactorU2fWaiting": {
     "message": "A aguardar que toque no botão da sua chave de segurança"
@@ -1633,7 +1633,7 @@
     "message": "Devido a limitações da plataforma, o WebAuthn não pode ser utilizado em todas as aplicações Bitwarden. Deve configurar outro fornecedor de verificação de dois passos para que possa aceder à sua conta quando o WebAuthn não puder ser utilizado. Plataformas suportadas:"
   },
   "twoFactorWebAuthnSupportWeb": {
-    "message": "Cofre web e extensões do navegador num computador de secretária/portátil com um navegador compatível com WebAuthn (Chrome, Opera, Vivaldi ou Firefox com FIDO U2F ativado)."
+    "message": "Cofre Web e extensões do navegador num computador de secretária/portátil com um navegador compatível com WebAuthn (Chrome, Opera, Vivaldi ou Firefox com FIDO U2F ativado)."
   },
   "twoFactorRecoveryYourCode": {
     "message": "O seu código Bitwarden de recuperação da verificação de dois passos"
@@ -1705,7 +1705,7 @@
     "message": "Palavras-passe expostas"
   },
   "exposedPasswordsReportDesc": {
-    "message": "Passwords exposed in a data breach are easy targets for attackers. Change these passwords to prevent potential break-ins."
+    "message": "As palavras-passe expostas numa violação de dados são alvos fáceis para os atacantes. Altere estas palavras-passe para evitar potenciais invasões."
   },
   "exposedPasswordsFound": {
     "message": "Palavras-passe expostas encontradas"
@@ -2158,7 +2158,7 @@
     "message": "GB de armazenamento a remover"
   },
   "storageAddNote": {
-    "message": "A adição de armazenamento resultará em ajustes nos totais de faturação e cobrará imediatamente o método de pagamento registado. A primeira cobrança será proporcional ao remanescente do ciclo de faturação atual."
+    "message": "Adicionar armazenamento resultará em ajustes nos totais de faturação e cobrará imediatamente o método de pagamento registado. A primeira cobrança será proporcional ao remanescente do ciclo de faturação atual."
   },
   "storageRemoveNote": {
     "message": "Reduzir o armazenamento alterará o total a ser cobrado que será dividido proporcionalmente em créditos na próxima faturação."
@@ -2490,7 +2490,7 @@
     "message": "Quando um membro é revogado, deixa de ter acesso aos dados da organização. Para restaurar rapidamente o acesso do membro, vá para o separador Revogados."
   },
   "removeUserConfirmationKeyConnector": {
-    "message": "Atenção! Este utilizador necessita do Key Connector para gerir a sua encriptação. Ao remover este utilizador da sua organização desativará permanentemente a sua conta. Esta ação não pode ser desfeita. Deseja prosseguir?"
+    "message": "Atenção! Este utilizador necessita do Key Connector para gerir a sua encriptação. Ao remover este utilizador da sua organização desativará permanentemente a sua conta. Esta ação não pode ser anulada. Deseja prosseguir?"
   },
   "externalId": {
     "message": "ID externa"
@@ -2523,13 +2523,13 @@
     "message": "Editar coleção"
   },
   "collectionInfo": {
-    "message": "Collection info"
+    "message": "Informações da coleção"
   },
   "deleteCollectionConfirmation": {
     "message": "Tem a certeza de que pretende eliminar esta coleção?"
   },
   "editMember": {
-    "message": "Edit member"
+    "message": "Editar membro"
   },
   "fieldOnTabRequiresAttention": {
     "message": "A field on the '$TAB$' tab requires your attention.",
@@ -2634,7 +2634,7 @@
     "description": "Desktop app"
   },
   "webVault": {
-    "message": "Cofre web"
+    "message": "Cofre Web"
   },
   "loggedIn": {
     "message": "Sessão iniciada"
@@ -2988,7 +2988,7 @@
     }
   },
   "unlinkedSsoUser": {
-    "message": "SSO desvinculado para o utilizador $ID$.",
+    "message": "SSO do utilizador $ID$ desligado.",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -3129,7 +3129,7 @@
     "message": "Atualizar navegador"
   },
   "updateBrowserDesc": {
-    "message": "Está a utilizar um navegador web não suportado. O cofre web pode não funcionar corretamente."
+    "message": "Está a utilizar um navegador web não suportado. O cofre Web pode não funcionar corretamente."
   },
   "joinOrganization": {
     "message": "Aderir à organização"
@@ -3284,7 +3284,7 @@
     }
   },
   "routingNumber": {
-    "message": "Número de roteamento",
+    "message": "Routing number",
     "description": "Bank account routing number"
   },
   "accountNumber": {
@@ -3324,7 +3324,7 @@
     "description": "Seat = User Seat"
   },
   "subscriptionDesc": {
-    "message": "Os ajustes à sua subscrição resultarão em alterações proporcionais aos seus totais de faturação. Se os novos utilizadores convidados excederem os lugares da sua subscrição, receberá imediatamente uma cobrança proporcional pelos utilizadores adicionais."
+    "message": "Os ajustes à sua subscrição resultarão em alterações proporcionais aos seus totais de faturação. Se os novos utilizadores convidados excederem o número de licenças da sua subscrição, receberá imediatamente uma cobrança proporcional pelos utilizadores adicionais."
   },
   "subscriptionUserSeats": {
     "message": "A sua subscrição permite um total de $COUNT$ membros.",
@@ -3351,10 +3351,10 @@
     "message": "Para obter ajuda adicional na gestão da sua subscrição, contacte o serviço de apoio ao cliente."
   },
   "subscriptionUserSeatsUnlimitedAutoscale": {
-    "message": "Os ajustes à sua subscrição resultarão em alterações proporcionais aos seus totais de faturação. Se os novos membros convidados excederem os lugares da sua subscrição, receberá imediatamente uma cobrança proporcional pelos membros adicionais."
+    "message": "Os ajustes à sua subscrição resultarão em alterações proporcionais aos seus totais de faturação. Se os novos utilizadores convidados excederem o número de licenças da sua subscrição, receberá imediatamente uma cobrança proporcional pelos utilizadores adicionais."
   },
   "subscriptionUserSeatsLimitedAutoscale": {
-    "message": "Os ajustes à sua subscrição resultarão em alterações proporcionais aos seus totais de faturação. Se os novos membros convidados excederem os lugares da sua subscrição, receberá imediatamente uma cobrança proporcional pelos membros adicionais até que o seu limite de $MAX$ lugares seja atingido.",
+    "message": "Os ajustes à sua subscrição resultarão em alterações proporcionais aos seus totais de faturação. Se os novos utilizadores convidados excederem o número de licenças da sua subscrição, receberá imediatamente uma cobrança proporcional pelos utilizadores adicionais até que o seu limite de $MAX$ licenças seja atingido.",
     "placeholders": {
       "max": {
         "content": "$1",
@@ -3405,10 +3405,10 @@
     "message": "Lugares a remover"
   },
   "seatsAddNote": {
-    "message": "A adição de lugares de utilizador resultará em ajustes nos totais de faturação e cobrará imediatamente o método de pagamento registado. A primeira cobrança será proporcional ao remanescente do ciclo de faturação atual."
+    "message": "Adicionar licenças de utilizador resultará em ajustes nos totais de faturação e cobrará imediatamente o método de pagamento registado. A primeira cobrança será proporcional ao remanescente do ciclo de faturação atual."
   },
   "seatsRemoveNote": {
-    "message": "Reduzir o número de lugares de utilizador alterará o total a ser cobrado que será dividido proporcionalmente em créditos na próxima faturação."
+    "message": "Reduzir o número de licenças de utilizador alterará o total a ser cobrado que será dividido proporcionalmente em créditos na próxima faturação."
   },
   "adjustedSeats": {
     "message": "$AMOUNT$ lugares de utilizador ajustados.",
@@ -3468,7 +3468,7 @@
     "message": "Não selecionou nada."
   },
   "acceptPolicies": {
-    "message": "Ao assinalar esta caixa, concorda com o seguinte:"
+    "message": "Ao selecionar esta caixa, concorda com o seguinte:"
   },
   "acceptPoliciesRequired": {
     "message": "Os Termos de utilização e a Política de privacidade não foram aceites."
@@ -3483,10 +3483,10 @@
     "message": "Filtros"
   },
   "vaultTimeout": {
-    "message": "Expiração do cofre"
+    "message": "Tempo limite do cofre"
   },
   "vaultTimeoutDesc": {
-    "message": "Escolha a que altura expira o seu cofre, realizando a ação de expiração do mesmo."
+    "message": "Escolha quando é que o seu cofre executará a ação de tempo limite do cofre."
   },
   "oneMinute": {
     "message": "1 minuto"
@@ -3525,7 +3525,7 @@
     "message": "Organização suspensa"
   },
   "disabledOrganizationFilterError": {
-    "message": "Não é possível aceder a itens em organizações suspensas. Contacte o proprietário da organização para obter assistência."
+    "message": "Não é possível aceder aos itens de organizações suspensas. Contacte o proprietário da organização para obter assistência."
   },
   "licenseIsExpired": {
     "message": "A licença expirou."
@@ -3565,13 +3565,13 @@
     "message": "Foi identificada uma palavra-passe fraca. Utilize uma palavra-passe forte para proteger a sua conta. Tem a certeza de que pretende utilizar uma palavra-passe fraca?"
   },
   "rotateAccountEncKey": {
-    "message": "Rodar também a chave de encriptação da minha conta"
+    "message": "Gerar também a chave de encriptação da minha conta"
   },
   "rotateEncKeyTitle": {
-    "message": "Rodar chave de encriptação"
+    "message": "Gerar chave de encriptação"
   },
   "rotateEncKeyConfirmation": {
-    "message": "Tem a certeza de que pretende rodar a chave de encriptação da sua conta?"
+    "message": "Tem a certeza de que pretende gerar a chave de encriptação da sua conta?"
   },
   "attachmentsNeedFix": {
     "message": "Este item tem anexos de ficheiros antigos que precisam de ser corrigidos."
@@ -3584,14 +3584,14 @@
     "description": "This is a verb. ex. 'Fix The Car'"
   },
   "oldAttachmentsNeedFixDesc": {
-    "message": "Existem anexos de ficheiros antigos no seu cofre que têm de ser corrigidos antes de poder rodar a chave de encriptação da sua conta."
+    "message": "Existem anexos de ficheiros antigos no seu cofre que têm de ser corrigidos antes de poder alterar a chave de encriptação da sua conta."
   },
   "yourAccountsFingerprint": {
-    "message": "Frase da impressão digital da sua conta",
+    "message": "Frase de impressão digital da sua conta",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "fingerprintEnsureIntegrityVerify": {
-    "message": "Para garantir a integridade das suas chaves de encriptação, verifique a frase da impressão digital do utilizador antes de continuar.",
+    "message": "Para garantir a integridade das suas chaves de encriptação, verifique a frase de impressão digital do utilizador antes de continuar.",
     "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their public key with another user, for the purposes of sharing."
   },
   "fingerprintMatchInfo": {
@@ -3615,7 +3615,7 @@
     "message": "A sua chave da API pode ser utilizada para autenticar a API pública Bitwarden."
   },
   "apiKeyRotateDesc": {
-    "message": "A rotação da chave da API invalidará a chave anterior. Pode rodar a sua chave API se considerar que a chave atual já não é segura para utilização."
+    "message": "A alteração da chave da API invalidará a chave anterior. Pode alterar a sua chave API se considerar que a chave atual já não é segura para utilização."
   },
   "apiKeyWarning": {
     "message": "A sua chave API tem acesso total à organização. Deve ser mantida em segredo."
@@ -3634,7 +3634,7 @@
     "message": "Ver a chave da API"
   },
   "rotateApiKey": {
-    "message": "Rodar a chave da API"
+    "message": "Gerar a chave da API"
   },
   "selectOneCollection": {
     "message": "Deve selecionar pelo menos uma coleção."
@@ -3733,7 +3733,7 @@
     "message": "Preferência do utilizador"
   },
   "vaultTimeoutAction": {
-    "message": "Ação de expiração do cofre"
+    "message": "Ação de tempo limite do cofre"
   },
   "vaultTimeoutActionLockDesc": {
     "message": "É necessária uma palavra-passe mestra ou outro método de desbloqueio para aceder novamente ao seu cofre."
@@ -3831,7 +3831,7 @@
     "message": "Ao terminar sessão removerá todo o acesso ao seu cofre e requer autenticação online após o período de tempo limite. Tem a certeza de que pretende utilizar esta definição?"
   },
   "vaultTimeoutLogOutConfirmationTitle": {
-    "message": "Confirmação de expiração do cofre"
+    "message": "Confirmação da ação de tempo limite"
   },
   "hidePasswords": {
     "message": "Ocultar palavras-passe"
@@ -3867,7 +3867,7 @@
     "message": "Início de sessão único para empresas"
   },
   "ssoHandOff": {
-    "message": "Pode fechar esta aba e continuar na extensão."
