diff --git a/apps/browser/src/_locales/en/messages.json b/apps/browser/src/_locales/en/messages.json
index 90cc4a5c338..dabd238e039 100644
--- a/apps/browser/src/_locales/en/messages.json
+++ b/apps/browser/src/_locales/en/messages.json
@@ -2473,6 +2473,9 @@
   "permanentlyDeletedItem": {
     "message": "Item permanently deleted"
   },
+  "archivedItemRestored": {
+    "message": "Archived item restored"
+  },
   "restoreItem": {
     "message": "Restore item"
   },
@@ -5670,6 +5673,9 @@
   "extraWide": {
     "message": "Extra wide"
   },
+  "narrow": {
+    "message": "Narrow"
+  },
   "sshKeyWrongPassword": {
     "message": "The password you entered is incorrect."
   },
diff --git a/apps/browser/src/autofill/fido2/content/messaging/messenger.ts b/apps/browser/src/autofill/fido2/content/messaging/messenger.ts
index 61ed7a8ed08..257f7e9efd5 100644
--- a/apps/browser/src/autofill/fido2/content/messaging/messenger.ts
+++ b/apps/browser/src/autofill/fido2/content/messaging/messenger.ts
@@ -1,3 +1,5 @@
+// FIXME: Update this file to be type safe and remove this and next line
+// @ts-strict-ignore
 import { Message, MessageTypes } from "./message";
 
 const SENDER = "bitwarden-webauthn";
@@ -23,7 +25,7 @@ type Handler = (
  * handling aborts and exceptions across separate execution contexts.
  */
 export class Messenger {
-  private messageEventListener: ((event: MessageEvent<MessageWithMetadata>) => void) | null = null;
+  private messageEventListener: (event: MessageEvent<MessageWithMetadata>) => void | null = null;
   private onDestroy = new EventTarget();
 
   /**
@@ -58,12 +60,6 @@ export class Messenger {
     this.broadcastChannel.addEventListener(this.messageEventListener);
   }
 
-  private stripMetadata({ SENDER, senderId, ...message }: MessageWithMetadata): Message {
-    void SENDER;
-    void senderId;
-    return message;
-  }
-
   /**
    * Sends a request to the content script and returns the response.
    * AbortController signals will be forwarded to the content script.
@@ -78,9 +74,7 @@ export class Messenger {
 
     try {
       const promise = new Promise<Message>((resolve) => {
-        localPort.onmessage = (event: MessageEvent<MessageWithMetadata>) => {
-          resolve(this.stripMetadata(event.data));
-        };
+        localPort.onmessage = (event: MessageEvent<MessageWithMetadata>) => resolve(event.data);
       });
 
       const abortListener = () =>
@@ -135,9 +129,7 @@ export class Messenger {
 
       try {
         const handlerResponse = await this.handler(message, abortController);
-        if (handlerResponse !== undefined) {
-          port.postMessage({ ...handlerResponse, SENDER });
-        }
+        port.postMessage({ ...handlerResponse, SENDER });
       } catch (error) {
         port.postMessage({
           SENDER,
diff --git a/apps/browser/src/autofill/services/collect-autofill-content.service.ts b/apps/browser/src/autofill/services/collect-autofill-content.service.ts
index 18eb8e2baf8..25fcb9038d8 100644
--- a/apps/browser/src/autofill/services/collect-autofill-content.service.ts
+++ b/apps/browser/src/autofill/services/collect-autofill-content.service.ts
@@ -1083,6 +1083,8 @@ export class CollectAutofillContentService implements CollectAutofillContentServ
           setTimeout(this.autofillOverlayContentService.refreshMenuLayerPosition, 100);
         }
       });
+
+      this.autofillOverlayContentService.refreshMenuLayerPosition();
     }
   };
 
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
index 746f5a1f8f7..c277b8d33f8 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
@@ -319,7 +319,10 @@ describe("PhishingDataService", () => {
 
       jest.spyOn(service as any, "_decompressString").mockResolvedValue("phish.com\nbadguy.net");
 
-      await service["_loadBlobToMemory"]();
+      // Trigger the load pipeline and allow async RxJS processing to complete
+      service["_loadBlobToMemory"]();
+      await flushPromises();
+
       const set = service["_webAddressesSet"] as Set<string>;
       expect(set).toBeDefined();
       expect(set.has("phish.com")).toBe(true);
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
index 85e91b06a6b..7d5f04cc276 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
@@ -3,11 +3,15 @@ import {
   EMPTY,
   first,
   firstValueFrom,
+  from,
+  of,
   share,
+  takeUntil,
   startWith,
   Subject,
   switchMap,
   tap,
+  map,
 } from "rxjs";
 
 import { devFlagEnabled, devFlagValue } from "@bitwarden/browser/platform/flags";
@@ -64,12 +68,20 @@ export const PHISHING_DOMAINS_BLOB_KEY = new KeyDefinition<string>(
 
 /** Coordinates fetching, caching, and patching of known phishing web addresses */
 export class PhishingDataService {
+  // While background scripts do not necessarily need destroying,
+  // processes in PhishingDataService are memory intensive.
+  // We are adding the destroy to guard against accidental leaks.
+  private _destroy$ = new Subject<void>();
+
   private _testWebAddresses = this.getTestWebAddresses().concat("phishing.testcategory.com"); // Included for QA to test in prod
   private _phishingMetaState = this.globalStateProvider.get(PHISHING_DOMAINS_META_KEY);
   private _phishingBlobState = this.globalStateProvider.get(PHISHING_DOMAINS_BLOB_KEY);
 
   // In-memory set loaded from blob for fast lookups without reading large storage repeatedly
   private _webAddressesSet: Set<string> | null = null;
+  // Loading variables for web addresses set
+  // Triggers a load for _webAddressesSet
+  private _loadTrigger$ = new Subject<void>();
 
   // How often are new web addresses added to the remote?
   readonly UPDATE_INTERVAL_DURATION = 24 * 60 * 60 * 1000; // 24 hours
@@ -81,6 +93,10 @@ export class PhishingDataService {
       this._phishingMetaState.state$.pipe(
         first(), // Only take the first value to avoid an infinite loop when updating the cache below
         tap((metaState) => {
+          // Initial loading of web addresses set if not already loaded
+          if (!this._webAddressesSet) {
+            this._loadBlobToMemory();
+          }
           // Perform any updates in the background if needed
           void this._backgroundUpdate(metaState);
         }),
@@ -90,6 +106,8 @@ export class PhishingDataService {
         }),
       ),
     ),
+    // Stop emitting when dispose() is called
+    takeUntil(this._destroy$),
     share(),
   );
 
@@ -109,7 +127,18 @@ export class PhishingDataService {
       ScheduledTaskNames.phishingDomainUpdate,
       this.UPDATE_INTERVAL_DURATION,
     );
-    void this._loadBlobToMemory();
+    this._setupLoadPipeline();
+  }
+
+  dispose(): void {
+    // Signal all pipelines to stop and unsubscribe stored subscriptions
+    this._destroy$.next();
+    this._destroy$.complete();
+
+    // Clear web addresses set from memory
+    if (this._webAddressesSet !== null) {
+      this._webAddressesSet = null;
+    }
   }
 
   /**
@@ -269,7 +298,7 @@ export class PhishingDataService {
         }
         if (next.blob) {
           await this._phishingBlobState.update(() => next!.blob!);
-          await this._loadBlobToMemory();
+          this._loadBlobToMemory();
         }
 
         // Performance logging
@@ -293,6 +322,47 @@ export class PhishingDataService {
     }
   }
 
+  // Sets up the load pipeline to load the blob into memory when triggered
+  private _setupLoadPipeline(): void {
+    this._loadTrigger$
+      .pipe(
+        switchMap(() =>
+          this._phishingBlobState.state$.pipe(
+            first(),
+            switchMap((blobBase64) => {
+              if (!blobBase64) {
+                return of(undefined);
+              }
+              // Note: _decompressString wraps a promise that cannot be aborted
+              // If performance improvements are needed, consider migrating to a cancellable approach
+              return from(this._decompressString(blobBase64)).pipe(
+                map((text) => {
+                  const lines = text.split(/\r?\n/);
+                  const newWebAddressesSet = new Set(lines);
+                  this._testWebAddresses.forEach((a) => newWebAddressesSet.add(a));
+                  this._webAddressesSet = new Set(newWebAddressesSet);
+                  this.logService.info(
+                    `[PhishingDataService] loaded ${this._webAddressesSet.size} addresses into memory from blob`,
+                  );
+                }),
+              );
+            }),
+            catchError((err: unknown) => {
+              this.logService.error("[PhishingDataService] Failed to load blob into memory", err);
+              return of(undefined);
+            }),
+          ),
+        ),
+        catchError((err: unknown) => {
+          this.logService.error("[PhishingDataService] Load pipeline failed", err);
+          return of(undefined);
+        }),
+        takeUntil(this._destroy$),
+        share(),
+      )
+      .subscribe();
+  }
+
   // [FIXME] Move compression helpers to a shared utils library
   // to separate from phishing data service.
   // ------------------------- Blob and Compression Handling -------------------------
@@ -337,29 +407,9 @@ export class PhishingDataService {
     }
   }
 