+    "message": "Pode agora fechar este separador e continuar na extensão."
   },
   "includeAllTeamsFeatures": {
     "message": "Todas as funcionalidades de Equipas, mais:"
@@ -3879,31 +3879,31 @@
     "message": "Políticas empresariais"
   },
   "ssoValidationFailed": {
-    "message": "Validação SSO falhou"
+    "message": "Falha na validação do SSO"
   },
   "ssoIdentifierRequired": {
-    "message": "Identificador da organização é requerido."
+    "message": "É necessário o identificador de SSO da organização."
   },
   "ssoIdentifier": {
     "message": "Identificador SSO"
   },
   "ssoIdentifierHint": {
-    "message": "Forneça este ID aos seus membros para iniciar sessão com SSO."
+    "message": "Forneça este ID aos seus membros para iniciarem sessão com o SSO."
   },
   "unlinkSso": {
-    "message": "Desligar SSO"
+    "message": "Desativar SSO"
   },
   "unlinkSsoConfirmation": {
-    "message": "Tem a certeza de que deseja desagregar o SSO desta organização?"
+    "message": "Tem a certeza de que pretende desligar o SSO desta organização?"
   },
   "linkSso": {
-    "message": "Ligar SSO"
+    "message": "Ativar SSO"
   },
   "singleOrg": {
     "message": "Organização única"
   },
   "singleOrgDesc": {
-    "message": "Restringir que membros entrem em outras organizações."
+    "message": "Impedir os membros de aderirem a outras organizações."
   },
   "singleOrgBlockCreateMessage": {
     "message": "Your current organization has a policy that does not allow you to join more than one organization. Please contact your organization admins or sign up from a different Bitwarden account."
@@ -3912,7 +3912,7 @@
     "message": "Organization members who are not owners or admins and are already a member of another organization will be removed from your organization."
   },
   "requireSso": {
-    "message": "Autenticação de acesso único"
+    "message": "Exigir autenticação de início de sessão único"
   },
   "requireSsoPolicyDesc": {
     "message": "Require members to log in with the Enterprise single sign-on method."
@@ -3924,7 +3924,7 @@
     "message": "The single organization Enterprise policy must be turned on before activating this policy."
   },
   "requireSsoPolicyReqError": {
-    "message": "Política da Organização Única não ativada."
+    "message": "Política de organização única não definida."
   },
   "requireSsoExemption": {
     "message": "Organization owners and admins are exempt from this policy's enforcement."
@@ -3952,19 +3952,19 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "deletedSend": {
-    "message": "Envio eliminado",
+    "message": "Send eliminado",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "deleteSend": {
-    "message": "Eliminar Envio",
+    "message": "Eliminar Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "deleteSendConfirmation": {
-    "message": "Tem a certeza que pretende eliminar este Envio?",
+    "message": "Tem a certeza de que pretende eliminar este Send?",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "whatTypeOfSend": {
-    "message": "Que tipo de Envio é este?",
+    "message": "Que tipo de Send é este?",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "deletionDate": {
@@ -3985,18 +3985,18 @@
     "message": "Número máximo de acessos"
   },
   "maxAccessCountDesc": {
-    "message": "Se atribuído, os utilizadores não poderão mais aceder a este Envio, uma vez que a contagem máxima de acesso for alcançada.",
+    "message": "Se definido, os utilizadores deixarão de poder aceder a este Send quando a contagem máxima de acessos for atingida.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "currentAccessCount": {
-    "message": "Código de acesso actual"
+    "message": "Número de acessos atual"
   },
   "sendPasswordDesc": {
-    "message": "Opcionalmente, exija uma senha para os utilizadores acederem a este Envio.",
+    "message": "Opcionalmente, exigir uma palavra-passe para os utilizadores acederem a este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendNotesDesc": {
-    "message": "Notas privadas sobre esse Envio.",
+    "message": "Notas privadas sobre este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "disabled": {
@@ -4026,18 +4026,18 @@
     "message": "Ocultar o meu endereço de e-mail dos destinatários."
   },
   "disableThisSend": {
-    "message": "Desabilite este envio para que ninguém possa aceder.",
+    "message": "Desative este Send para que ninguém possa aceder ao mesmo.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "allSends": {
     "message": "Todos os Sends"
   },
   "maxAccessCountReached": {
-    "message": "Número de acessos máximo atingido",
+    "message": "Número máximo de acessos atingido",
     "description": "This text will be displayed after a Send has been accessed the maximum amount of times."
   },
   "pendingDeletion": {
-    "message": "Remoção pendente"
+    "message": "Eliminação pendente"
   },
   "expired": {
     "message": "Expirado"
@@ -4047,30 +4047,30 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendProtectedPassword": {
-    "message": "Este envio está protegido com uma senha. Por favor, digite a senha abaixo para continuar.",
+    "message": "Este Send está protegido por uma palavra-passe. Por favor, introduza a palavra-passe abaixo para continuar.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendProtectedPasswordDontKnow": {
-    "message": "Não sabe a senha? Peça ao Remetente a senha necessária para acessar esse Envio.",
+    "message": "Não sabe a palavra-passe? Peça ao remetente a palavra-passe necessária para aceder a este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendHiddenByDefault": {
-    "message": "Este envio está oculto por padrão. Pode alternar a visibilidade usando o botão abaixo.",
+    "message": "Este Send está oculto por defeito. Pode alternar a sua visibilidade utilizando o botão abaixo.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "downloadFile": {
     "message": "Transferir ficheiro"
   },
   "sendAccessUnavailable": {
-    "message": "O Envio que está tentando aceder não existe ou não está mais disponível.",
+    "message": "O Send a que está a tentar aceder não existe ou já não está disponível.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "missingSendFile": {
-    "message": "O ficheiro associado a este envio não foi encontrado.",
+    "message": "Não foi possível encontrar o ficheiro associado a este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "noSendsInList": {
-    "message": "Não existem eventos para listar.",
+    "message": "Não existem Sends para listar.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "emergencyAccess": {
@@ -4116,16 +4116,16 @@
     "message": "Pode ver todos os itens no seu próprio cofre."
   },
   "takeover": {
-    "message": "Controlo"
+    "message": "Aquisição"
   },
   "takeoverDesc": {
-    "message": "Pode redefinir a sua conta com uma nova senha mestra."
+    "message": "Pode repor a sua conta com uma nova palavra-passe mestra."
   },
   "waitTime": {
-    "message": "Tempo de Espera"
+    "message": "Tempo de espera"
   },
   "waitTimeDesc": {
-    "message": "Tempo necessário antes de conceder acesso automaticamente."
+    "message": "Tempo necessário para conceder automaticamente o acesso."
   },
   "oneDay": {
     "message": "1 dia"
@@ -4146,10 +4146,10 @@
     "message": "You've been invited to become an emergency contact for the user listed above. To accept the invitation, you need to log in or create a new Bitwarden account."
   },
   "emergencyInviteAcceptFailed": {
-    "message": "Não é possível aceitar o convite. Peça ao utilizador para enviar um novo convite."
+    "message": "Não foi possível aceitar o convite. Peça ao utilizador para enviar um novo convite."
   },
   "emergencyInviteAcceptFailedShort": {
-    "message": "Não é possível aceitar o convite. $DESCRIPTION$",
+    "message": "Não foi possível aceitar o convite. $DESCRIPTION$",
     "placeholders": {
       "description": {
         "content": "$1",
@@ -4161,7 +4161,7 @@
     "message": "You can access the emergency options for this user after your identity has been confirmed. We'll send you an email when that happens."
   },
   "requestAccess": {
-    "message": "Solicitar acesso"
+    "message": "Pedir acesso"
   },
   "requestAccessConfirmation": {
     "message": "Are you sure you want to request emergency access? You will be provided access after $WAITTIME$ day(s) or whenever the user manually approves the request.",
@@ -4201,7 +4201,7 @@
     }
   },
   "emergencyApproved": {
-    "message": "Acesso de emergência aprovado."
+    "message": "Acesso de emergência aprovado"
   },
   "emergencyRejected": {
     "message": "Acesso de emergência rejeitado"
@@ -4216,7 +4216,7 @@
     }
   },
   "personalOwnership": {
-    "message": "Propriedade pessoal"
+    "message": "Remover cofre pessoal"
   },
   "personalOwnershipPolicyDesc": {
     "message": "Require members to save items to an organization by removing the individual vault option."
@@ -4225,10 +4225,10 @@
     "message": "Organization owners and administrators are exempt from this policy's enforcement."
   },
   "personalOwnershipSubmitError": {
-    "message": "Due to an Enterprise policy, you are restricted from saving items to your individual vault. Change the ownership option to an organization and choose from available collections."
+    "message": "Devido a uma política empresarial, está impedido de guardar itens no seu cofre pessoal. Altere a opção Propriedade para uma organização e escolha entre as coleções disponíveis."
   },
   "disableSend": {
-    "message": "Desabilitar envio"
+    "message": "Remover Send"
   },
   "disableSendPolicyDesc": {
     "message": "Do not allow members to create or edit Sends.",
@@ -4238,7 +4238,7 @@
     "message": "Organization members that can manage the organization's policies are exempt from this policy's enforcement."
   },
   "sendDisabled": {
-    "message": "Envio desabilitado",
+    "message": "Send removido",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendDisabledWarning": {
@@ -4246,11 +4246,11 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendOptions": {
-    "message": "Opções de envio",
+    "message": "Opções do Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendOptionsPolicyDesc": {
-    "message": "Definir opções para a criação e edição de Sends.",
+    "message": "Definir opções para criar e editar Sends.",
     "description": "'Sends' is a plural noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendOptionsExemption": {
@@ -4268,7 +4268,7 @@
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "modifiedPolicyId": {
-    "message": "Política modificada $ID$.",
+    "message": "Política $ID$ modificada.",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -4277,7 +4277,7 @@
     }
   },
   "planPrice": {
-    "message": "Preço do planoplanejado"
+    "message": "Preço do plano"
   },
   "estimatedTax": {
     "message": "Imposto estimado"
@@ -4310,19 +4310,19 @@
     "message": "Permissão"
   },
   "managerPermissions": {
-    "message": "Gestão de permissões"
+    "message": "Permissões do gestor"
   },
   "adminPermissions": {
-    "message": "Permissões de Administrador"
+    "message": "Permissões do administrador"
   },
   "accessEventLogs": {
-    "message": "Aceder ao Registro de Eventos"
+    "message": "Aceder aos registos de eventos"
   },
   "accessImportExport": {
-    "message": "Aceder a Importar/Exportar"
+    "message": "Aceder à importação/exportação"
   },
   "accessReports": {
-    "message": "Relatórios de acesso"
+    "message": "Aceder aos relatórios"
   },
   "missingPermissions": {
     "message": "Não tem as permissões necessárias para executar esta ação."
@@ -4334,34 +4334,34 @@
     "message": "Criar novas coleções"
   },
   "editAnyCollection": {
-    "message": "Editar Qualquer Coleção"
+    "message": "Editar qualquer coleção"
   },
   "deleteAnyCollection": {
-    "message": "Excluir Qualquer Coleção"
+    "message": "Eliminar qualquer coleção"
   },
   "manageAssignedCollections": {
-    "message": "Gerenciar Coleções Atribuídas"
+    "message": "Gerir coleções atribuídas"
   },
   "editAssignedCollections": {
-    "message": "Editar Coleções Atribuídas"
+    "message": "Editar coleções atribuídas"
   },
   "deleteAssignedCollections": {
-    "message": "Excluir Coleções Atribuídas"
+    "message": "Eliminar coleções atribuídas"
   },
   "manageGroups": {
-    "message": "Gerenciar grupos"
+    "message": "Gerir grupos"
   },
   "managePolicies": {
-    "message": "Gerenciar Políticas"
+    "message": "Gerir grupos"
   },
   "manageSso": {
-    "message": "Gerenciar SSO"
+    "message": "Gerir SSO"
   },
   "manageUsers": {
-    "message": "Gerenciar Utilizadores"
+    "message": "Gerir utilizadores"
   },
   "manageResetPassword": {
-    "message": "Gerenciar redefinição de senha"
+    "message": "Gerir a redefinição da palavra-passe"
   },
   "disableRequiredError": {
     "message": "You must manually turn the $POLICYNAME$ policy before this policy can be turned off.",
@@ -4373,20 +4373,20 @@
     }
   },
   "personalOwnershipPolicyInEffect": {
-    "message": "Uma política de organização está a afetar as suas opções de propriedade."
+    "message": "Uma política da organização está a afetar as suas opções de propriedade."