-  // Try to load compressed newline blob into an in-memory Set for fast lookups
-  private async _loadBlobToMemory(): Promise<void> {
-    this.logService.debug("[PhishingDataService] Loading data blob into memory...");
-    try {
-      const blobBase64 = await firstValueFrom(this._phishingBlobState.state$);
-      if (!blobBase64) {
-        return;
-      }
-
-      const text = await this._decompressString(blobBase64);
-      // Split and filter
-      const lines = text.split(/\r?\n/);
-      const newWebAddressesSet = new Set(lines);
-
-      // Add test addresses
-      this._testWebAddresses.forEach((a) => newWebAddressesSet.add(a));
-      this._webAddressesSet = new Set(newWebAddressesSet);
-      this.logService.info(
-        `[PhishingDataService] loaded ${this._webAddressesSet.size} addresses into memory from blob`,
-      );
-    } catch (err) {
-      this.logService.error("[PhishingDataService] Failed to load blob into memory", err);
-    }
+  // Trigger a load of the blob into memory
+  private _loadBlobToMemory(): void {
+    this._loadTrigger$.next();
   }
   private _uint8ToBase64Fallback(bytes: Uint8Array): string {
     const CHUNK_SIZE = 0x8000; // 32KB chunks
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
index d90e872eef8..815007e1d4c 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
@@ -137,6 +137,9 @@ export class PhishingDetectionService {
 
     this._didInit = true;
     return () => {
+      // Dispose phishing data service resources
+      phishingDataService.dispose();
+
       initSub.unsubscribe();
       this._didInit = false;
 
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-indexeddb.service.spec.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-indexeddb.service.spec.ts
new file mode 100644
index 00000000000..75bd634b1fc
--- /dev/null
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-indexeddb.service.spec.ts
@@ -0,0 +1,375 @@
+import { ReadableStream as NodeReadableStream } from "stream/web";
+
+import { mock, MockProxy } from "jest-mock-extended";
+
+import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
+
+import { PhishingIndexedDbService } from "./phishing-indexeddb.service";
+
+describe("PhishingIndexedDbService", () => {
+  let service: PhishingIndexedDbService;
+  let logService: MockProxy<LogService>;
+
+  // Mock IndexedDB storage (keyed by URL for row-per-URL storage)
+  let mockStore: Map<string, { url: string }>;
+  let mockObjectStore: any;
+  let mockTransaction: any;
+  let mockDb: any;
+  let mockOpenRequest: any;
+
+  beforeEach(() => {
+    logService = mock<LogService>();
+    mockStore = new Map();
+
+    // Mock IDBObjectStore
+    mockObjectStore = {
+      put: jest.fn().mockImplementation((record: { url: string }) => {
+        const request = {
+          error: null as DOMException | null,
+          result: undefined as undefined,
+          onsuccess: null as (() => void) | null,
+          onerror: null as (() => void) | null,
+        };
+        setTimeout(() => {
+          mockStore.set(record.url, record);
+          request.onsuccess?.();
+        }, 0);
+        return request;
+      }),
+      get: jest.fn().mockImplementation((key: string) => {
+        const request = {
+          error: null as DOMException | null,
+          result: mockStore.get(key),
+          onsuccess: null as (() => void) | null,
+          onerror: null as (() => void) | null,
+        };
+        setTimeout(() => {
+          request.result = mockStore.get(key);
+          request.onsuccess?.();
+        }, 0);
+        return request;
+      }),
+      clear: jest.fn().mockImplementation(() => {
+        const request = {
+          error: null as DOMException | null,
+          result: undefined as undefined,
+          onsuccess: null as (() => void) | null,
+          onerror: null as (() => void) | null,
+        };
+        setTimeout(() => {
+          mockStore.clear();
+          request.onsuccess?.();
+        }, 0);
+        return request;
+      }),
+      openCursor: jest.fn().mockImplementation(() => {
+        const entries = Array.from(mockStore.entries());
+        let index = 0;
+        const request = {
+          error: null as DOMException | null,
+          result: null as any,
+          onsuccess: null as ((e: any) => void) | null,
+          onerror: null as (() => void) | null,
+        };
+        const advanceCursor = () => {
+          if (index < entries.length) {
+            const [, value] = entries[index];
+            index++;
+            request.result = {
+              value,
+              continue: () => setTimeout(advanceCursor, 0),
+            };
+          } else {
+            request.result = null;
+          }
+          request.onsuccess?.({ target: request });
+        };
+        setTimeout(advanceCursor, 0);
+        return request;
+      }),
+    };
+
+    // Mock IDBTransaction
+    mockTransaction = {
+      objectStore: jest.fn().mockReturnValue(mockObjectStore),
+      oncomplete: null as (() => void) | null,
+      onerror: null as (() => void) | null,
+    };
+
+    // Trigger oncomplete after a tick
+    const originalObjectStore = mockTransaction.objectStore;
+    mockTransaction.objectStore = jest.fn().mockImplementation((...args: any[]) => {
+      setTimeout(() => mockTransaction.oncomplete?.(), 0);
+      return originalObjectStore(...args);
+    });
+
+    // Mock IDBDatabase
+    mockDb = {
+      transaction: jest.fn().mockReturnValue(mockTransaction),
+      close: jest.fn(),
+      objectStoreNames: {
+        contains: jest.fn().mockReturnValue(true),
+      },
+      createObjectStore: jest.fn(),
+    };
+
+    // Mock IDBOpenDBRequest
+    mockOpenRequest = {
+      error: null as DOMException | null,
+      result: mockDb,
+      onsuccess: null as (() => void) | null,
+      onerror: null as (() => void) | null,
+      onupgradeneeded: null as ((event: any) => void) | null,
+    };
+
+    // Mock indexedDB.open
+    const mockIndexedDB = {
+      open: jest.fn().mockImplementation(() => {
+        setTimeout(() => {
+          mockOpenRequest.onsuccess?.();
+        }, 0);
+        return mockOpenRequest;
+      }),
+    };
+
+    global.indexedDB = mockIndexedDB as any;
+
+    service = new PhishingIndexedDbService(logService);
+  });
+
+  afterEach(() => {
+    jest.clearAllMocks();
+    delete (global as any).indexedDB;
+  });
+
+  describe("saveUrls", () => {
+    it("stores URLs in IndexedDB and returns true", async () => {
+      const urls = ["https://phishing.com", "https://malware.net"];
+
+      const result = await service.saveUrls(urls);
+
+      expect(result).toBe(true);
+      expect(mockDb.transaction).toHaveBeenCalledWith("phishing-urls", "readwrite");
+      expect(mockObjectStore.clear).toHaveBeenCalled();
+      expect(mockObjectStore.put).toHaveBeenCalledTimes(2);
+      expect(mockDb.close).toHaveBeenCalled();
+    });
+
+    it("handles empty array", async () => {
+      const result = await service.saveUrls([]);
+
+      expect(result).toBe(true);
+      expect(mockObjectStore.clear).toHaveBeenCalled();
+    });
+
+    it("trims whitespace from URLs", async () => {
+      const urls = ["  https://example.com  ", "\nhttps://test.org\n"];
+
+      await service.saveUrls(urls);
+
+      expect(mockObjectStore.put).toHaveBeenCalledWith({ url: "https://example.com" });
+      expect(mockObjectStore.put).toHaveBeenCalledWith({ url: "https://test.org" });
+    });
+
+    it("skips empty lines", async () => {
+      const urls = ["https://example.com", "", "  ", "https://test.org"];
+
+      await service.saveUrls(urls);
+
+      expect(mockObjectStore.put).toHaveBeenCalledTimes(2);
+    });
+
+    it("handles duplicate URLs via upsert (keyPath deduplication)", async () => {
+      const urls = [
+        "https://example.com",
+        "https://example.com", // duplicate
+        "https://test.org",
+      ];
+
+      const result = await service.saveUrls(urls);
+
+      expect(result).toBe(true);
+      // put() is called 3 times, but mockStore (using Map with URL as key)
+      // only stores 2 unique entries - demonstrating upsert behavior
+      expect(mockObjectStore.put).toHaveBeenCalledTimes(3);
+      expect(mockStore.size).toBe(2);
+    });
+
+    it("logs error and returns false on failure", async () => {
+      const error = new Error("IndexedDB error");
+      mockOpenRequest.error = error;
+      (global.indexedDB.open as jest.Mock).mockImplementation(() => {
+        setTimeout(() => {
+          mockOpenRequest.onerror?.();
+        }, 0);
+        return mockOpenRequest;
+      });
+
+      const result = await service.saveUrls(["https://test.com"]);
+
+      expect(result).toBe(false);
+      expect(logService.error).toHaveBeenCalledWith(
+        "[PhishingIndexedDbService] Save failed",
+        expect.any(Error),
+      );
+    });
+  });
+
+  describe("hasUrl", () => {
+    it("returns true for existing URL", async () => {
+      mockStore.set("https://example.com", { url: "https://example.com" });
+
+      const result = await service.hasUrl("https://example.com");
+
+      expect(result).toBe(true);
+      expect(mockDb.transaction).toHaveBeenCalledWith("phishing-urls", "readonly");
+      expect(mockObjectStore.get).toHaveBeenCalledWith("https://example.com");
+    });
+
+    it("returns false for non-existing URL", async () => {
+      const result = await service.hasUrl("https://notfound.com");
+
+      expect(result).toBe(false);
+    });
+
+    it("returns false on error", async () => {
+      const error = new Error("IndexedDB error");
+      mockOpenRequest.error = error;
+      (global.indexedDB.open as jest.Mock).mockImplementation(() => {
+        setTimeout(() => {
+          mockOpenRequest.onerror?.();
+        }, 0);
+        return mockOpenRequest;
+      });
+
+      const result = await service.hasUrl("https://example.com");
+
+      expect(result).toBe(false);
+      expect(logService.error).toHaveBeenCalledWith(
+        "[PhishingIndexedDbService] Check failed",
+        expect.any(Error),
+      );
+    });
+  });
+
+  describe("loadAllUrls", () => {
+    it("loads all URLs using cursor", async () => {
+      mockStore.set("https://example.com", { url: "https://example.com" });
+      mockStore.set("https://test.org", { url: "https://test.org" });
+
+      const result = await service.loadAllUrls();
+
+      expect(result).toContain("https://example.com");
+      expect(result).toContain("https://test.org");
+      expect(result.length).toBe(2);
+    });
+
+    it("returns empty array when no data exists", async () => {
+      const result = await service.loadAllUrls();
+
+      expect(result).toEqual([]);
+    });
+
+    it("returns empty array on error", async () => {
+      const error = new Error("IndexedDB error");
+      mockOpenRequest.error = error;
+      (global.indexedDB.open as jest.Mock).mockImplementation(() => {
+        setTimeout(() => {
+          mockOpenRequest.onerror?.();
+        }, 0);
+        return mockOpenRequest;
+      });
+
+      const result = await service.loadAllUrls();
+
+      expect(result).toEqual([]);
+      expect(logService.error).toHaveBeenCalledWith(
+        "[PhishingIndexedDbService] Load failed",
+        expect.any(Error),
+      );
+    });
+  });
+
+  describe("saveUrlsFromStream", () => {
+    it("saves URLs from stream", async () => {
+      const content = "https://example.com\nhttps://test.org\nhttps://phishing.net";
+      const stream = new NodeReadableStream({
+        start(controller) {
+          controller.enqueue(new TextEncoder().encode(content));
+          controller.close();
+        },
+      }) as unknown as ReadableStream<Uint8Array>;
+
+      const result = await service.saveUrlsFromStream(stream);
+
+      expect(result).toBe(true);
+      expect(mockObjectStore.clear).toHaveBeenCalled();
+      expect(mockObjectStore.put).toHaveBeenCalledTimes(3);
+    });
+
+    it("handles chunked stream data", async () => {
+      const content = "https://url1.com\nhttps://url2.com";
+      const encoder = new TextEncoder();
+      const encoded = encoder.encode(content);
+
+      // Split into multiple small chunks
+      const stream = new NodeReadableStream({
+        start(controller) {
+          controller.enqueue(encoded.slice(0, 5));
+          controller.enqueue(encoded.slice(5, 10));
+          controller.enqueue(encoded.slice(10));
+          controller.close();
+        },
+      }) as unknown as ReadableStream<Uint8Array>;
+
+      const result = await service.saveUrlsFromStream(stream);
+
+      expect(result).toBe(true);
+      expect(mockObjectStore.put).toHaveBeenCalledTimes(2);
+    });
+
+    it("returns false on error", async () => {
+      const error = new Error("IndexedDB error");
+      mockOpenRequest.error = error;
+      (global.indexedDB.open as jest.Mock).mockImplementation(() => {
+        setTimeout(() => {
+          mockOpenRequest.onerror?.();
+        }, 0);
+        return mockOpenRequest;
+      });
+
+      const stream = new NodeReadableStream({
+        start(controller) {
+          controller.enqueue(new TextEncoder().encode("https://test.com"));
+          controller.close();
+        },
+      }) as unknown as ReadableStream<Uint8Array>;
+
+      const result = await service.saveUrlsFromStream(stream);
+
+      expect(result).toBe(false);
+      expect(logService.error).toHaveBeenCalledWith(
+        "[PhishingIndexedDbService] Stream save failed",
+        expect.any(Error),
+      );
+    });
+  });
+
+  describe("database initialization", () => {
+    it("creates object store with keyPath on upgrade", async () => {
+      mockDb.objectStoreNames.contains.mockReturnValue(false);
+
+      (global.indexedDB.open as jest.Mock).mockImplementation(() => {
+        setTimeout(() => {
+          mockOpenRequest.onupgradeneeded?.({ target: mockOpenRequest });
+          mockOpenRequest.onsuccess?.();
+        }, 0);
+        return mockOpenRequest;
+      });
+
+      await service.hasUrl("https://test.com");
+
+      expect(mockDb.createObjectStore).toHaveBeenCalledWith("phishing-urls", { keyPath: "url" });
+    });
+  });
+});
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-indexeddb.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-indexeddb.service.ts
new file mode 100644
index 00000000000..099839a38d9
--- /dev/null
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-indexeddb.service.ts
@@ -0,0 +1,241 @@
+import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
+
+/**
+ * Record type for phishing URL storage in IndexedDB.
+ */
+type PhishingUrlRecord = { url: string };
+
+/**
+ * IndexedDB storage service for phishing URLs.
+ * Stores URLs as individual rows.
+ */
+export class PhishingIndexedDbService {
+  private readonly DB_NAME = "bitwarden-phishing";
+  private readonly STORE_NAME = "phishing-urls";
+  private readonly DB_VERSION = 1;
+  private readonly CHUNK_SIZE = 50000;
+
+  constructor(private logService: LogService) {}
+
+  /**
+   * Opens the IndexedDB database, creating the object store if needed.
+   */
+  private openDatabase(): Promise<IDBDatabase> {
+    return new Promise((resolve, reject) => {
+      const req = indexedDB.open(this.DB_NAME, this.DB_VERSION);
+      req.onerror = () => reject(req.error);
+      req.onsuccess = () => resolve(req.result);
+      req.onupgradeneeded = (e) => {
+        const db = (e.target as IDBOpenDBRequest).result;
+        if (!db.objectStoreNames.contains(this.STORE_NAME)) {
+          db.createObjectStore(this.STORE_NAME, { keyPath: "url" });
+        }
+      };
+    });
+  }
+
+  /**
+   * Clears all records from the phishing URLs store.
+   */
+  private clearStore(db: IDBDatabase): Promise<void> {
+    return new Promise((resolve, reject) => {
+      const req = db.transaction(this.STORE_NAME, "readwrite").objectStore(this.STORE_NAME).clear();
+      req.onerror = () => reject(req.error);
+      req.onsuccess = () => resolve();
+    });
+  }
+
+  /**
+   * Saves an array of phishing URLs to IndexedDB.
+   * Atomically replaces all existing data.
+   *
+   * @param urls - Array of phishing URLs to save
+   * @returns `true` if save succeeded, `false` on error
+   */
+  async saveUrls(urls: string[]): Promise<boolean> {
+    let db: IDBDatabase | null = null;
+    try {
+      db = await this.openDatabase();
+      await this.clearStore(db);
+      await this.saveChunked(db, urls);
+      return true;
+    } catch (error) {
+      this.logService.error("[PhishingIndexedDbService] Save failed", error);
+      return false;
+    } finally {
+      db?.close();
+    }
+  }
+
+  /**
+   * Saves URLs in chunks to prevent transaction timeouts and UI freezes.
+   */
+  private async saveChunked(db: IDBDatabase, urls: string[]): Promise<void> {
+    const cleaned = urls.map((u) => u.trim()).filter(Boolean);
+    for (let i = 0; i < cleaned.length; i += this.CHUNK_SIZE) {
+      await this.saveChunk(db, cleaned.slice(i, i + this.CHUNK_SIZE));
+      await new Promise((r) => setTimeout(r, 0)); // Yield to event loop
+    }
+  }
+
+  /**
+   * Saves a single chunk of URLs in one transaction.
+   */
+  private saveChunk(db: IDBDatabase, urls: string[]): Promise<void> {
+    return new Promise((resolve, reject) => {
+      const tx = db.transaction(this.STORE_NAME, "readwrite");
+      const store = tx.objectStore(this.STORE_NAME);
+      for (const url of urls) {
+        store.put({ url } as PhishingUrlRecord);
+      }
+      tx.oncomplete = () => resolve();
+      tx.onerror = () => reject(tx.error);
+    });
+  }
+
+  /**
+   * Checks if a URL exists in the phishing database.
+   *
+   * @param url - The URL to check
+   * @returns `true` if URL exists, `false` if not found or on error
+   */
+  async hasUrl(url: string): Promise<boolean> {
+    let db: IDBDatabase | null = null;
+    try {
+      db = await this.openDatabase();
+      return await this.checkUrlExists(db, url);
+    } catch (error) {
+      this.logService.error("[PhishingIndexedDbService] Check failed", error);
+      return false;
+    } finally {
+      db?.close();
+    }
+  }
+
+  /**
+   * Performs the actual URL existence check using index lookup.
+   */
+  private checkUrlExists(db: IDBDatabase, url: string): Promise<boolean> {
+    return new Promise((resolve, reject) => {
+      const tx = db.transaction(this.STORE_NAME, "readonly");
+      const req = tx.objectStore(this.STORE_NAME).get(url);
+      req.onerror = () => reject(req.error);
+      req.onsuccess = () => resolve(req.result !== undefined);
+    });
+  }
+
+  /**
+   * Loads all phishing URLs from IndexedDB.
+   *
+   * @returns Array of all stored URLs, or empty array on error
+   */
+  async loadAllUrls(): Promise<string[]> {
+    let db: IDBDatabase | null = null;
+    try {
+      db = await this.openDatabase();
+      return await this.getAllUrls(db);
+    } catch (error) {
+      this.logService.error("[PhishingIndexedDbService] Load failed", error);
+      return [];
+    } finally {
+      db?.close();
+    }
+  }
+
+  /**
+   * Iterates all records using a cursor.
+   */
+  private getAllUrls(db: IDBDatabase): Promise<string[]> {
+    return new Promise((resolve, reject) => {
+      const urls: string[] = [];
+      const req = db
+        .transaction(this.STORE_NAME, "readonly")
+        .objectStore(this.STORE_NAME)
+        .openCursor();
+      req.onerror = () => reject(req.error);
+      req.onsuccess = (e) => {
+        const cursor = (e.target as IDBRequest<IDBCursorWithValue | null>).result;
+        if (cursor) {
+          urls.push((cursor.value as PhishingUrlRecord).url);
+          cursor.continue();
+        } else {
+          resolve(urls);
+        }
+      };
+    });
+  }
+
+  /**
+   * Saves phishing URLs directly from a stream.
+   * Processes data incrementally to minimize memory usage.
+   *
+   * @param stream - ReadableStream of newline-delimited URLs
+   * @returns `true` if save succeeded, `false` on error
+   */
+  async saveUrlsFromStream(stream: ReadableStream<Uint8Array>): Promise<boolean> {
+    let db: IDBDatabase | null = null;
+    try {
+      db = await this.openDatabase();
+      await this.clearStore(db);
+      await this.processStream(db, stream);
+      return true;
+    } catch (error) {
+      this.logService.error("[PhishingIndexedDbService] Stream save failed", error);
+      return false;
+    } finally {
+      db?.close();
+    }
+  }
+
+  /**
+   * Processes a stream of URL data, parsing lines and saving in chunks.
+   */
+  private async processStream(db: IDBDatabase, stream: ReadableStream<Uint8Array>): Promise<void> {
+    const reader = stream.getReader();
+    const decoder = new TextDecoder();
+    let buffer = "";
+    let urls: string[] = [];
+
+    try {
+      while (true) {
+        const { done, value } = await reader.read();
+
+        // Decode BEFORE done check; stream: !done flushes on final call
+        buffer += decoder.decode(value, { stream: !done });
+
+        if (done) {
+          // Split remaining buffer by newlines in case it contains multiple URLs
+          const lines = buffer.split("\n");
+          for (const line of lines) {
+            const trimmed = line.trim();
+            if (trimmed) {
+              urls.push(trimmed);
+            }
+          }
+          if (urls.length > 0) {
+            await this.saveChunk(db, urls);
+          }
+          break;
+        }
+
+        const lines = buffer.split("\n");
+        buffer = lines.pop() ?? "";
+
+        for (const line of lines) {
+          const trimmed = line.trim();
+          if (trimmed) {
+            urls.push(trimmed);
+          }
+
+          if (urls.length >= this.CHUNK_SIZE) {
+            await this.saveChunk(db, urls);
+            urls = [];
+            await new Promise((r) => setTimeout(r, 0));
+          }
+        }
+      }
+    } finally {
+      reader.releaseLock();
+    }
+  }
+}
diff --git a/apps/browser/src/platform/browser/browser-popup-utils.spec.ts b/apps/browser/src/platform/browser/browser-popup-utils.spec.ts
index 6e2175e3a79..cb04f30b589 100644
--- a/apps/browser/src/platform/browser/browser-popup-utils.spec.ts
+++ b/apps/browser/src/platform/browser/browser-popup-utils.spec.ts
@@ -1,7 +1,7 @@
 import { createChromeTabMock } from "../../autofill/spec/autofill-mocks";
 