   },
   "personalOwnershipPolicyInEffectImports": {
     "message": "An organization policy has blocked importing items into your individual vault."
   },
   "personalOwnershipCheckboxDesc": {
-    "message": "Desativar direito de propriedade para utilizadores da organização"
+    "message": "Remover a propriedade individual dos utilizadores da organização"
   },
   "textHiddenByDefault": {
-    "message": "Ao aceder ao Envio, ocultar o texto por padrão",
+    "message": "Ao aceder ao Send, ocultar o texto por defeito",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendNameDesc": {
-    "message": "Um nome amigável para descrever este Envio.",
+    "message": "Um nome simpático para descrever este Send.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendTextDesc": {
@@ -4399,30 +4399,30 @@
     "message": "Copiar o link para partilhar este Send para a minha área de transferência ao guardar."
   },
   "sendLinkLabel": {
-    "message": "Enviar link",
+    "message": "Link do Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "send": {
-    "message": "Enviar",
+    "message": "Send",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendAccessTaglineProductDesc": {
-    "message": "Bitwarden Send transmite informações sensíveis e temporárias para outras pessoas de forma fácil e segura.",
+    "message": "O Bitwarden Send transmite informações sensíveis e temporárias a terceiros de forma fácil e segura.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "sendAccessTaglineLearnMore": {
-    "message": "Saiba mais",
+    "message": "Saiba mais sobre o",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read '**Learn more about** Bitwarden Send or sign up to try it today.'"
   },
   "sendVaultCardProductDesc": {
-    "message": "Compartilhe texto ou arquivos diretamente com qualquer um."
+    "message": "Partilhe texto ou ficheiros diretamente com qualquer pessoa."
   },
   "sendVaultCardLearnMore": {
-    "message": "Mais informações",
+    "message": "Saiba mais",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read '**Learn more**, see how it works, or try it now. '"
   },
   "sendVaultCardSee": {
-    "message": "ver",
+    "message": "veja",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Learn more, **see** how it works, or try it now.'"
   },
   "sendVaultCardHowItWorks": {
@@ -4434,7 +4434,7 @@
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Learn more, see how it works, **or** try it now.'"
   },
   "sendVaultCardTryItNow": {
-    "message": "experimente agora",
+    "message": "experimente-o agora",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Learn more, see how it works, or **try it now**.'"
   },
   "sendAccessTaglineOr": {
@@ -4442,11 +4442,11 @@
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Learn more about Bitwarden Send **or** sign up to try it today.'"
   },
   "sendAccessTaglineSignUp": {
-    "message": "inscrever-se",
+    "message": "inscreva-se",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Learn more about Bitwarden Send or **sign up** to try it today.'"
   },
   "sendAccessTaglineTryToday": {
-    "message": "para experimentar hoje.",
+    "message": "para o experimentar hoje.",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Learn more about Bitwarden Send or sign up to **try it today.**'"
   },
   "sendCreatorIdentifier": {
@@ -4459,7 +4459,7 @@
     }
   },
   "viewSendHiddenEmailWarning": {
-    "message": "O utilizador do Bitwarden que criou este Send optou por ocultar o seu endereço de e-mail. Deve garantir que confia na origem deste link antes de usar ou descarregar o seu conteúdo.",
+    "message": "O utilizador Bitwarden que criou este Send optou por ocultar o seu endereço de e-mail. Deve certificar-se de que confia na fonte deste link antes de utilizar ou descarregar o seu conteúdo.",
     "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated."
   },
   "expirationDateIsInvalid": {
@@ -4469,7 +4469,7 @@
     "message": "A data de eliminação fornecida não é válida."
   },
   "expirationDateAndTimeRequired": {
-    "message": "Uma data e hora de expiração é necessária."
+    "message": "São necessárias uma data e uma hora de expiração."
   },
   "deletionDateAndTimeRequired": {
     "message": "São necessárias uma data e uma hora de eliminação."
@@ -4478,19 +4478,19 @@
     "message": "Ocorreu um erro ao guardar as suas datas de eliminação e expiração."
   },
   "webAuthnFallbackMsg": {
-    "message": "Para verificar seu 2FA por favor, clique no botão abaixo."
+    "message": "Para verificar a sua 2FA, por favor, clique no botão abaixo."
   },
   "webAuthnAuthenticate": {
     "message": "Autenticar WebAuthn"
   },
   "webAuthnNotSupported": {
-    "message": "O WebAuthn não é suportado neste navegador."
+    "message": "O WebAuthn não é suportado por este navegador."
   },
   "webAuthnSuccess": {
-    "message": "WebAuthn verificado com sucesso! Pode fechar esta aba."
+    "message": "WebAuthn verificado com sucesso! Pode fechar este separador."
   },
   "hintEqualsPassword": {
-    "message": "A dica da sua senha não pode ser a mesma que a sua senha."
+    "message": "A dica da sua palavra-passe não pode ser igual à sua palavra-passe."
   },
   "enrollAccountRecovery": {
     "message": "Inscrever-se na recuperação de conta"
@@ -4502,10 +4502,10 @@
     "message": "Retirar-se da recuperação de conta"
   },
   "enrollPasswordResetSuccess": {
-    "message": "Registado com sucesso!"
+    "message": "Inscrição bem-sucedida!"
   },
   "withdrawPasswordResetSuccess": {
-    "message": "Saída com sucesso!"
+    "message": "Desistência bem-sucedida!"
   },
   "eventEnrollAccountRecovery": {
     "message": "Utilizador $ID$ inscrito na recuperação de conta.",
@@ -4526,7 +4526,7 @@
     }
   },
   "eventAdminPasswordReset": {
-    "message": "Redefinir senha mestra para usuário $ID$.",
+    "message": "Redefinição da palavra-passe mestra do utilizador $ID$.",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -4535,7 +4535,7 @@
     }
   },
   "eventResetSsoLink": {
-    "message": "Redefinir link Sso para utilizador $ID$",
+    "message": "Redefinir a ligação SSO do utilizador $ID$",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -4544,7 +4544,7 @@
     }
   },
   "firstSsoLogin": {
-    "message": "$ID$ conectou-se usando o Sso pela primeira vez",
+    "message": "$ID$ iniciou sessão utilizando o SSO pela primeira vez",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -4553,7 +4553,7 @@
     }
   },
   "resetPassword": {
-    "message": "Redefinir a senha"
+    "message": "Redefinir palavra-passe"
   },
   "resetPasswordLoggedOutWarning": {
     "message": "Proceeding will log $NAME$ out of their current session, requiring them to log back in. Active sessions on other devices may continue to remain active for up to one hour.",
@@ -4571,7 +4571,7 @@
     "message": "One or more organization policies require the master password to meet the following requirements:"
   },
   "resetPasswordSuccess": {
-    "message": "Senha redefinida com sucesso!"
+    "message": "Palavra-passe redefinida com sucesso!"
   },
   "resetPasswordEnrollmentWarning": {
     "message": "Enrollment will allow organization administrators to change your master password"
@@ -4586,28 +4586,28 @@
     "message": "Members in the organization will need to self-enroll or be auto-enrolled before administrators can reset their master password."
   },
   "resetPasswordPolicyAutoEnroll": {
-    "message": "Inscrição Automática"
+    "message": "Inscrição automática"
   },
   "resetPasswordPolicyAutoEnrollDescription": {
-    "message": "Todos os utilizadores serão inscritos automaticamente na redefinição de senha assim que o convite for aceito e não será possível anular."
+    "message": "Todos os membros serão automaticamente inscritos na redefinição da palavra-passe assim que o seu convite for aceite e não poderão desistir."
   },
   "resetPasswordPolicyAutoEnrollWarning": {
     "message": "Members already in the organization will not be retroactively enrolled in password reset. They will need to self-enroll before administrators can reset their master password."
   },
   "resetPasswordPolicyAutoEnrollCheckbox": {
-    "message": "Exigir que novos utilizadore sejam inscritos automaticamente"
+    "message": "Exigir que os novos membros sejam inscritos automaticamente"
   },
   "resetPasswordAutoEnrollInviteWarning": {
     "message": "This organization has an Enterprise policy that will automatically enroll you in password reset. Enrollment will allow organization administrators to change your master password."
   },
   "resetPasswordOrgKeysError": {
-    "message": "Resposta das chaves da organização é nula"
+    "message": "A resposta das chaves de organização é nula"
   },
   "resetPasswordDetailsError": {
-    "message": "Redefinir senha de resposta é nula"
+    "message": "A resposta aos detalhes da redefinição da palavra-passe é nula"
   },
   "trashCleanupWarning": {
-    "message": "Os registos que tenham sido enviados para a Lixeira, por mais que %d dias serão automaticamente excluídos."
+    "message": "Os itens que estiverem no lixo há mais de 30 dias serão automaticamente eliminados."
   },
   "trashCleanupWarningSelfHosted": {
     "message": "Items that have been in trash for a while will be automatically deleted."
@@ -4634,19 +4634,19 @@
     "message": "Are you sure you want to remove the following users? The process may take a few seconds to complete and cannot be interrupted or canceled."
   },
   "removeOrgUsersConfirmation": {
-    "message": "Quando o(s) membro(s) são removidos, já não têm acesso aos dados da organização e esta ação é irreversível. Para adicionar o membro de volta à organização, ele deve ser convidado e integrado novamente. O processo pode demorar alguns segundos para ser concluído e não pode ser interrompido ou cancelado."
+    "message": "Quando o(s) membro(s) é(são) removido(s), deixa(m) de ter acesso aos dados da organização e esta ação é irreversível. Para adicionar o membro de volta à organização, o mesmo deve ser convidado e integrado novamente. O processo pode demorar alguns segundos a ser concluído e não pode ser interrompido ou cancelado."
   },
   "revokeUsersWarning": {
-    "message": "Quando o(s) membro(s) são revogados, já não têm acesso aos dados da organização. Para restaurar rapidamente o acesso ao membro vá para a aba Revogada. O processo pode demorar alguns segundos para ser concluído e não pode ser interrompido ou cancelado."
+    "message": "Quando o(s) membro(s) é(são) revogado(s), deixa(m) de ter acesso aos dados da organização. Para restaurar rapidamente o acesso do membro, vá para o separador Revogado. O processo pode demorar alguns segundos a ser concluído e não pode ser interrompido ou cancelado."
   },
   "theme": {
     "message": "Tema"
   },
   "themeDesc": {
-    "message": "Escolha um tema para o seu cofre web."
+    "message": "Escolha um tema para o seu cofre Web."
   },
   "themeSystem": {
-    "message": "Usar o tema do sistema"
+    "message": "Utilizar o tema do sistema"
   },
   "themeDark": {
     "message": "Escuro"
@@ -4655,28 +4655,28 @@
     "message": "Claro"
   },
   "confirmSelected": {
-    "message": "Confirmar Seleção"
+    "message": "Confirmar selecionado"
   },
   "bulkConfirmStatus": {
-    "message": "Estado da ação em massa"
+    "message": "Estado das ações em massa"
   },
   "bulkConfirmMessage": {
-    "message": "Confirmado com sucesso."
+    "message": "Confirmado com sucesso"
   },
   "bulkReinviteMessage": {
-    "message": "Convidados com sucesso."
+    "message": "Convidado novamente com sucesso"
   },
   "bulkRemovedMessage": {
     "message": "Removido com sucesso"
   },
   "bulkRevokedMessage": {
-    "message": "Acesso de organização revogado com sucesso"
+    "message": "Acesso à organização revogado com sucesso"
   },
   "bulkRestoredMessage": {
     "message": "Acesso à organização restaurado com sucesso"
   },
   "bulkFilteredMessage": {
-    "message": "Excluído, não aplicável para esta ação."
+    "message": "Excluído, não aplicável a esta ação"
   },
   "fingerprint": {
     "message": "Impressão digital"
@@ -4685,10 +4685,10 @@
     "message": "Remover utilizadores"
   },
   "revokeUsers": {
-    "message": "Revogar Utilizadores"
+    "message": "Revogar utilizadores"
   },
   "restoreUsers": {
-    "message": "Restaurar Utilizadores"
+    "message": "Restaurar utilizadores"
   },
   "error": {
     "message": "Erro"
@@ -4706,10 +4706,10 @@
     "message": "Please enter the details below to complete the Provider setup. Contact Customer Support if you have any questions."
   },
   "providerName": {
-    "message": "Nome do Provedor"
+    "message": "Nome do fornecedor"
   },
   "providerSetup": {
-    "message": "O provedor foi configurado."
+    "message": "Fornecedor configurado com sucesso"
   },
   "clients": {
     "message": "Clientes"
@@ -4719,13 +4719,13 @@
     "description": "This is used as a table header to describe which client application created an event log."