 import { BrowserApi } from "./browser-api";
-import BrowserPopupUtils from "./browser-popup-utils";
+import BrowserPopupUtils, { PopupWidthOptions } from "./browser-popup-utils";
 
 describe("BrowserPopupUtils", () => {
   afterEach(() => {
@@ -152,7 +152,7 @@ describe("BrowserPopupUtils", () => {
         focused: false,
         alwaysOnTop: false,
         incognito: false,
-        width: 380,
+        width: PopupWidthOptions.default,
       });
       jest.spyOn(BrowserApi, "createWindow").mockImplementation();
       jest.spyOn(BrowserApi, "updateWindowProperties").mockImplementation();
@@ -168,7 +168,7 @@ describe("BrowserPopupUtils", () => {
       expect(BrowserApi.createWindow).toHaveBeenCalledWith({
         type: "popup",
         focused: true,
-        width: 380,
+        width: PopupWidthOptions.default,
         height: 630,
         left: 85,
         top: 190,
@@ -197,7 +197,7 @@ describe("BrowserPopupUtils", () => {
       expect(BrowserApi.createWindow).toHaveBeenCalledWith({
         type: "popup",
         focused: true,
-        width: 380,
+        width: PopupWidthOptions.default,
         height: 630,
         left: 85,
         top: 190,
@@ -214,7 +214,7 @@ describe("BrowserPopupUtils", () => {
       expect(BrowserApi.createWindow).toHaveBeenCalledWith({
         type: "popup",
         focused: true,
-        width: 380,
+        width: PopupWidthOptions.default,
         height: 630,
         left: 85,
         top: 190,
@@ -267,7 +267,7 @@ describe("BrowserPopupUtils", () => {
       expect(BrowserApi.createWindow).toHaveBeenCalledWith({
         type: "popup",
         focused: true,
-        width: 380,
+        width: PopupWidthOptions.default,
         height: 630,
         left: 85,
         top: 190,
@@ -290,7 +290,7 @@ describe("BrowserPopupUtils", () => {
         focused: false,
         alwaysOnTop: false,
         incognito: false,
-        width: 380,
+        width: PopupWidthOptions.default,
         state: "fullscreen",
       });
       jest
@@ -321,7 +321,7 @@ describe("BrowserPopupUtils", () => {
         focused: false,
         alwaysOnTop: false,
         incognito: false,
-        width: 380,
+        width: PopupWidthOptions.default,
         state: "fullscreen",
       });
 
diff --git a/apps/browser/src/platform/browser/browser-popup-utils.ts b/apps/browser/src/platform/browser/browser-popup-utils.ts
index 8343799d0eb..c8dba57e708 100644
--- a/apps/browser/src/platform/browser/browser-popup-utils.ts
+++ b/apps/browser/src/platform/browser/browser-popup-utils.ts
@@ -10,9 +10,9 @@ import { BrowserApi } from "./browser-api";
  * Value represents width in pixels
  */
 export const PopupWidthOptions = Object.freeze({
-  default: 380,
-  wide: 480,
-  "extra-wide": 600,
+  default: 480,
+  wide: 600,
+  narrow: 380,
 });
 
 type PopupWidthOptions = typeof PopupWidthOptions;
diff --git a/apps/browser/src/platform/popup/layout/popup-layout.stories.ts b/apps/browser/src/platform/popup/layout/popup-layout.stories.ts
index c6ffe1a6414..2e088b8161e 100644
--- a/apps/browser/src/platform/popup/layout/popup-layout.stories.ts
+++ b/apps/browser/src/platform/popup/layout/popup-layout.stories.ts
@@ -44,7 +44,7 @@ import { PopupTabNavigationComponent } from "./popup-tab-navigation.component";
 @Component({
   selector: "extension-container",
   template: `
-    <div class="tw-h-[640px] tw-w-[380px] tw-border tw-border-solid tw-border-secondary-300">
+    <div class="tw-h-[640px] tw-w-[480px] tw-border tw-border-solid tw-border-secondary-300">
       <ng-content></ng-content>
     </div>
   `,
@@ -678,7 +678,7 @@ export const WidthOptions: Story = {
     template: /* HTML */ `
       <div class="tw-flex tw-flex-col tw-gap-4 tw-text-main">
         <div>Default:</div>
-        <div class="tw-h-[640px] tw-w-[380px] tw-border tw-border-solid tw-border-secondary-300">
+        <div class="tw-h-[640px] tw-w-[480px] tw-border tw-border-solid tw-border-secondary-300">
           <mock-vault-page></mock-vault-page>
         </div>
         <div>Wide:</div>
diff --git a/apps/browser/src/platform/popup/layout/popup-page.component.html b/apps/browser/src/platform/popup/layout/popup-page.component.html
index 828d9947373..bb24fb800aa 100644
--- a/apps/browser/src/platform/popup/layout/popup-page.component.html
+++ b/apps/browser/src/platform/popup/layout/popup-page.component.html
@@ -25,7 +25,6 @@
   <div
     class="tw-size-full tw-styled-scrollbar"
     data-testid="popup-layout-scroll-region"
-    (scroll)="handleScroll($event)"
     [ngClass]="{
       '!tw-overflow-hidden': hideOverflow(),
       'tw-overflow-y-auto': !hideOverflow(),
diff --git a/apps/browser/src/platform/popup/layout/popup-page.component.ts b/apps/browser/src/platform/popup/layout/popup-page.component.ts
index 4eed322bdbd..7d4b7decb7f 100644
--- a/apps/browser/src/platform/popup/layout/popup-page.component.ts
+++ b/apps/browser/src/platform/popup/layout/popup-page.component.ts
@@ -3,13 +3,17 @@ import {
   booleanAttribute,
   ChangeDetectionStrategy,
   Component,
+  DestroyRef,
+  ElementRef,
   inject,
   input,
   signal,
 } from "@angular/core";
+import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
+import { filter, switchMap, fromEvent, startWith, map } from "rxjs";
 