   },
   "providerAdmin": {
-    "message": "Administração de fornecedor"
+    "message": "Administrador do fornecedor"
   },
   "providerAdminDesc": {
     "message": "The highest access user that can manage all aspects of your Provider as well as access and manage client organizations."
   },
   "serviceUser": {
-    "message": "Utilizador do Serviço"
+    "message": "Utilizador do serviço"
   },
   "serviceUserDesc": {
     "message": "Service users can access and manage all client organizations."
@@ -4740,7 +4740,7 @@
     "message": "You've been invited to join the Provider listed above. To accept the invitation, you need to log in or create a new Bitwarden account."
   },
   "providerInviteAcceptFailed": {
-    "message": "Unable to accept invitation. Ask a Provider admin to send a new invitation."
+    "message": "Não foi possível aceitar o convite. Peça a um administrador do fornecedor para enviar um novo convite."
   },
   "providerInviteAcceptedDesc": {
     "message": "You can access this Provider once an administrator confirms your membership. We'll send you an email when that happens."
@@ -4761,10 +4761,10 @@
     "message": "Add existing organization"
   },
   "myProvider": {
-    "message": "My Provider"
+    "message": "O meu fornecedor"
   },
   "addOrganizationConfirmation": {
-    "message": "Are you sure you want to add $ORGANIZATION$ as a client to $PROVIDER$?",
+    "message": "Tem a certeza de que pretende adicionar $ORGANIZATION$ como cliente a $PROVIDER$?",
     "placeholders": {
       "organization": {
         "content": "$1",
@@ -4777,10 +4777,10 @@
     }
   },
   "organizationJoinedProvider": {
-    "message": "Organization was successfully added to the Provider"
+    "message": "A organização foi adicionada com sucesso ao fornecedor"
   },
   "accessingUsingProvider": {
-    "message": "Accessing organization using Provider $PROVIDER$",
+    "message": "Aceder à organização utilizando o fornecedor $PROVIDER$",
     "placeholders": {
       "provider": {
         "content": "$1",
@@ -4789,10 +4789,10 @@
     }
   },
   "providerIsDisabled": {
-    "message": "Provider suspended"
+    "message": "Fornecedor suspenso"
   },
   "providerUpdated": {
-    "message": "Provider saved"
+    "message": "Fornecedor atualizado"
   },
   "yourProviderIs": {
     "message": "Your Provider is $PROVIDER$. They have administrative and billing privileges for your organization.",
@@ -4834,16 +4834,16 @@
     "message": "A sua palavra-passe mestra não cumpre uma ou mais políticas da sua organização. Para aceder ao cofre, tem de atualizar a sua palavra-passe mestra agora. Ao prosseguir, terminará a sua sessão atual e terá de iniciar sessão novamente. As sessões ativas noutros dispositivos poderão continuar ativas até uma hora."
   },
   "maximumVaultTimeout": {
-    "message": "Expiração do cofre"
+    "message": "Tempo limite do cofre"
   },
   "maximumVaultTimeoutDesc": {
-    "message": "Set a maximum vault timeout for members."
+    "message": "Definir um tempo limite máximo do cofre para os membros."
   },
   "maximumVaultTimeoutLabel": {
-    "message": "Maximum vault timeout"
+    "message": "Tempo limite máximo do cofre"
   },
   "invalidMaximumVaultTimeout": {
-    "message": "Invalid maximum vault timeout."
+    "message": "Tempo limite máximo do cofre inválido."
   },
   "hours": {
     "message": "Horas"
@@ -4852,7 +4852,7 @@
     "message": "Minutos"
   },
   "vaultTimeoutPolicyInEffect": {
-    "message": "Your organization policies have set your maximum allowed vault timeout to $HOURS$ hour(s) and $MINUTES$ minute(s).",
+    "message": "As políticas da sua organização definiram o tempo limite máximo permitido do cofre de $HOURS$ hora(s) e $MINUTES$ minuto(s).",
     "placeholders": {
       "hours": {
         "content": "$1",
@@ -4865,7 +4865,7 @@
     }
   },
   "vaultTimeoutPolicyWithActionInEffect": {
-    "message": "Your organization policies are affecting your vault timeout. Maximum allowed vault timeout is $HOURS$ hour(s) and $MINUTES$ minute(s). Your vault timeout action is set to $ACTION$.",
+    "message": "As políticas da sua organização estão a afetar o tempo limite do cofre. O tempo limite máximo permitido do cofre é de $HOURS$ hora(s) e $MINUTES$ minuto(s). A sua ação de tempo limite do cofre está definida para $ACTION$.",
     "placeholders": {
       "hours": {
         "content": "$1",
@@ -4882,7 +4882,7 @@
     }
   },
   "vaultTimeoutActionPolicyInEffect": {
-    "message": "Your organization policies have set your vault timeout action to $ACTION$.",
+    "message": "As políticas da sua organização definiram a ação de tempo limite do cofre para $ACTION$.",
     "placeholders": {
       "action": {
         "content": "$1",
@@ -4891,16 +4891,16 @@
     }
   },
   "customVaultTimeout": {
-    "message": "Tempo limite do Cofre Personalizado"
+    "message": "Tempo limite do cofre personalizado"
   },
   "vaultTimeoutToLarge": {
-    "message": "Your vault timeout exceeds the restriction set by your organization."
+    "message": "O tempo limite do seu cofre excede as restrições definidas pela sua organização."
   },
   "vaultCustomTimeoutMinimum": {
-    "message": "Tempo limite mínimo personalizado é 1 minuto."
+    "message": "O tempo limite mínimo personalizado é de 1 minuto."
   },
   "vaultTimeoutRangeError": {
-    "message": "Tempo limite do cofre não está dentro do intervalo permitido."
+    "message": "O tempo limite do cofre não está dentro do intervalo permitido."
   },
   "disablePersonalVaultExport": {
     "message": "Remove individual vault export"
@@ -4927,22 +4927,22 @@
     "message": "Saber mais sobre o preenchimento automático"
   },
   "selectType": {
-    "message": "Selecionar tipo de SSO"
+    "message": "Selecionar o tipo de SSO"
   },
   "type": {
     "message": "Tipo"
   },
   "openIdConnectConfig": {
-    "message": "Configuração OpenID Connect"
+    "message": "Configuração do OpenID Connect"
   },
   "samlSpConfig": {
-    "message": "Configuração do fornecedor de Serviço SAML"
+    "message": "Configuração do fornecedor de serviços SAML"
   },
   "samlIdpConfig": {
-    "message": "Configuração do fornecedor de Identidade SAML"
+    "message": "Configuração do fornecedor de identidade SAML"
   },
   "callbackPath": {
-    "message": "Caminho de retorno"
+    "message": "Caminho da chamada de retorno"
   },
   "signedOutCallbackPath": {
     "message": "Signed out callback path"
@@ -5017,10 +5017,10 @@
     "message": "Binding type"
   },
   "idpSingleSignOnServiceUrl": {
-    "message": "URL de login único de serviço"
+    "message": "URL do serviço de início de sessão único"
   },
   "idpSingleLogoutServiceUrl": {
-    "message": "URL de login único de serviço"
+    "message": "URL do serviço de saída de sessão única"
   },
   "idpX509PublicCert": {
     "message": "X509 public certificate"
@@ -5146,7 +5146,7 @@
     "message": "Sponsorship created"
   },
   "emailSent": {
-    "message": "Email enviado"
+    "message": "E-mail enviado"
   },
   "revokeSponsorshipConfirmation": {
     "message": "After removing this account, the Families plan sponsorship will expire at the end of the billing period. You will not be able to redeem a new sponsorship offer until the existing one expires. Are you sure you want to continue?"
@@ -5179,10 +5179,10 @@
     "message": "Verification code is required."
   },
   "invalidVerificationCode": {
-    "message": "Invalid verification code"
+    "message": "Código de verificação inválido"
   },
   "convertOrganizationEncryptionDesc": {
-    "message": "$ORGANIZATION$ is using SSO with a self-hosted key server. A master password is no longer required to log in for members of this organization.",
+    "message": "A $ORGANIZATION$ está a utilizar o SSO com um servidor de chaves auto-hospedado. Já não é necessária uma palavra-passe mestra para iniciar sessão para os membros desta organização.",
     "placeholders": {
       "organization": {
         "content": "$1",
@@ -5191,16 +5191,16 @@
     }
   },
   "leaveOrganization": {
-    "message": "Leave organization"
+    "message": "Deixar a organização"
   },
   "removeMasterPassword": {
-    "message": "Remove master password"
+    "message": "Remover palavra-passe mestra"
   },
   "removedMasterPassword": {
-    "message": "Master password removed"
+    "message": "Palavra-passe mestra removida"
   },
   "allowSso": {
-    "message": "Allow SSO authentication"
+    "message": "Permitir autenticação SSO"
   },
   "allowSsoDesc": {
     "message": "Once set up, your configuration will be saved and members will be able to authenticate using their Identity Provider credentials."
@@ -5248,19 +5248,19 @@
     "message": "SSO turned on"
   },
   "enabledKeyConnector": {
-    "message": "Key Connector activated"
+    "message": "Key Connector ativado"
   },
   "disabledKeyConnector": {
-    "message": "Key Connector deactivated"
+    "message": "Key Connector desativado"
   },
   "keyConnectorWarning": {
-    "message": "Once members begin using Key Connector, your organization cannot revert to master password decryption. Proceed only if you are comfortable deploying and managing a key server."
+    "message": "Assim que os membros começarem a utilizar o Key Connector, a sua organização não pode reverter para a desencriptação da palavra-passe mestra. Avance apenas se se sentir confortável a implementar e gerir um servidor de chaves."
   },
   "migratedKeyConnector": {
-    "message": "Migrated to Key Connector"
+    "message": "Migrado para o Key Connector"
   },
   "paymentSponsored": {
-    "message": "Please provide a payment method to associate with the organization. Don't worry, we won't charge you anything unless you select additional features or your sponsorship expires. "
+    "message": "Por favor, forneça um método de pagamento para associar à organização. Não se preocupe, não lhe cobraremos nada, exceto se selecionar funcionalidades adicionais ou se o seu patrocínio expirar. "
   },
   "orgCreatedSponsorshipInvalid": {
     "message": "The sponsorship offer has expired. You may delete the organization you created to avoid a charge at the end of your 7 day trial. Otherwise you may close this prompt to keep the organization and assume billing responsibility."
@@ -5278,10 +5278,10 @@
     "message": "Test"
   },
   "keyConnectorTestSuccess": {
-    "message": "Success! Key Connector reached."
+    "message": "Sucesso! Key Connector acedido."
   },
   "keyConnectorTestFail": {
-    "message": "Cannot reach Key Connector. Check URL."
+    "message": "Não é possível aceder ao Key Connector. Verifice o URL."
   },
   "sponsorshipTokenHasExpired": {
     "message": "The sponsorship offer has expired."
@@ -5308,7 +5308,7 @@
     "message": "Set up billing sync"
   },
   "generateToken": {
-    "message": "Generate token"
+    "message": "Gerar token"
   },
   "rotateToken": {
     "message": "Rotate token"
@@ -5389,7 +5389,7 @@
     }
   },
   "idpSingleSignOnServiceUrlRequired": {
-    "message": "Necessário se o ID da Entidade não for um URL."
+    "message": "Necessário se o ID da entidade não for um URL."
   },
   "openIdOptionalCustomizations": {
     "message": "Personalizações opcionais"
@@ -5431,16 +5431,16 @@
     "message": "Access denied. You do not have permission to view this page."
   },
   "masterPassword": {
-    "message": "Master password"
+    "message": "Palavra-passe mestra"
   },
   "security": {
-    "message": "Security"
+    "message": "Segurança"
   },
   "keys": {
-    "message": "Keys"
+    "message": "Chaves"
   },
   "billingHistory": {
-    "message": "Billing history"
+    "message": "Histórico de faturação"
   },
   "backToReports": {
     "message": "Back to reports"
@@ -5449,11 +5449,11 @@
     "message": "Organization picker"
   },
   "currentOrganization": {
-    "message": "Current organization",
+    "message": "Organização atual",
     "description": "This is used by screen readers to indicate the organization that is currently being shown to the user."
   },
   "accountLoggedInAsName": {
-    "message": "Account: Logged in as $NAME$",
+    "message": "Conta: Sessão iniciada como $NAME$",
     "placeholders": {
       "name": {
         "content": "$1",
@@ -5462,16 +5462,16 @@
     }
   },
   "accountSettings": {
-    "message": "Account settings"
+    "message": "Definições da conta"
   },
   "generator": {
-    "message": "Generator"
+    "message": "Gerador"
   },
   "whatWouldYouLikeToGenerate": {
     "message": "O que é que gostaria de gerar?"