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
-import { ScrollLayoutHostDirective } from "@bitwarden/components";
+import { ScrollLayoutHostDirective, ScrollLayoutService } from "@bitwarden/components";
 
 @Component({
   selector: "popup-page",
@@ -22,6 +26,8 @@ import { ScrollLayoutHostDirective } from "@bitwarden/components";
 })
 export class PopupPageComponent {
   protected i18nService = inject(I18nService);
+  private scrollLayout = inject(ScrollLayoutService);
+  private destroyRef = inject(DestroyRef);
 
   readonly loading = input<boolean>(false);
 
@@ -33,10 +39,21 @@ export class PopupPageComponent {
   protected readonly scrolled = signal(false);
   isScrolled = this.scrolled.asReadonly();
 
+  constructor() {
+    this.scrollLayout.scrollableRef$
+      .pipe(
+        filter((ref): ref is ElementRef<HTMLElement> => ref != null),
+        switchMap((ref) =>
+          fromEvent(ref.nativeElement, "scroll").pipe(
+            startWith(null),
+            map(() => ref.nativeElement.scrollTop !== 0),
+          ),
+        ),
+        takeUntilDestroyed(this.destroyRef),
+      )
+      .subscribe((isScrolled) => this.scrolled.set(isScrolled));
+  }
+
   /** Accessible loading label for the spinner. Defaults to "loading" */
   readonly loadingText = input<string | undefined>(this.i18nService.t("loading"));
-
-  handleScroll(event: Event) {
-    this.scrolled.set((event.currentTarget as HTMLElement).scrollTop !== 0);
-  }
 }
diff --git a/apps/browser/src/platform/popup/layout/popup-size.service.ts b/apps/browser/src/platform/popup/layout/popup-size.service.ts
index 0e4aacb9a97..ff3f09d0d01 100644
--- a/apps/browser/src/platform/popup/layout/popup-size.service.ts
+++ b/apps/browser/src/platform/popup/layout/popup-size.service.ts
@@ -83,7 +83,7 @@ export class PopupSizeService {
     }
     const pxWidth = PopupWidthOptions[width] ?? PopupWidthOptions.default;
 
-    document.body.style.minWidth = `${pxWidth}px`;
+    document.body.style.width = `${pxWidth}px`;
   }
 
   /**
diff --git a/apps/browser/src/popup/components/extension-anon-layout-wrapper/extension-anon-layout-wrapper.stories.ts b/apps/browser/src/popup/components/extension-anon-layout-wrapper/extension-anon-layout-wrapper.stories.ts
index 8fdae06e28a..66c9f655b05 100644
--- a/apps/browser/src/popup/components/extension-anon-layout-wrapper/extension-anon-layout-wrapper.stories.ts
+++ b/apps/browser/src/popup/components/extension-anon-layout-wrapper/extension-anon-layout-wrapper.stories.ts
@@ -10,6 +10,7 @@ import {
 import { of } from "rxjs";
 
 import { LockIcon, RegistrationCheckEmailIcon } from "@bitwarden/assets/svg";
+import { PopupWidthOptions } from "@bitwarden/browser/platform/browser/browser-popup-utils";
 import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { AuthService } from "@bitwarden/common/auth/abstractions/auth.service";
 import { AvatarService } from "@bitwarden/common/auth/abstractions/avatar.service";
@@ -243,7 +244,12 @@ export const DefaultContentExample: Story = {
   }),
   parameters: {
     chromatic: {
-      viewports: [380, 1280],
+      viewports: [
+        PopupWidthOptions.default,
+        PopupWidthOptions.narrow,
+        PopupWidthOptions.wide,
+        1280,
+      ],
     },
   },
 };
diff --git a/apps/browser/src/popup/scss/tailwind.css b/apps/browser/src/popup/scss/tailwind.css
index f58950cc86a..0ef7b82bfed 100644
--- a/apps/browser/src/popup/scss/tailwind.css
+++ b/apps/browser/src/popup/scss/tailwind.css
@@ -60,7 +60,7 @@
   }
 
   body {
-    width: 380px;
+    width: 480px;
     height: 100%;
     position: relative;
     min-height: inherit;
@@ -84,9 +84,9 @@
     animation: redraw 1s linear infinite;
   }
 
-  /** 
+  /**
    * Text selection style:
-   * suppress user selection for most elements (to make it more app-like) 
+   * suppress user selection for most elements (to make it more app-like)
    */
   h1,
   h2,
@@ -165,7 +165,7 @@
     @apply tw-text-muted;
   }
 
-  /** 
+  /**
    * Text selection style:
    * Set explicit selection styles (assumes primary accent color has sufficient
    * contrast against the background, so its inversion is also still readable)
diff --git a/apps/browser/src/popup/services/services.module.ts b/apps/browser/src/popup/services/services.module.ts
index 06a021085ea..7b207f0fac1 100644
--- a/apps/browser/src/popup/services/services.module.ts
+++ b/apps/browser/src/popup/services/services.module.ts
@@ -27,8 +27,12 @@ import {
   WINDOW,
 } from "@bitwarden/angular/services/injection-tokens";
 import { JslibServicesModule } from "@bitwarden/angular/services/jslib-services.module";
-import { AUTOFILL_NUDGE_SERVICE } from "@bitwarden/angular/vault";
-import { SingleNudgeService } from "@bitwarden/angular/vault/services/default-single-nudge.service";
+import {
+  AUTOFILL_NUDGE_SERVICE,
+  AUTO_CONFIRM_NUDGE_SERVICE,
+  AutoConfirmNudgeService,
+} from "@bitwarden/angular/vault";
+import { VaultProfileService } from "@bitwarden/angular/vault/services/vault-profile.service";
 import {
   LoginComponentService,
   TwoFactorAuthComponentService,
@@ -786,9 +790,14 @@ const safeProviders: SafeProvider[] = [
     ],
   }),
   safeProvider({
-    provide: AUTOFILL_NUDGE_SERVICE as SafeInjectionToken<SingleNudgeService>,
+    provide: AUTOFILL_NUDGE_SERVICE as SafeInjectionToken<BrowserAutofillNudgeService>,
     useClass: BrowserAutofillNudgeService,
-    deps: [],
+    deps: [StateProvider, VaultProfileService, LogService],
+  }),
+  safeProvider({
+    provide: AUTO_CONFIRM_NUDGE_SERVICE as SafeInjectionToken<AutoConfirmNudgeService>,
+    useClass: AutoConfirmNudgeService,
+    deps: [StateProvider, AutomaticUserConfirmationService],
   }),
 ];
 
diff --git a/apps/browser/src/vault/popup/components/vault-v2/autofill-confirmation-dialog/autofill-confirmation-dialog.component.spec.ts b/apps/browser/src/vault/popup/components/vault-v2/autofill-confirmation-dialog/autofill-confirmation-dialog.component.spec.ts
index a28b8730109..93cc2cf248a 100644
--- a/apps/browser/src/vault/popup/components/vault-v2/autofill-confirmation-dialog/autofill-confirmation-dialog.component.spec.ts
+++ b/apps/browser/src/vault/popup/components/vault-v2/autofill-confirmation-dialog/autofill-confirmation-dialog.component.spec.ts
@@ -91,10 +91,18 @@ describe("AutofillConfirmationDialogComponent", () => {
     jest.resetAllMocks();
   });
 
-  const findShowAll = (inFx?: ComponentFixture<AutofillConfirmationDialogComponent>) =>
-    (inFx || fixture).nativeElement.querySelector(
-      "button.tw-text-sm.tw-font-medium.tw-cursor-pointer",
-    ) as HTMLButtonElement | null;
+  const findShowAll = (inFx?: ComponentFixture<AutofillConfirmationDialogComponent>) => {
+    // Find the button by its text content (showAll or showLess)
+    const buttons = Array.from(
+      (inFx || fixture).nativeElement.querySelectorAll("button"),
+    ) as HTMLButtonElement[];
+    return (
+      buttons.find((btn) => {
+        const text = btn.textContent?.trim() || "";
+        return text === "showAll" || text === "showLess";
+      }) || null
+    );
+  };
 
   it("normalizes currentUrl and savedUrls via Utils.getHostname", () => {
     expect(Utils.getHostname).toHaveBeenCalledTimes(1 + (params.savedUrls?.length ?? 0));
diff --git a/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.spec.ts b/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.spec.ts
index e6dffdaff08..2c94d9c226b 100644
--- a/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.spec.ts
+++ b/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.spec.ts
@@ -1,4 +1,3 @@
-import { CdkVirtualScrollableElement } from "@angular/cdk/scrolling";
 import { ChangeDetectionStrategy, Component, input, NO_ERRORS_SCHEMA } from "@angular/core";
 import { TestBed, fakeAsync, flush, tick } from "@angular/core/testing";
 import { By } from "@angular/platform-browser";
@@ -394,21 +393,28 @@ describe("VaultV2Component", () => {
     expect(values[values.length - 1]).toBe(false);
   });
 
-  it("ngAfterViewInit waits for allFilters$ then starts scroll position service", fakeAsync(() => {
+  it("passes popup-page scroll region element to scroll position service", fakeAsync(() => {
+    const fixture = TestBed.createComponent(VaultV2Component);
+    const component = fixture.componentInstance;
+
+    const readySubject$ = component["readySubject"] as unknown as BehaviorSubject<boolean>;
+    const itemsLoading$ = itemsSvc.loading$ as unknown as BehaviorSubject<boolean>;
     const allFilters$ = filtersSvc.allFilters$ as unknown as Subject<any>;
 
-    (component as any).virtualScrollElement = {} as CdkVirtualScrollableElement;
-
-    component.ngAfterViewInit();
-    expect(scrollSvc.start).not.toHaveBeenCalled();
-
-    allFilters$.next({ any: true });
+    fixture.detectChanges();
     tick();
 
-    expect(scrollSvc.start).toHaveBeenCalledTimes(1);
-    expect(scrollSvc.start).toHaveBeenCalledWith((component as any).virtualScrollElement);
+    const scrollRegion = fixture.nativeElement.querySelector(
+      '[data-testid="popup-layout-scroll-region"]',
+    ) as HTMLElement;
 
-    flush();
+    // Unblock loading
+    itemsLoading$.next(false);
+    readySubject$.next(true);
+    allFilters$.next({});
+    tick();
+
+    expect(scrollSvc.start).toHaveBeenCalledWith(scrollRegion);
   }));
 
   it("showPremiumDialog opens PremiumUpgradeDialogComponent", () => {
diff --git a/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.ts b/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.ts
index 761b366bcd2..4678e2733eb 100644
--- a/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.ts
+++ b/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.ts
@@ -1,7 +1,7 @@
 import { LiveAnnouncer } from "@angular/cdk/a11y";
-import { CdkVirtualScrollableElement, ScrollingModule } from "@angular/cdk/scrolling";
+import { ScrollingModule } from "@angular/cdk/scrolling";
 import { CommonModule } from "@angular/common";
-import { AfterViewInit, Component, DestroyRef, OnDestroy, OnInit, ViewChild } from "@angular/core";
+import { Component, DestroyRef, effect, inject, OnDestroy, OnInit } from "@angular/core";
 import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
 import { Router, RouterModule } from "@angular/router";
 import {
@@ -47,6 +47,7 @@ import {
   ButtonModule,
   DialogService,
   NoItemsModule,
+  ScrollLayoutService,
   ToastService,
   TypographyModule,
 } from "@bitwarden/components";
@@ -119,11 +120,7 @@ type VaultState = UnionOfValues<typeof VaultState>;
   ],
   providers: [{ provide: VaultItemsTransferService, useClass: DefaultVaultItemsTransferService }],
 })
-export class VaultV2Component implements OnInit, AfterViewInit, OnDestroy {
-  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
-  // eslint-disable-next-line @angular-eslint/prefer-signals
-  @ViewChild(CdkVirtualScrollableElement) virtualScrollElement?: CdkVirtualScrollableElement;
-
+export class VaultV2Component implements OnInit, OnDestroy {
   NudgeType = NudgeType;
   cipherType = CipherType;
   private activeUserId$ = this.accountService.activeAccount$.pipe(getUserId);
@@ -308,16 +305,21 @@ export class VaultV2Component implements OnInit, AfterViewInit, OnDestroy {
       });
   }
 
-  ngAfterViewInit(): void {
-    if (this.virtualScrollElement) {
-      // The filters component can cause the size of the virtual scroll element to change,
-      // which can cause the scroll position to be land in the wrong spot. To fix this,
-      // wait until all filters are populated before restoring the scroll position.
-      this.allFilters$.pipe(take(1), takeUntilDestroyed(this.destroyRef)).subscribe(() => {
-        this.vaultScrollPositionService.start(this.virtualScrollElement!);
+  private readonly scrollLayout = inject(ScrollLayoutService);
+
+  private readonly _scrollPositionEffect = effect((onCleanup) => {
+    const sub = combineLatest([this.scrollLayout.scrollableRef$, this.allFilters$, this.loading$])
+      .pipe(
+        filter(([ref, _filters, loading]) => !!ref && !loading),
+        take(1),
+        takeUntilDestroyed(this.destroyRef),
+      )
+      .subscribe(([ref]) => {
+        this.vaultScrollPositionService.start(ref!.nativeElement);
       });
-    }
-  }
+
+    onCleanup(() => sub.unsubscribe());
+  });
 
   async ngOnInit() {
     this.activeUserId = await firstValueFrom(this.accountService.activeAccount$.pipe(getUserId));
diff --git a/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.spec.ts b/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.spec.ts
index 562375f8f85..af21f664f2d 100644
--- a/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.spec.ts
+++ b/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.spec.ts
@@ -1,4 +1,3 @@
-import { CdkVirtualScrollableElement } from "@angular/cdk/scrolling";
 import { fakeAsync, TestBed, tick } from "@angular/core/testing";
 import { NavigationEnd, Router } from "@angular/router";
 import { Subject, Subscription } from "rxjs";
@@ -66,21 +65,18 @@ describe("VaultPopupScrollPositionService", () => {
   });
 
   describe("start", () => {
-    const elementScrolled$ = new Subject();
-    const focus = jest.fn();
-    const nativeElement = {
-      scrollTop: 0,
-      querySelector: jest.fn(() => ({ focus })),
-      addEventListener: jest.fn(),
-      style: {
-        visibility: "",
-      },
-    };
-    const virtualElement = {
-      elementScrolled: () => elementScrolled$,
-      getElementRef: () => ({ nativeElement }),
-      scrollTo: jest.fn(),
-    } as unknown as CdkVirtualScrollableElement;
+    let scrollElement: HTMLElement;
+
+    beforeEach(() => {
+      scrollElement = document.createElement("div");
+
+      (scrollElement as any).scrollTo = jest.fn(function scrollTo(opts: { top?: number }) {
+        if (opts?.top != null) {
+          (scrollElement as any).scrollTop = opts.top;
+        }
+      });
+      (scrollElement as any).scrollTop = 0;
+    });
 
     afterEach(() => {
       // remove the actual subscription created by `.subscribe`
@@ -89,47 +85,55 @@ describe("VaultPopupScrollPositionService", () => {
 
     describe("initial scroll position", () => {
       beforeEach(() => {
-        (virtualElement.scrollTo as jest.Mock).mockClear();
-        nativeElement.querySelector.mockClear();
+        ((scrollElement as any).scrollTo as jest.Mock).mockClear();
       });
 
       it("does not scroll when `scrollPosition` is null", () => {
         service["scrollPosition"] = null;
 
-        service.start(virtualElement);
+        service.start(scrollElement);
 
-        expect(virtualElement.scrollTo).not.toHaveBeenCalled();
+        expect((scrollElement as any).scrollTo).not.toHaveBeenCalled();
       });
 
-      it("scrolls the virtual element to `scrollPosition`", fakeAsync(() => {
+      it("scrolls the element to `scrollPosition` (async via setTimeout)", fakeAsync(() => {
         service["scrollPosition"] = 500;
-        nativeElement.scrollTop = 500;
 
-        service.start(virtualElement);
+        service.start(scrollElement);
         tick();
 
-        expect(virtualElement.scrollTo).toHaveBeenCalledWith({ behavior: "instant", top: 500 });
+        expect((scrollElement as any).scrollTo).toHaveBeenCalledWith({
+          behavior: "instant",
+          top: 500,
+        });
+        expect((scrollElement as any).scrollTop).toBe(500);
       }));
     });
 
     describe("scroll listener", () => {
       it("unsubscribes from any existing subscription", () => {
-        service.start(virtualElement);
+        service.start(scrollElement);
 
         expect(unsubscribe).toHaveBeenCalled();
       });
 