   },
   "passwordType": {
-    "message": "Password type"
+    "message": "Tipo de palavra-passe"
   },
   "regenerateUsername": {
     "message": "Regenerar nome de utilizador"
@@ -5496,17 +5496,17 @@
     "message": "Use your domain's configured catch-all inbox."
   },
   "random": {
-    "message": "Random",
+    "message": "Aleatório",
     "description": "Generates domain-based username using random letters"
   },
   "randomWord": {
-    "message": "Random word"
+    "message": "Palavra aleatória"
   },
   "service": {
     "message": "Service"
   },
   "unknownCipher": {
-    "message": "Item desconhecido, poderá precisar de iniciar sessão com outra conta para aceder a este item."
+    "message": "Item desconhecido, poderá ser necessário pedir autorização para aceder a este item."
   },
   "cannotSponsorSelf": {
     "message": "You cannot redeem for the active account. Enter a different email."
@@ -5565,7 +5565,7 @@
     "message": "Generate an email alias with an external forwarding service."
   },
   "hostname": {
-    "message": "Hostname",
+    "message": "Nome de domínio",
     "description": "Part of a URL."
   },
   "apiAccessToken": {
@@ -5578,7 +5578,7 @@
     "message": "Ativar a verificação do dispositivo"
   },
   "deviceVerificationDesc": {
-    "message": "Quando ativada, são enviados códigos de verificação para o seu endereço de e-mail ao iniciar sessão a partir de um dispositivo não reconhecido"
+    "message": "Os códigos de verificação são enviados para o seu endereço de e-mail quando iniciar sessão a partir de um dispositivo desconhecido"
   },
   "updatedDeviceVerification": {
     "message": "Verificação do dispositivo atualizada"
@@ -5596,45 +5596,45 @@
     "message": "É necessária uma subscrição Premium"
   },
   "scim": {
-    "message": "Provisionamento de SCIM",
+    "message": "Aprovisionamento SCIM",
     "description": "The text, 'SCIM', is an acronymn and should not be translated."
   },
   "scimDescription": {
-    "message": "Proporcionar automaticamente utilizadores e grupos com seu fornecedor de identidade preferido via provisionamento de SCIM",
+    "message": "Aprovisione automaticamente utilizadores e grupos com o seu fornecedor de identidade preferido através do aprovisionamento SCIM",
     "description": "the text, 'SCIM', is an acronymn and should not be translated."
   },
   "scimEnabledCheckboxDesc": {
-    "message": "Habilitar SCIM",
+    "message": "Ativar SCIM",
     "description": "the text, 'SCIM', is an acronymn and should not be translated."
   },
   "scimEnabledCheckboxDescHelpText": {
-    "message": "Configure seu fornecedor de identidade preferido, configurando a URL e a chave de API SCIM",
+    "message": "Defina o seu fornecedor de identidade preferido, configurando o URL e a chave da API SCIM",
     "description": "the text, 'SCIM', is an acronymn and should not be translated."
   },
   "scimApiKeyHelperText": {
-    "message": "Esta chave de API tem acesso para gerir os utilizadores da sua organização. Deve ser mantido em segredo."
+    "message": "Esta chave de API tem acesso para gerir utilizadores na sua organização. Deve ser mantida em segredo."
   },
   "copyScimKey": {
-    "message": "Copie a chave API do SCIM para a área de transferência",
+    "message": "Copiar a chave da API SCIM para a área de transferência",
     "description": "the text, 'SCIM' and 'API', are acronymns and should not be translated."
   },
   "rotateScimKey": {
-    "message": "Gerar nova chave API SCIM",
+    "message": "Gerar a chave da API SCIM",
     "description": "the text, 'SCIM' and 'API', are acronymns and should not be translated."
   },
   "rotateScimKeyWarning": {
-    "message": "Tem a certeza de que quer rodar a chave SCIM API? A chave atual já não funcionará para quaisquer integrações existentes.",
+    "message": "Tem a certeza de que pretende alterar a chave da API SCIM? A chave atual deixará de funcionar para quaisquer integrações existentes.",
     "description": "the text, 'SCIM' and 'API', are acronymns and should not be translated."
   },
   "rotateKey": {
-    "message": "Gerar nova chave"
+    "message": "Gerar chave"
   },
   "scimApiKey": {
-    "message": "Chave API do SCIM",
+    "message": "Chave da API SCIM",
     "description": "the text, 'SCIM' and 'API', are acronymns and should not be translated."
   },
   "copyScimUrl": {
-    "message": "Copie o URL do ponto de extremidade SCIM para a área de transferência",
+    "message": "Copiar o URL do endpoint SCIM para a área de transferência",
     "description": "the text, 'SCIM' and 'URL', are acronymns and should not be translated."
   },
   "scimUrl": {
@@ -5642,21 +5642,21 @@
     "description": "the text, 'SCIM' and 'URL', are acronymns and should not be translated."
   },
   "scimApiKeyRotated": {
-    "message": "A nova chave de API SCIM foi gerada com sucesso",
+    "message": "Chave API SCIM gerada com sucesso",
     "description": "the text, 'SCIM' and 'API', are acronymns and should not be translated."
   },
   "scimSettingsSaved": {
-    "message": "Configurações de SCIM salvas com sucesso",
+    "message": "Definições SCIM guardadas",
     "description": "the text, 'SCIM', is an acronymn and should not be translated."
   },
   "inputRequired": {
     "message": "Campo necessário."
   },
   "inputEmail": {
-    "message": "A entrada não é um endereço de e-mail."
+    "message": "O campo não é um endereço de e-mail."
   },
   "inputMinLength": {
-    "message": "A entrada deve ter pelo menos $COUNT$ caracteres.",
+    "message": "O campo deve ter pelo menos $COUNT$ caracteres.",
     "placeholders": {
       "count": {
         "content": "$1",
@@ -5665,7 +5665,7 @@
     }
   },
   "inputMaxLength": {
-    "message": "A entrada não pode exceder os $COUNT$ caracteres de comprimento.",
+    "message": "O campo não pode exceder os $COUNT$ caracteres de comprimento.",
     "placeholders": {
       "count": {
         "content": "$1",
@@ -5701,10 +5701,10 @@
     }
   },
   "multipleInputEmails": {
-    "message": "1 or more emails are invalid"
+    "message": "1 ou mais e-mails são inválidos"
   },
   "tooManyEmails": {
-    "message": "You can only submit up to $COUNT$ emails at a time",
+    "message": "Só pode submeter um máximo de $COUNT$ e-mails de cada vez",
     "placeholders": {
       "count": {
         "content": "$1",
@@ -5713,7 +5713,7 @@
     }
   },
   "fieldsNeedAttention": {
-    "message": "$COUNT$ campos(s) acima precisam da sua atenção.",
+    "message": "$COUNT$ campo(s) acima precisa(m) da sua atenção.",
     "placeholders": {
       "count": {
         "content": "$1",
@@ -5722,7 +5722,7 @@
     }
   },
   "turnOn": {
-    "message": "Ativar"
+    "message": "Ligar"
   },
   "on": {
     "message": "Ligado"
@@ -5731,7 +5731,7 @@
     "message": "Membros"
   },
   "reporting": {
-    "message": "A relatar"
+    "message": "Relatórios"
   },
   "numberOfUsers": {
     "message": "Número de utilizadores"
@@ -5743,46 +5743,46 @@
     "message": "Utilizador incorreto?"
   },
   "pickAnAvatarColor": {
-    "message": "Pick an avatar color"
+    "message": "Escolha uma cor para o avatar"
   },
   "customizeAvatar": {
-    "message": "Customize avatar"
+    "message": "Personalizar avatar"
   },
   "avatarUpdated": {
-    "message": "Avatar updated"
+    "message": "Avatar atualizado"
   },
   "brightBlue": {
-    "message": "Bright Blue"
+    "message": "Azul claro"
   },
   "green": {
-    "message": "Green"
+    "message": "Verde"
   },
   "orange": {
-    "message": "Orange"
+    "message": "Laranja"
   },
   "lavender": {
-    "message": "Lavender"
+    "message": "Lavanda"
   },
   "yellow": {
-    "message": "Yellow"
+    "message": "Amarelo"
   },
   "indigo": {
-    "message": "Indigo"
+    "message": "Índigo"
   },
   "teal": {
-    "message": "Teal"
+    "message": "Verde-azulado"
   },
   "salmon": {
-    "message": "Salmon"
+    "message": "Salmão"
   },
   "pink": {
-    "message": "Pink"
+    "message": "Rosa"
   },
   "customColor": {
-    "message": "Custom Color"
+    "message": "Cor personalizada"
   },
   "selectPlaceholder": {
-    "message": "-- Select --"
+    "message": "-- Selecionar --"
   },
   "multiSelectPlaceholder": {
     "message": "-- Escreva para filtrar --"
@@ -5797,7 +5797,7 @@
     "message": "Limpar tudo"
   },
   "toggleCharacterCount": {
-    "message": "Toggle character count",
+    "message": "Mostrar/ocultar contagem de caracteres",
     "description": "'Character count' describes a feature that displays a number next to each character of the password."
   },
   "passwordCharacterCount": {
@@ -5808,113 +5808,113 @@
     "message": "Ocultar"
   },
   "projects": {
-    "message": "Projects",
+    "message": "Projetos",
     "description": "Description for the Projects field."
   },
   "lastEdited": {
-    "message": "Last edited",
+    "message": "Última edição",
     "description": "The label for the date and time when a item was last edited."
   },
   "editSecret": {
-    "message": "Edit secret",
+    "message": "Editar segredo",
     "description": "Action to modify an existing secret."
   },
   "addSecret": {
-    "message": "Add secret",
+    "message": "Adicionar segredo",
     "description": "Action to create a new secret."
   },
   "copySecretName": {
-    "message": "Copy secret name",
+    "message": "Copiar nome do segredo",
     "description": "Action to copy the name of a secret to the system's clipboard."
   },
   "copySecretValue": {
-    "message": "Copy secret value",
+    "message": "Copiar valor do segredo",
     "description": "Action to copy the value of a secret to the system's clipboard."
   },
   "deleteSecret": {
-    "message": "Delete secret",
+    "message": "Eliminar segredo",
     "description": "Action to delete a single secret from the system."
   },
   "deleteSecrets": {
-    "message": "Delete secrets",
+    "message": "Eliminar segredos",
     "description": "The action to delete multiple secrets from the system."
   },
   "hardDeleteSecret": {
-    "message": "Permanently delete secret"
+    "message": "Eliminar segredo permanentemente"
   },
   "hardDeleteSecrets": {
-    "message": "Permanently delete secrets"
+    "message": "Eliminar segredos permanentemente"
   },
   "secretProjectAssociationDescription": {
-    "message": "Select projects that the secret will be associated with. Only organization users with access to these projects will be able to see the secret.",
+    "message": "Selecione os projetos aos quais o segredo será associado. Apenas os utilizadores da organização com acesso a estes projetos poderão ver o segredo.",
     "description": "A prompt explaining how secrets can be associated with projects."
   },
   "selectProjects": {
-    "message": "Select projects",
+    "message": "Selecionar projetos",
     "description": "A label for a type-to-filter input field to choose projects."
   },
   "searchProjects": {
-    "message": "Search projects",
+    "message": "Procurar projetos",
     "description": "Label for the search bar used to search projects."
   },
   "project": {
-    "message": "Project",
+    "message": "Projeto",
     "description": "Similar to collections, projects can be used to group secrets."
   },
   "editProject": {
-    "message": "Edit project",
+    "message": "Editar projeto",
     "description": "The action to modify an existing project."
   },
   "viewProject": {
-    "message": "View project",
+    "message": "Ver projeto",
     "description": "The action to view details of a project."
   },
   "deleteProject": {
-    "message": "Delete project",
+    "message": "Eliminar projeto",
     "description": "The action to delete a project from the system."
   },
   "deleteProjects": {
-    "message": "Delete projects",
+    "message": "Eliminar projetos",
     "description": "The action to delete multiple projects from the system."
   },
   "secret": {
-    "message": "Secret",
+    "message": "Segredo",
     "description": "Label for a secret (key/value pair)"
   },
   "serviceAccount": {
-    "message": "Service account",
+    "message": "Conta de serviço",
     "description": "A machine user which can be used to automate processes and access secrets in the system."
   },
   "serviceAccounts": {
-    "message": "Service accounts",
+    "message": "Contas de serviço",
     "description": "The title for the section that deals with service accounts."
   },
   "secrets": {
-    "message": "Secrets",
+    "message": "Segredos",
     "description": "The title for the section of the application that deals with secrets."
   },
   "nameValuePair": {
-    "message": "Name/Value pair",
+    "message": "Par de Nome/Valor",
     "description": "Title for a name/ value pair. Secrets typically consist of a name and value pair."
   },
   "secretEdited": {
-    "message": "Secret edited",
+    "message": "Segredo editado",
     "description": "Notification for the successful editing of a secret."