-      it("subscribes to `elementScrolled`", fakeAsync(() => {
-        virtualElement.measureScrollOffset = jest.fn(() => 455);
+      it("stores scrollTop on subsequent scroll events (skips first)", fakeAsync(() => {
+        service["scrollPosition"] = null;
 
-        service.start(virtualElement);
+        service.start(scrollElement);
 
-        elementScrolled$.next(null); // first subscription is skipped by `skip(1)`
-        elementScrolled$.next(null);
+        // First scroll event is intentionally ignored (equivalent to old skip(1)).
+        (scrollElement as any).scrollTop = 111;
+        scrollElement.dispatchEvent(new Event("scroll"));
+        tick();
+
+        expect(service["scrollPosition"]).toBeNull();
+
+        // Second scroll event should persist.
+        (scrollElement as any).scrollTop = 455;
+        scrollElement.dispatchEvent(new Event("scroll"));
         tick();
 
-        expect(virtualElement.measureScrollOffset).toHaveBeenCalledTimes(1);
-        expect(virtualElement.measureScrollOffset).toHaveBeenCalledWith("top");
         expect(service["scrollPosition"]).toBe(455);
       }));
     });
diff --git a/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.ts b/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.ts
index 5bfe0ec9331..7261fdd6633 100644
--- a/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.ts
+++ b/apps/browser/src/vault/popup/services/vault-popup-scroll-position.service.ts
@@ -1,8 +1,7 @@
-import { CdkVirtualScrollableElement } from "@angular/cdk/scrolling";
 import { inject, Injectable } from "@angular/core";
 import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
 import { NavigationEnd, Router } from "@angular/router";
-import { filter, skip, Subscription } from "rxjs";
+import { filter, fromEvent, Subscription } from "rxjs";
 
 @Injectable({
   providedIn: "root",
@@ -31,24 +30,25 @@ export class VaultPopupScrollPositionService {
   }
 
   /** Scrolls the user to the stored scroll position and starts tracking scroll of the page. */
-  start(virtualScrollElement: CdkVirtualScrollableElement) {
+  start(scrollElement: HTMLElement) {
     if (this.hasScrollPosition()) {
       // Use `setTimeout` to scroll after rendering is complete
       setTimeout(() => {
-        virtualScrollElement.scrollTo({ top: this.scrollPosition!, behavior: "instant" });
+        scrollElement.scrollTo({ top: this.scrollPosition!, behavior: "instant" });
       });
     }
 
     this.scrollSubscription?.unsubscribe();
 
     // Skip the first scroll event to avoid settings the scroll from the above `scrollTo` call
-    this.scrollSubscription = virtualScrollElement
-      ?.elementScrolled()
-      .pipe(skip(1))
-      .subscribe(() => {
-        const offset = virtualScrollElement.measureScrollOffset("top");
-        this.scrollPosition = offset;
-      });
+    let skipped = false;
+    this.scrollSubscription = fromEvent(scrollElement, "scroll").subscribe(() => {
+      if (!skipped) {
+        skipped = true;
+        return;
+      }
+      this.scrollPosition = scrollElement.scrollTop;
+    });
   }
 
   /** Stops the scroll listener from updating the stored location. */
diff --git a/apps/browser/src/vault/popup/settings/appearance-v2.component.ts b/apps/browser/src/vault/popup/settings/appearance-v2.component.ts
index e6515ae7461..e02ccf25f3e 100644
--- a/apps/browser/src/vault/popup/settings/appearance-v2.component.ts
+++ b/apps/browser/src/vault/popup/settings/appearance-v2.component.ts
@@ -79,7 +79,7 @@ export class AppearanceV2Component implements OnInit {
   protected readonly widthOptions: Option<PopupWidthOption>[] = [
     { label: this.i18nService.t("default"), value: "default" },
     { label: this.i18nService.t("wide"), value: "wide" },
-    { label: this.i18nService.t("extraWide"), value: "extra-wide" },
+    { label: this.i18nService.t("narrow"), value: "narrow" },
   ];
 
   constructor(
diff --git a/apps/browser/src/vault/popup/settings/trash-list-items-container/trash-list-items-container.component.ts b/apps/browser/src/vault/popup/settings/trash-list-items-container/trash-list-items-container.component.ts
index bad6011b2d8..edebdab062f 100644
--- a/apps/browser/src/vault/popup/settings/trash-list-items-container/trash-list-items-container.component.ts
+++ b/apps/browser/src/vault/popup/settings/trash-list-items-container/trash-list-items-container.component.ts
@@ -115,15 +115,22 @@ export class TrashListItemsContainerComponent {
   }
 
   async restore(cipher: PopupCipherViewLike) {
+    let toastMessage;
     try {
       const activeUserId = await firstValueFrom(this.accountService.activeAccount$.pipe(getUserId));
       await this.cipherService.restoreWithServer(cipher.id as string, activeUserId);
 
+      if (cipher.archivedDate) {
+        toastMessage = this.i18nService.t("archivedItemRestored");
+      } else {
+        toastMessage = this.i18nService.t("restoredItem");
+      }
+
       await this.router.navigate(["/trash"]);
       this.toastService.showToast({
         variant: "success",
         title: null,
-        message: this.i18nService.t("restoredItem"),
+        message: toastMessage,
       });
     } catch (e) {
       this.logService.error(e);
diff --git a/apps/desktop/resources/entitlements.mas.plist b/apps/desktop/resources/entitlements.mas.plist
index 226e9827e37..9760af69e8b 100644
--- a/apps/desktop/resources/entitlements.mas.plist
+++ b/apps/desktop/resources/entitlements.mas.plist
@@ -34,7 +34,7 @@
 		<string>/Library/Application Support/Microsoft Edge Canary/NativeMessagingHosts/</string>
 		<string>/Library/Application Support/Vivaldi/NativeMessagingHosts/</string>
 		<string>/Library/Application Support/Zen/NativeMessagingHosts/</string>
-		<string>/Library/Application Support/net.imput.helium</string>
+		<string>/Library/Application Support/net.imput.helium/NativeMessagingHosts/</string>
 	</array>
 </dict>
 </plist>
diff --git a/apps/desktop/src/locales/en/messages.json b/apps/desktop/src/locales/en/messages.json
index f9947e16692..0ce98b8c62b 100644
--- a/apps/desktop/src/locales/en/messages.json
+++ b/apps/desktop/src/locales/en/messages.json
@@ -2092,6 +2092,9 @@
   "permanentlyDeletedItem": {
     "message": "Item permanently deleted"
   },
+  "archivedItemRestored": {
+    "message": "Archived item restored"
+  },
   "restoredItem": {
     "message": "Item restored"
   },
diff --git a/apps/desktop/src/vault/app/vault/item-footer.component.ts b/apps/desktop/src/vault/app/vault/item-footer.component.ts
index c80e4e59ae4..399a0e7875d 100644
--- a/apps/desktop/src/vault/app/vault/item-footer.component.ts
+++ b/apps/desktop/src/vault/app/vault/item-footer.component.ts
@@ -173,16 +173,23 @@ export class ItemFooterComponent implements OnInit, OnChanges {
   }
 
   async restore(): Promise<boolean> {
+    let toastMessage;
     if (!this.cipher.isDeleted) {
       return false;
     }
 
+    if (this.cipher.isArchived) {
+      toastMessage = this.i18nService.t("archivedItemRestored");
+    } else {
+      toastMessage = this.i18nService.t("restoredItem");
+    }
+
     try {
       const activeUserId = await firstValueFrom(this.accountService.activeAccount$.pipe(getUserId));
       await this.restoreCipher(activeUserId);
       this.toastService.showToast({
         variant: "success",
-        message: this.i18nService.t("restoredItem"),
+        message: toastMessage,
       });
       this.onRestore.emit(this.cipher);
     } catch (e) {
@@ -239,6 +246,9 @@ export class ItemFooterComponent implements OnInit, OnChanges {
 