   },
   "secretCreated": {
-    "message": "Secret created",
+    "message": "Segredo criado",
     "description": "Notification for the successful creation of a secret."
   },
   "newSecret": {
-    "message": "New secret",
+    "message": "Novo segredo",
     "description": "Title for creating a new secret."
   },
   "newServiceAccount": {
-    "message": "New service account",
+    "message": "Nova conta de serviço",
     "description": "Title for creating a new service account."
   },
   "secretsNoItemsTitle": {
-    "message": "No secrets to show",
+    "message": "Sem segredos para mostrar",
     "description": "Empty state to indicate that there are no secrets to display."
   },
   "secretsNoItemsMessage": {
@@ -5933,23 +5933,23 @@
     "description": "Title to indicate that there are no service accounts to display."
   },
   "searchSecrets": {
-    "message": "Search secrets",
+    "message": "Procurar segredos",
     "description": "Placeholder text for searching secrets."
   },
   "deleteServiceAccounts": {
-    "message": "Delete service accounts",
+    "message": "Eliminar contas de serviço",
     "description": "Title for the action to delete one or multiple service accounts."
   },
   "deleteServiceAccount": {
-    "message": "Delete service account",
+    "message": "Eliminar conta de serviço",
     "description": "Title for the action to delete a single service account."
   },
   "viewServiceAccount": {
-    "message": "View service account",
+    "message": "Ver conta de serviço",
     "description": "Action to view the details of a service account."
   },
   "deleteServiceAccountDialogMessage": {
-    "message": "Deleting service account $SERVICE_ACCOUNT$ is permanent and irreversible.",
+    "message": "A eliminação da conta de serviço $SERVICE_ACCOUNT$ é permanente e irreversível.",
     "placeholders": {
       "service_account": {
         "content": "$1",
@@ -5958,7 +5958,7 @@
     }
   },
   "deleteServiceAccountsDialogMessage": {
-    "message": "Deleting service accounts is permanent and irreversible."
+    "message": "A eliminação de contas de serviço é permanente e irreversível."
   },
   "deleteServiceAccountsConfirmMessage": {
     "message": "Delete $COUNT$ service accounts",
@@ -5980,88 +5980,88 @@
     "description": "Placeholder text for searching service accounts."
   },
   "editServiceAccount": {
-    "message": "Edit service account",
+    "message": "Editar conta de serviço",
     "description": "Title for editing a service account."
   },
   "addProject": {
-    "message": "Add project",
+    "message": "Adicionar projeto",
     "description": "Title for creating a new project."
   },
   "projectEdited": {
-    "message": "Project edited",
+    "message": "Projeto editado",
     "description": "Notification for the successful editing of a project."
   },
   "projectSaved": {
-    "message": "Project saved",
+    "message": "Projeto guardado",
     "description": "Notification for the successful saving of a project."
   },
   "projectCreated": {
-    "message": "Project created",
+    "message": "Projeto criado",
     "description": "Notification for the successful creation of a project."
   },
   "projectName": {
-    "message": "Project name",
+    "message": "Nome do projeto",
     "description": "Label for entering the name of a project."
   },
   "newProject": {
-    "message": "New project",
+    "message": "Novo projeto",
     "description": "Title for creating a new project."
   },
   "softDeleteSecretWarning": {
-    "message": "Deleting secrets can affect existing integrations.",
+    "message": "A eliminação de segredos pode afetar as integrações existentes.",
     "description": "Warns that deleting secrets can have consequences on integrations"
   },
   "softDeletesSuccessToast": {
-    "message": "Secrets sent to trash",
+    "message": "Segredos movidos para o lixo",
     "description": "Notifies that the selected secrets have been moved to the trash"
   },
   "hardDeleteSecretConfirmation": {
-    "message": "Are you sure you want to permanently delete this secret?"
+    "message": "Tem a certeza de que pretende eliminar permanentemente este segredo?"
   },
   "hardDeleteSecretsConfirmation": {
-    "message": "Are you sure you want to permanently delete these secrets?"
+    "message": "Tem a certeza de que pretende eliminar permanentemente estes segredos?"
   },
   "hardDeletesSuccessToast": {
-    "message": "Secrets permanently deleted"
+    "message": "Segredos eliminados permanentemente"
   },
   "smAccess": {
-    "message": "Access",
+    "message": "Acessos",
     "description": "Title indicating what permissions a service account has"
   },
   "projectCommaSecret": {
-    "message": "Project, Secret",
+    "message": "Projeto, Segredo",
     "description": ""
   },
   "serviceAccountName": {
-    "message": "Service account name",
+    "message": "Nome da conta de serviço",
     "description": "Label for the name of a service account"
   },
   "serviceAccountCreated": {
-    "message": "Service account created",
+    "message": "Conta de serviço criada",
     "description": "Notifies that a new service account has been created"
   },
   "serviceAccountUpdated": {
-    "message": "Service account updated",
+    "message": "Conta de serviço atualizada",
     "description": "Notifies that a service account has been updated"
   },
   "newSaSelectAccess": {
-    "message": "Type or select projects or secrets",
+    "message": "Escreva ou selecione projetos ou segredos",
     "description": "Instructions for selecting projects or secrets for a new service account"
   },
   "newSaTypeToFilter": {
-    "message": "Type to filter",
+    "message": "Escreva para filtrar",
     "description": "Instructions for filtering a list of projects or secrets"
   },
   "deleteProjectsToast": {
-    "message": "Projects deleted",
+    "message": "Projetos eliminados",
     "description": "Notifies that the selected projects have been deleted"
   },
   "deleteProjectToast": {
-    "message": "Project deleted",
+    "message": "Projeto eliminado",
     "description": "Notifies that a project has been deleted"
   },
   "deleteProjectDialogMessage": {
-    "message": "Deleting project $PROJECT$ is permanent and irreversible.",
+    "message": "A eliminação do projeto $PROJECT$ é permanente e irreversível.",
     "description": "Informs users that projects are hard deleted and not sent to trash",
     "placeholders": {
       "project": {
@@ -6101,7 +6101,7 @@
     }
   },
   "deleteProjectsDialogMessage": {
-    "message": "Deleting projects is permanent and irreversible.",
+    "message": "A eliminação de projetos é permanente e irreversível.",
     "description": "This message is displayed in a dialog box as a warning before proceeding with project deletion."
   },
   "projectsNoItemsTitle": {
@@ -6247,7 +6247,7 @@
     "message": "Select collections"
   },
   "role": {
-    "message": "Cargo"
+    "message": "Função"
   },
   "removeMember": {
     "message": "Remove member"
@@ -6331,7 +6331,7 @@
     "message": "Remove domain"
   },
   "removeDomainWarning": {
-    "message": "Removing a domain cannot be undone. Are you sure you want to continue?"
+    "message": "A remoção de um domínio não pode ser anulada. Tem a certeza de que pretende continuar?"
   },
   "domainRemoved": {
     "message": "Domain removed"
@@ -6451,7 +6451,7 @@
     "message": "Needs confirmation"
   },
   "memberRole": {
-    "message": "Member role"
+    "message": "Função do membro"
   },
   "moreFromBitwarden": {
     "message": "Mais do Bitwarden"
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "O utilizador atualizou uma palavra-passe emitida através da recuperação de conta."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Frase de impressão digital da sua organização",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Aprovações de dispositivos"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Aprove os pedidos de início de sessão abaixo para permitir que o membro requerente termine o início de sessão. Os pedidos não aprovados expiram após 1 semana. Verifique as informações do membro antes de aprovar."
+  },
+  "deviceInfo": {
+    "message": "Informações do dispositivo"
+  },
+  "time": {
+    "message": "Hora"
+  },
+  "denyAllRequests": {
+    "message": "Recusar todos os pedidos"
+  },
+  "denyRequest": {
+    "message": "Recusar pedido"
+  },
+  "approveRequest": {
+    "message": "Aprovar pedido"
+  },
+  "noDeviceRequests": {
+    "message": "Sem pedidos de dispositivos"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Os pedidos de aprovação de dispositivos dos membros aparecerão aqui"
+  },
+  "loginRequestDenied": {
+    "message": "Pedido de início de sessão recusado"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Todos os pedidos de início de sessão recusados"
+  },
+  "loginRequestApproved": {
+    "message": "Pedido de início de sessão aprovado"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "A conta não tem uma palavra-passe mestra"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Remover $USER$ sem lhe definir uma palavra-passe mestra pode restringir o acesso à sua conta completa. Tem a certeza de que pretende continuar?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Sem palavra-passe mestra"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Remover membros que não tenham palavras-passe mestras sem lhes definir uma pode restringir o acesso à sua conta completa."
   }
 }
diff --git a/apps/web/src/locales/ro/messages.json b/apps/web/src/locales/ro/messages.json
index 1da751ac93..2febda7157 100644
--- a/apps/web/src/locales/ro/messages.json
+++ b/apps/web/src/locales/ro/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/ru/messages.json b/apps/web/src/locales/ru/messages.json
index ca7cf0c6e8..f9dcdc13e8 100644
--- a/apps/web/src/locales/ru/messages.json
+++ b/apps/web/src/locales/ru/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Пользователь обновил пароль, выданный через восстановление аккаунта."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Фраза отпечатка вашей организации",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Одобрения устройств"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Для завершения авторизации участника одобрите запросы на вход ниже. Срок действия неутвержденных запросов истекает через 1 неделю. Проверьте информацию участника перед одобрением."
+  },
+  "deviceInfo": {
+    "message": "Сведения об устройстве"
+  },
+  "time": {
+    "message": "Время"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Отклонить запрос"
+  },
+  "approveRequest": {
+    "message": "Одобрить запрос"
+  },
+  "noDeviceRequests": {
+    "message": "Нет запросов устройств"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Здесь будут отображаться запросы на одобрение устройств участника"
+  },
+  "loginRequestDenied": {
+    "message": "Запрос на вход отклонен"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Все запросы на вход отклонены"
+  },
+  "loginRequestApproved": {
+    "message": "Запрос на вход одобрен"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Аккаунт не имеет мастер-пароля"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Удаление $USER$ без установки мастер-пароля может ограничить для него доступ к основному аккаунту. Вы уверены, что хотите продолжить?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Нет мастер-пароля"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Удаление участников у которых не установлен мастер-пароль может ограничить доступ к их основным аккаунтам."
   }
 }
diff --git a/apps/web/src/locales/si/messages.json b/apps/web/src/locales/si/messages.json
index 850022fd11..1e74c96b97 100644
--- a/apps/web/src/locales/si/messages.json
+++ b/apps/web/src/locales/si/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/sk/messages.json b/apps/web/src/locales/sk/messages.json
index 00721d3762..66795f920c 100644
--- a/apps/web/src/locales/sk/messages.json
+++ b/apps/web/src/locales/sk/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Použivateľ aktualizoval heslo ktoré bolo vydané pri obnove konta."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Fráza odtlačku vašej organizácie",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Povolenia zariadení"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Povoľte žiadosť o prihlásenie nižšie ak chcete povoliť členovi dokončiť prihlásenie. Nepovolené žiadosti expirujú po týždni čakania. Overte informácie o členovi pred povolením."
+  },
+  "deviceInfo": {
+    "message": "Informácie o zariadení"
+  },
+  "time": {
+    "message": "Čas"
+  },
+  "denyAllRequests": {
+    "message": "Zamietnuť všetky žiadosti"
+  },
+  "denyRequest": {
+    "message": "Zamietnuť žiadosť"
+  },
+  "approveRequest": {
+    "message": "Schváliť žiadosť"
+  },
+  "noDeviceRequests": {
+    "message": "Žiadne žiadosti pre zariadenia"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Žiadosti členov pre povolenie zariadení sa zobrazia tu"
+  },
+  "loginRequestDenied": {
+    "message": "Žiadosť o prihlásenie zamietnutá"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Všetky žiadosti o prihlásenie zamietnuté"
+  },
+  "loginRequestApproved": {
+    "message": "Žiadosť o prihlásenie schválená"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/sl/messages.json b/apps/web/src/locales/sl/messages.json
index fcae99eb92..6d37182ba7 100644
--- a/apps/web/src/locales/sl/messages.json
+++ b/apps/web/src/locales/sl/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/sr/messages.json b/apps/web/src/locales/sr/messages.json
index 5ed3c6b128..3eca9f2bf2 100644
--- a/apps/web/src/locales/sr/messages.json
+++ b/apps/web/src/locales/sr/messages.json
@@ -4493,13 +4493,13 @@
     "message": "Ваша помоћ за лозинку не може да буде иста као лозинка."
   },
   "enrollAccountRecovery": {
-    "message": "Enroll in account recovery"
+    "message": "Пријавите се за опоравак налога"
   },
   "enrolledAccountRecovery": {
-    "message": "Enrolled in account recovery"
+    "message": "Уписан/а у опоравак налога"
   },
   "withdrawAccountRecovery": {
-    "message": "Withdraw from account recovery"
+    "message": "Повуците са опоравка налога"
   },
   "enrollPasswordResetSuccess": {
     "message": "Успешно уписвање!"
@@ -4508,7 +4508,7 @@
     "message": "Успешно отписивање!"
   },
   "eventEnrollAccountRecovery": {
-    "message": "User $ID$ enrolled in account recovery.",
+    "message": "Корисник $ID$ уписан у опоравак налога.",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -4517,7 +4517,7 @@
     }
   },
   "eventWithdrawAccountRecovery": {
-    "message": "User $ID$ withdrew from account recovery.",
+    "message": "Корисник $ID$ исписан из опоравка налога.",
     "placeholders": {
       "id": {
         "content": "$1",
@@ -4577,10 +4577,10 @@
     "message": "Упис ће омогућити администраторима организације да промене вашу главну лозинку. Јесте ли сигурни да желите да се упишете?"
   },
   "accountRecoveryPolicy": {
-    "message": "Account recovery administration"
+    "message": "Администрација опоравка налога"
   },
   "accountRecoveryPolicyDescription": {
-    "message": "Recover member accounts when master password or trusted devices are forgotten or lost. The recovery processes is based on the account encryption method."
+    "message": "Опоравите налоге чланова када су главна лозинка или поуздани уређаји заборављени или изгубљени. Процеси опоравка су засновани на методи шифровања налога."
   },
   "resetPasswordPolicyWarning": {
     "message": "Корисници у организацији ће се морати само-уписати или се аутоматски уписати пре него што администратори могу да ресетују њихову главну лозинку."
@@ -6776,7 +6776,7 @@
     }
   },
   "inputTrimValidator": {
-    "message": "Input must not contain only whitespace.",
+    "message": "Унос не сме да садржи само размак.",
     "description": "Notification to inform the user that a form's input can't contain only whitespace."
   },
   "dismiss": {
@@ -6818,19 +6818,19 @@
     "message": "Шифровање поузданог уређаја"
   },
   "memberDecryptionTdeDescriptionStart": {
-    "message": "Once authenticated, members will decrypt vault data using a key stored on their device. The",
+    "message": "Када се аутентификују, чланови ће дешифровати податке из сефљ користећи кључ сачуван на њиховом уређају",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The account recovery administration policy with automatic enrollment will turn on when this option is used.'"
   },
   "memberDecryptionTdeDescriptionLink": {
-    "message": "account recovery administration policy",
+    "message": "политика администрације за опоравак налога",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The account recovery administration policy with automatic enrollment will turn on when this option is used.'"
   },
   "memberDecryptionTdeDescriptionEnd": {
-    "message": "with automatic enrollment will turn on when this option is used.",
+    "message": "са аутоматским уписом ће се укључити када се користи ова опција.",
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The master password reset policy with automatic enrollment will turn on when this option is used.'"
   },
   "notFound": {
-    "message": "$RESOURCE$ not found",
+    "message": "$RESOURCE$ није нађено/а",
     "placeholders": {
       "resource": {
         "content": "$1",
@@ -6839,9 +6839,67 @@
     }
   },
   "recoverAccount": {
-    "message": "Recover account"
+    "message": "Опоравак налога"
   },
   "updatedTempPassword": {
-    "message": "User updated a password issued through account recovery."
+    "message": "Корисник је ажурирао лозинку издату путем опоравка налога."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Ваша Сигурносна Фраза организације",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Одобрења уређаја"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Дозволите пријављивање чланова тако што ћете одобрити њихове захтеве за пријаву испод. Неодобрени захтеви истичу после 1 недељу. Проверите информације о члану пре него што одобрите."
+  },
+  "deviceInfo": {
+    "message": "Информације о уређају"
+  },
+  "time": {
+    "message": "Време"
+  },
+  "denyAllRequests": {
+    "message": "Одбиј све захтеве"
+  },
+  "denyRequest": {
+    "message": "Одбиј захтев"
+  },
+  "approveRequest": {
+    "message": "Одобри захтев"
+  },
+  "noDeviceRequests": {
+    "message": "Нема захтева уређаја"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Захтеви за одобрење уређаја чланова ће се појавити овде"
+  },
+  "loginRequestDenied": {
+    "message": "Захтев за пријаву је одбијен"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Сви захтеви за пријаву су одбијени"
+  },
+  "loginRequestApproved": {
+    "message": "Захтев за пријаву је одобрен"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Налог нема главну лозинку"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Уклањање $USER$ без постављања главне лозинке за њих може ограничити приступ њиховом пуном налогу. Да ли сте сигурни да желите да наставите?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Без главне лозинке"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Уклањање чланова који немају главну лозинку без постављања једне за њих може ограничити приступ њиховом пуном налогу."
   }
 }
diff --git a/apps/web/src/locales/sr_CS/messages.json b/apps/web/src/locales/sr_CS/messages.json
index b55d9d59a8..751e7e0095 100644
--- a/apps/web/src/locales/sr_CS/messages.json
+++ b/apps/web/src/locales/sr_CS/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/sv/messages.json b/apps/web/src/locales/sv/messages.json
index fadf4585a5..00ade7d339 100644
--- a/apps/web/src/locales/sv/messages.json
+++ b/apps/web/src/locales/sv/messages.json
@@ -6641,7 +6641,7 @@
     "message": "Resolve the errors below and try again."
   },
   "description": {
-    "message": "Description"
+    "message": "Beskrivning"
   },
   "errorReadingImportFile": {
     "message": "An error occurred when trying to read the import file"
@@ -6679,7 +6679,7 @@
     "message": "Importera hemligheter"
   },
   "getStarted": {
-    "message": "Get started"
+    "message": "Kom igång"
   },
   "complete": {
     "message": "$COMPLETED$/$TOTAL$ Complete",
@@ -6719,7 +6719,7 @@
     "message": "Turn on organization access to the Secrets Manager at no charge during the Beta program. Users can be granted access to the Beta in Members."
   },
   "secretsManagerEnable": {
-    "message": "Enable Secrets Manager Beta"
+    "message": "Aktivera Secrets Manager Beta"
   },
   "saPeopleWarningTitle": {
     "message": "Åtkomsttoken fortfarande tillgängliga"
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Din organisations fingeravtrycksfras",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Tid"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/te/messages.json b/apps/web/src/locales/te/messages.json
index 7595e610b1..2d39dc77ba 100644
--- a/apps/web/src/locales/te/messages.json
+++ b/apps/web/src/locales/te/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/th/messages.json b/apps/web/src/locales/th/messages.json
index 4d2c52f734..fb8977f446 100644
--- a/apps/web/src/locales/th/messages.json
+++ b/apps/web/src/locales/th/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/tr/messages.json b/apps/web/src/locales/tr/messages.json
index 10ec65016a..897b6cc5bd 100644
--- a/apps/web/src/locales/tr/messages.json
+++ b/apps/web/src/locales/tr/messages.json
@@ -2760,7 +2760,7 @@
     }
   },
   "editItemWithName": {
-    "message": "Öğeyi düzenle - $NAME$",
+    "message": "Kaydı düzenle - $NAME$",
     "placeholders": {
       "name": {
         "content": "$1",
@@ -5032,7 +5032,7 @@
     "message": "İstenmeyen kimlik doğrulama yanıtına izin ver"
   },
   "idpAllowOutboundLogoutRequests": {
-    "message": "Çıkış isteklerine izin ver"
+    "message": "Allow outbound logout requests"
   },
   "idpSignAuthenticationRequests": {
     "message": "Kimlik doğrulama isteklerini imzala"
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Kullanıcı, hesap kurtarma yoluyla verilen bir parolayı güncelledi."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Kuruluşunuzun parmak izi ifadesi",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Cihaz onayları"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Aşağıdaki giriş isteklerini onaylayarak istekte bulunan üyelerin giriş yapmasına izin verebilirsiniz. Onaylanmayan isteklerin süresi 1 hafta sonra dolar. Onaylamadan önce üyenin bilgilerini kontrol edin."
+  },
+  "deviceInfo": {
+    "message": "Cihaz bilgileri"
+  },
+  "time": {
+    "message": "Tarih"
+  },
+  "denyAllRequests": {
+    "message": "Tüm istekleri reddet"
+  },
+  "denyRequest": {
+    "message": "İsteği reddet"
+  },
+  "approveRequest": {
+    "message": "İsteği onayla"
+  },
+  "noDeviceRequests": {
+    "message": "Cihaz isteği yok"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Üye cihaz onay istekleri burada görünecek"
+  },
+  "loginRequestDenied": {
+    "message": "Giriş isteği reddedildi"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Tüm giriş istekleri reddedildi"
+  },
+  "loginRequestApproved": {
+    "message": "Giriş isteği onaylandı"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Hesabın ana parolası yok"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Ana parola yok"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/uk/messages.json b/apps/web/src/locales/uk/messages.json
index ace0b4878d..2de4d959fb 100644
--- a/apps/web/src/locales/uk/messages.json
+++ b/apps/web/src/locales/uk/messages.json
@@ -6830,7 +6830,7 @@
     "description": "This will be used as part of a larger sentence, broken up to include links. The full sentence will read 'Once authenticated, members will decrypt vault data using a key stored on their device. The master password reset policy with automatic enrollment will turn on when this option is used.'"
   },
   "notFound": {
-    "message": "$RESOURCE$ not found",
+    "message": "$RESOURCE$ не знайдено",
     "placeholders": {
       "resource": {
         "content": "$1",
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "Користувач оновив пароль під час відновлення облікового запису."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Фраза відбитка вашої організації",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Затвердження з пристрою"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Щоб дозволити учасникам завершити вхід, схваліть наведені нижче запити входу. Термін дії несхвалених запитів спливає через тиждень. Перш ніж схвалювати, перевірте інформацію про учасника."
+  },
+  "deviceInfo": {
+    "message": "Інформація про пристрій"
+  },
+  "time": {
+    "message": "Час"
+  },
+  "denyAllRequests": {
+    "message": "Відхилити всі запити"
+  },
+  "denyRequest": {
+    "message": "Відхилити запит"
+  },
+  "approveRequest": {
+    "message": "Схвалити запит"
+  },
+  "noDeviceRequests": {
+    "message": "Немає запитів з пристрою"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Тут з'являтимуться запити на схвалення з пристроїв учасників"
+  },
+  "loginRequestDenied": {
+    "message": "Запит на вхід відхилено"
+  },
+  "allLoginRequestsDenied": {
+    "message": "Усі запити на вхід відхилено"
+  },
+  "loginRequestApproved": {
+    "message": "Запит на вхід схвалено"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Обліковий запис не має головного пароля"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Вилучення $USER$ без встановлення головного пароля може призвести до обмеження доступу до його облікового запису. Ви дійсно хочете продовжити?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "Немає головного пароля"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Вилучення учасників, які не мають головного пароля, попередньо не встановивши його для них, може призвести до обмеження доступу до їхніх облікових записів."
   }
 }
diff --git a/apps/web/src/locales/vi/messages.json b/apps/web/src/locales/vi/messages.json
index 7812b80ca9..7b403cd070 100644
--- a/apps/web/src/locales/vi/messages.json
+++ b/apps/web/src/locales/vi/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }
diff --git a/apps/web/src/locales/zh_CN/messages.json b/apps/web/src/locales/zh_CN/messages.json
index e0983a1cda..82d4a393b7 100644
--- a/apps/web/src/locales/zh_CN/messages.json
+++ b/apps/web/src/locales/zh_CN/messages.json
@@ -2029,7 +2029,7 @@
     "message": "取消订阅"
   },
   "subscriptionExpiration": {
-    "message": "订阅过期"
+    "message": "订阅过期时间"
   },
   "subscriptionCanceled": {
     "message": "您的订阅已取消。"
@@ -3525,7 +3525,7 @@
     "message": "组织已停用"
   },
   "disabledOrganizationFilterError": {
-    "message": "无法访问已暂停组织中的项目。请联系您的组织所有者获取帮助。"
+    "message": "无法访问已停用组织中的项目。请联系您的组织所有者获取协助。"
   },
   "licenseIsExpired": {
     "message": "授权已过期"
@@ -6156,11 +6156,11 @@
     "description": "Message to be displayed before closing an access token, reminding the user to download or copy it."
   },
   "expiresOnAccessToken": {
-    "message": "有效期至：",
+    "message": "过期时间：",
     "description": "Label for the expiration date of an access token."
   },
   "accessTokenCallOutTitle": {
-    "message": "访问令牌未存储，无法获取",
+    "message": "访问令牌不会被存储并且以后无法获取",
     "description": "Notification to inform the user that access tokens are only displayed once and cannot be retrieved again."
   },
   "copyToken": {
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "用户更新了通过账户恢复发布的密码。"
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "您组织的指纹短语",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "设备批准"
+  },
+  "deviceApprovalsDesc": {
+    "message": "在下面批准登录请求以允许请求的成员完成登录。未批准的请求将在 1 周后过期。请在批准前验证成员的信息。"
+  },
+  "deviceInfo": {
+    "message": "设备信息"
+  },
+  "time": {
+    "message": "时间"
+  },
+  "denyAllRequests": {
+    "message": "拒绝所有请求"
+  },
+  "denyRequest": {
+    "message": "拒绝请求"
+  },
+  "approveRequest": {
+    "message": "批准请求"
+  },
+  "noDeviceRequests": {
+    "message": "没有设备请求"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "成员的设备批准请求将显示在这里"
+  },
+  "loginRequestDenied": {
+    "message": "登录请求被拒绝"
+  },
+  "allLoginRequestsDenied": {
+    "message": "所有登录请求被拒绝"
+  },
+  "loginRequestApproved": {
+    "message": "登录请求已批准"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "账户没有主密码"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "移除没有为其设置主密码的 $USER$ 可能会限制对他们的完整账户的的访问权限。 您确定要继续吗？",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "无主密码"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "移除没有为其设置主密码的成员可能会限制对他们的完整账户的的访问权限。"
   }
 }
diff --git a/apps/web/src/locales/zh_TW/messages.json b/apps/web/src/locales/zh_TW/messages.json
index 00831af414..386ee9c34e 100644
--- a/apps/web/src/locales/zh_TW/messages.json
+++ b/apps/web/src/locales/zh_TW/messages.json
@@ -6843,5 +6843,63 @@
   },
   "updatedTempPassword": {
     "message": "User updated a password issued through account recovery."
+  },
+  "yourOrganizationsFingerprint": {
+    "message": "Your organization's fingerprint phrase",
+    "description": "A 'fingerprint phrase' is a unique word phrase (similar to a passphrase) that a user can use to authenticate their organization's public key with another user, for the purposes of sharing."
+  },
+  "deviceApprovals": {
+    "message": "Device approvals"
+  },
+  "deviceApprovalsDesc": {
+    "message": "Approve login requests below to allow the requesting member to finish logging in. Unapproved requests expire after 1 week. Verify the member’s information before approving."
+  },
+  "deviceInfo": {
+    "message": "Device info"
+  },
+  "time": {
+    "message": "Time"
+  },
+  "denyAllRequests": {
+    "message": "Deny all requests"
+  },
+  "denyRequest": {
+    "message": "Deny request"
+  },
+  "approveRequest": {
+    "message": "Approve request"
+  },
+  "noDeviceRequests": {
+    "message": "No device requests"
+  },
+  "noDeviceRequestsDesc": {
+    "message": "Member device approval requests will appear here"
+  },
+  "loginRequestDenied": {
+    "message": "Login request denied"
+  },
+  "allLoginRequestsDenied": {
+    "message": "All login requests denied"
+  },
+  "loginRequestApproved": {
+    "message": "Login request approved"
+  },
+  "removeOrgUserNoMasterPasswordTitle": {
+    "message": "Account does not have master password"
+  },
+  "removeOrgUserNoMasterPasswordDesc": {
+    "message": "Removing $USER$ without setting a master password for them may restrict access to their full account. Are you sure you want to continue?",
+    "placeholders": {
+      "user": {
+        "content": "$1",
+        "example": "John Smith"
+      }
+    }
+  },
+  "noMasterPassword": {
+    "message": "No master password"
+  },
+  "removeMembersWithoutMasterPasswordWarning": {
+    "message": "Removing members who do not have master passwords without setting one for them may restrict access to their full account."
   }
 }

From d4f292108f6deb3c3293ecd8050f9ab0e4f87fd2 Mon Sep 17 00:00:00 2001
From: cturnbull-bitwarden
 <133619638+cturnbull-bitwarden@users.noreply.github.com>
Date: Tue, 20 Jun 2023 08:10:04 -0400
Subject: [PATCH 13/13] [PM-146] Web: Upgrade flows for free 2 person orgs
 (#5564)

* Added a validator when adding users to a free org

* Updated based on PR feedback

Removed parameters passing in the org to member-dialog.
Removed i18n service from validator

* Moved i18n responsibility back to the validator

Also added jsdoc comments

* Updated validator to be an injectable class

* Added back in jsdocs

* Moved the validator initialization to ngOnInit

* Updated validator to take error message a a param
---
 .../member-dialog/member-dialog.component.ts  |  18 ++-
 ...ee-org-inv-limit-reached.validator.spec.ts | 106 ++++++++++++++++++
 .../free-org-inv-limit-reached.validator.ts   |  36 ++++++
 .../organizations/members/people.component.ts |   1 +
 4 files changed, 160 insertions(+), 1 deletion(-)
 create mode 100644 apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.spec.ts
 create mode 100644 apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.ts

diff --git a/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
index 91d0fc97e6..f449b7f206 100644
--- a/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.ts
@@ -35,6 +35,7 @@ import {
 } from "../../../shared/components/access-selector";
 
 import { commaSeparatedEmails } from "./validators/comma-separated-emails.validator";
+import { freeOrgSeatLimitReachedValidator } from "./validators/free-org-inv-limit-reached.validator";
 
 export enum MemberDialogTab {
   Role = 0,
@@ -46,6 +47,7 @@ export interface MemberDialogParams {
   name: string;
   organizationId: string;
   organizationUserId: string;
+  allOrganizationUserEmails: string[];
   usesKeyConnector: boolean;
   initialTab?: MemberDialogTab;
 }
@@ -79,7 +81,7 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
   protected groupAccessItems: AccessItemView[] = [];
   protected tabIndex: MemberDialogTab;
   protected formGroup = this.formBuilder.group({
-    emails: ["", [Validators.required, commaSeparatedEmails]],
+    emails: ["", { updateOn: "blur" }],
     type: OrganizationUserType.User,
     externalId: this.formBuilder.control({ value: "", disabled: true }),
     accessAllCollections: false,
@@ -167,6 +169,20 @@ export class MemberDialogComponent implements OnInit, OnDestroy {
         this.canUseCustomPermissions = organization.useCustomPermissions;
         this.canUseSecretsManager = organization.useSecretsManager && flagEnabled("secretsManager");
 
+        const emailsControlValidators = [
+          Validators.required,
+          commaSeparatedEmails,
+          freeOrgSeatLimitReachedValidator(
+            this.organization,
+            this.params.allOrganizationUserEmails,
+            this.i18nService.t("subscriptionFreePlan", organization.seats)
+          ),
+        ];
+
+        const emailsControl = this.formGroup.get("emails");
+        emailsControl.setValidators(emailsControlValidators);
+        emailsControl.updateValueAndValidity();
+
         this.collectionAccessItems = [].concat(
           collections.map((c) => mapCollectionToAccessItemView(c))
         );
diff --git a/apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.spec.ts b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.spec.ts
new file mode 100644
index 0000000000..5c17a128ac
--- /dev/null
+++ b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.spec.ts
@@ -0,0 +1,106 @@
+import { AbstractControl, FormControl, ValidationErrors } from "@angular/forms";
+
+import { OrganizationUserType } from "@bitwarden/common/admin-console/enums";
+import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
+import { ProductType } from "@bitwarden/common/enums";
+
+import { freeOrgSeatLimitReachedValidator } from "./free-org-inv-limit-reached.validator";
+
+const orgFactory = (props: Partial<Organization> = {}) =>
+  Object.assign(
+    new Organization(),
+    {
+      id: "myOrgId",
+      enabled: true,
+      type: OrganizationUserType.Admin,
+    },
+    props
+  );
+
+describe("freeOrgSeatLimitReachedValidator", () => {
+  let organization: Organization;
+  let allOrganizationUserEmails: string[];
+  let validatorFn: (control: AbstractControl) => ValidationErrors | null;
+
+  beforeEach(() => {
+    allOrganizationUserEmails = ["user1@example.com"];
+  });
+
+  it("should return null when control value is empty", () => {
+    validatorFn = freeOrgSeatLimitReachedValidator(
+      organization,
+      allOrganizationUserEmails,
+      "You cannot invite more than 2 members without upgrading your plan."
+    );
+    const control = new FormControl("");
+
+    const result = validatorFn(control);
+
+    expect(result).toBeNull();
+  });
+
+  it("should return null when control value is null", () => {
+    validatorFn = freeOrgSeatLimitReachedValidator(
+      organization,
+      allOrganizationUserEmails,
+      "You cannot invite more than 2 members without upgrading your plan."
+    );
+    const control = new FormControl(null);
+
+    const result = validatorFn(control);
+
+    expect(result).toBeNull();
+  });
+
+  it("should return null when max seats are not exceeded on free plan", () => {
+    organization = orgFactory({
+      planProductType: ProductType.Free,
+      seats: 2,
+    });
+    validatorFn = freeOrgSeatLimitReachedValidator(
+      organization,
+      allOrganizationUserEmails,
+      "You cannot invite more than 2 members without upgrading your plan."
+    );
+    const control = new FormControl("user2@example.com");
+
+    const result = validatorFn(control);
+
+    expect(result).toBeNull();
+  });
+
+  it("should return validation error when max seats are exceeded on free plan", () => {
+    organization = orgFactory({
+      planProductType: ProductType.Free,
+      seats: 2,
+    });
+    const errorMessage = "You cannot invite more than 2 members without upgrading your plan.";
+    validatorFn = freeOrgSeatLimitReachedValidator(
+      organization,
+      allOrganizationUserEmails,
+      "You cannot invite more than 2 members without upgrading your plan."
+    );
+    const control = new FormControl("user2@example.com,user3@example.com");
+
+    const result = validatorFn(control);
+
+    expect(result).toStrictEqual({ freePlanLimitReached: { message: errorMessage } });
+  });
+
+  it("should return null when not on free plan", () => {
+    const control = new FormControl("user2@example.com,user3@example.com");
+    organization = orgFactory({
+      planProductType: ProductType.Enterprise,
+      seats: 100,
+    });
+    validatorFn = freeOrgSeatLimitReachedValidator(
+      organization,
+      allOrganizationUserEmails,
+      "You cannot invite more than 2 members without upgrading your plan."
+    );
+
+    const result = validatorFn(control);
+
+    expect(result).toBeNull();
+  });
+});
diff --git a/apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.ts b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.ts
new file mode 100644
index 0000000000..6d5c45a64d
--- /dev/null
+++ b/apps/web/src/app/admin-console/organizations/members/components/member-dialog/validators/free-org-inv-limit-reached.validator.ts
@@ -0,0 +1,36 @@
+import { AbstractControl, ValidationErrors, ValidatorFn } from "@angular/forms";
+
+import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
+import { ProductType } from "@bitwarden/common/enums";
+
+/**
+ * Checks if the limit of free organization seats has been reached when adding new users
+ * @param organization An object representing the organization
+ * @param allOrganizationUserEmails An array of strings with existing user email addresses
+ * @param errorMessage A localized string to display if validation fails
+ * @returns A function that validates an `AbstractControl` and returns `ValidationErrors` or `null`
+ */
+export function freeOrgSeatLimitReachedValidator(
+  organization: Organization,
+  allOrganizationUserEmails: string[],
+  errorMessage: string
+): ValidatorFn {
+  return (control: AbstractControl): ValidationErrors | null => {
+    if (control.value === "" || !control.value) {
+      return null;
+    }
+
+    const newEmailsToAdd = control.value
+      .split(",")
+      .filter(
+        (newEmailToAdd: string) =>
+          newEmailToAdd &&
+          !allOrganizationUserEmails.some((existingEmail) => existingEmail === newEmailToAdd)
+      );
+
+    return organization.planProductType === ProductType.Free &&
+      allOrganizationUserEmails.length + newEmailsToAdd.length > organization.seats
+      ? { freePlanLimitReached: { message: errorMessage } }
+      : null;
+  };
+}
diff --git a/apps/web/src/app/admin-console/organizations/members/people.component.ts b/apps/web/src/app/admin-console/organizations/members/people.component.ts
index 58a02274f8..e7d9bf6772 100644
--- a/apps/web/src/app/admin-console/organizations/members/people.component.ts
+++ b/apps/web/src/app/admin-console/organizations/members/people.component.ts
@@ -396,6 +396,7 @@ export class PeopleComponent
         name: this.userNamePipe.transform(user),
         organizationId: this.organization.id,
         organizationUserId: user != null ? user.id : null,
+        allOrganizationUserEmails: this.allUsers?.map((user) => user.email) ?? [],
         usesKeyConnector: user?.usesKeyConnector,
         initialTab: initialTab,
       },