     // A user should always be able to unarchive an archived item
     this.showUnarchiveButton =
-      hasArchiveFlagEnabled && this.action === "view" && this.cipher.isArchived;
+      hasArchiveFlagEnabled &&
+      this.action === "view" &&
+      this.cipher.isArchived &&
+      !this.cipher.isDeleted;
   }
 }
diff --git a/apps/desktop/src/vault/app/vault/vault-v2.component.html b/apps/desktop/src/vault/app/vault/vault-v2.component.html
index d10b3fd85c6..61b7c0ee355 100644
--- a/apps/desktop/src/vault/app/vault/vault-v2.component.html
+++ b/apps/desktop/src/vault/app/vault/vault-v2.component.html
@@ -10,69 +10,79 @@
     [organizationId]="organizationId"
   >
   </app-vault-items-v2>
-  <div class="details" *ngIf="!!action">
-    <app-vault-item-footer
-      id="footer"
-      #footer
-      [cipher]="cipher()"
-      [action]="action"
-      (onEdit)="editCipher($event)"
-      (onRestore)="restoreCipher()"
-      (onClone)="cloneCipher($event)"
-      (onDelete)="deleteCipher()"
-      (onCancel)="cancelCipher($event)"
-      (onArchiveToggle)="refreshCurrentCipher()"
-      [masterPasswordAlreadyPrompted]="cipherRepromptId === cipherId"
-      [submitButtonText]="submitButtonText()"
-    ></app-vault-item-footer>
-    <div class="content">
-      <div class="inner-content">
-        <div class="box">
-          <app-cipher-view
-            *ngIf="action === 'view'"
-            [cipher]="cipher()"
-            [collections]="collections"
-          >
-          </app-cipher-view>
-          <vault-cipher-form
-            #vaultForm
-            *ngIf="action === 'add' || action === 'edit' || action === 'clone'"
-            formId="cipherForm"
-            [config]="config"
-            (cipherSaved)="savedCipher($event)"
-            [submitBtn]="footer?.submitBtn"
-            (formStatusChange$)="formStatusChanged($event)"
-          >
-            <bit-item slot="attachment-button">
-              <button
-                bit-item-content
-                type="button"
-                (click)="openAttachmentsDialog()"
-                [disabled]="formDisabled"
+  @if (!!action) {
+    <div class="details">
+      <app-vault-item-footer
+        id="footer"
+        #footer
+        [cipher]="cipher()"
+        [action]="action"
+        (onEdit)="editCipher($event)"
+        (onRestore)="restoreCipher()"
+        (onClone)="cloneCipher($event)"
+        (onDelete)="deleteCipher()"
+        (onCancel)="cancelCipher($event)"
+        (onArchiveToggle)="refreshCurrentCipher()"
+        [masterPasswordAlreadyPrompted]="cipherRepromptId === cipherId"
+        [submitButtonText]="submitButtonText()"
+      ></app-vault-item-footer>
+      <div class="content">
+        <div class="inner-content">
+          <div class="box">
+            @if (action === "view") {
+              <app-cipher-view [cipher]="cipher()" [collections]="collections"> </app-cipher-view>
+            }
+            @if (action === "add" || action === "edit" || action === "clone") {
+              <vault-cipher-form
+                #vaultForm
+                formId="cipherForm"
+                [config]="config"
+                (cipherSaved)="savedCipher($event)"
+                [submitBtn]="footer?.submitBtn"
+                (formStatusChange$)="formStatusChanged($event)"
               >
-                <div class="tw-flex tw-items-center tw-gap-2">
-                  {{ "attachments" | i18n }}
-                  <app-premium-badge></app-premium-badge>
-                </div>
-                <i slot="end" class="bwi bwi-angle-right" aria-hidden="true"></i>
-              </button>
-            </bit-item>
-          </vault-cipher-form>
+                <bit-item slot="attachment-button">
+                  <button
+                    bit-item-content
+                    type="button"
+                    (click)="openAttachmentsDialog()"
+                    [disabled]="formDisabled"
+                  >
+                    <div class="tw-flex tw-items-center tw-gap-2">
+                      {{ "attachments" | i18n }}
+                      <app-premium-badge></app-premium-badge>
+                    </div>
+                    <i slot="end" class="bwi bwi-angle-right" aria-hidden="true"></i>
+                  </button>
+                </bit-item>
+              </vault-cipher-form>
+            }
+          </div>
         </div>
       </div>
     </div>
-  </div>
-  <div
-    id="logo"
-    class="logo"
-    *ngIf="action !== 'add' && action !== 'edit' && action !== 'view' && action !== 'clone'"
-  >
-    <div class="content">
-      <div class="inner-content">
-        <img class="logo-image" alt="Bitwarden" aria-hidden="true" />
+  }
+  @if (action !== "add" && action !== "edit" && action !== "view" && action !== "clone") {
+    <div id="logo" class="logo">
+      <div class="content">
+        <div class="inner-content">
+          @if (activeFilter.status === "archive" && !(hasArchivedCiphers$ | async)) {
+            <bit-no-items [icon]="itemTypesIcon">
+              <div slot="title">
+                {{ "noItemsInArchive" | i18n }}
+              </div>
+              <p slot="description" bitTypography="body2" class="tw-max-w-md tw-text-center">
+                {{ "noItemsInArchiveDesc" | i18n }}
+              </p>
+            </bit-no-items>
+          } @else {
+            <img class="logo-image" alt="Bitwarden" aria-hidden="true" />
+          }
+        </div>
       </div>
     </div>
-  </div>
+  }
+
   <div class="left-nav">
     <app-vault-filter
       class="vault-filters"
diff --git a/apps/desktop/src/vault/app/vault/vault-v2.component.ts b/apps/desktop/src/vault/app/vault/vault-v2.component.ts
index f92b433125c..c1ab9d6f22a 100644
--- a/apps/desktop/src/vault/app/vault/vault-v2.component.ts
+++ b/apps/desktop/src/vault/app/vault/vault-v2.component.ts
@@ -27,6 +27,7 @@ import { CollectionService } from "@bitwarden/admin-console/common";
 import { PremiumBadgeComponent } from "@bitwarden/angular/billing/components/premium-badge";
 import { VaultViewPasswordHistoryService } from "@bitwarden/angular/services/view-password-history.service";
 import { VaultFilter } from "@bitwarden/angular/vault/vault-filter/models/vault-filter.model";
+import { ItemTypes } from "@bitwarden/assets/svg";
 import { ApiService } from "@bitwarden/common/abstractions/api.service";
 import { EventCollectionService } from "@bitwarden/common/abstractions/event/event-collection.service";
 import { OrganizationService } from "@bitwarden/common/admin-console/abstractions/organization/organization.service.abstraction";
@@ -69,6 +70,7 @@ import {
   ToastService,
   CopyClickListener,
   COPY_CLICK_LISTENER,
+  NoItemsModule,
 } from "@bitwarden/components";
 import { I18nPipe } from "@bitwarden/ui-common";
 import {
@@ -124,6 +126,7 @@ const BroadcasterSubscriptionId = "VaultComponent";
     NavComponent,
     VaultFilterModule,
     VaultItemsV2Component,
+    NoItemsModule,
   ],
   providers: [
     {
@@ -203,6 +206,7 @@ export class VaultV2Component<C extends CipherViewLike>
   collections: CollectionView[] | null = null;
   config: CipherFormConfig | null = null;
   readonly userHasPremium = signal<boolean>(false);
+  protected itemTypesIcon = ItemTypes;
 
   /** Tracks the disabled status of the edit cipher form */
   protected formDisabled: boolean = false;
@@ -221,6 +225,12 @@ export class VaultV2Component<C extends CipherViewLike>
       : this.i18nService.t("save");
   });
 
+  protected hasArchivedCiphers$ = this.userId$.pipe(
+    switchMap((userId) =>
+      this.cipherArchiveService.archivedCiphers$(userId).pipe(map((ciphers) => ciphers.length > 0)),
+    ),
+  );
+
   private componentIsDestroyed$ = new Subject<boolean>();
   private allOrganizations: Organization[] = [];
   private allCollections: CollectionView[] = [];
@@ -611,7 +621,7 @@ export class VaultV2Component<C extends CipherViewLike>
       });
     }
 
-    if (cipher.isArchived) {
+    if (cipher.isArchived && !cipher.isDeleted) {
       menu.push({
         label: this.i18nService.t("unArchive"),
         click: async () => {
diff --git a/apps/web/src/app/admin-console/organizations/policies/index.ts b/apps/web/src/app/admin-console/organizations/policies/index.ts
index 3042be240f7..eb614e180e1 100644
--- a/apps/web/src/app/admin-console/organizations/policies/index.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/index.ts
@@ -2,6 +2,6 @@ export { PoliciesComponent } from "./policies.component";
 export { ossPolicyEditRegister } from "./policy-edit-register";
 export { BasePolicyEditDefinition, BasePolicyEditComponent } from "./base-policy-edit.component";
 export { POLICY_EDIT_REGISTER } from "./policy-register-token";
-export { AutoConfirmPolicyDialogComponent } from "./auto-confirm-edit-policy-dialog.component";
 export { AutoConfirmPolicy } from "./policy-edit-definitions";
 export { PolicyEditDialogResult } from "./policy-edit-dialog.component";
+export * from "./policy-edit-dialogs";
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/auto-confirm-policy.component.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/auto-confirm-policy.component.ts
index cf2a2929905..66074918084 100644
--- a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/auto-confirm-policy.component.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/auto-confirm-policy.component.ts
@@ -15,8 +15,8 @@ import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 
 import { SharedModule } from "../../../../shared";
-import { AutoConfirmPolicyDialogComponent } from "../auto-confirm-edit-policy-dialog.component";
 import { BasePolicyEditDefinition, BasePolicyEditComponent } from "../base-policy-edit.component";
+import { AutoConfirmPolicyDialogComponent } from "../policy-edit-dialogs/auto-confirm-edit-policy-dialog.component";
 
 export class AutoConfirmPolicy extends BasePolicyEditDefinition {
   name = "autoConfirm";
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/index.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/index.ts
index 9b46e228af9..042f9771529 100644
--- a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/index.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/index.ts
@@ -1,7 +1,10 @@
 export { DisableSendPolicy } from "./disable-send.component";
 export { DesktopAutotypeDefaultSettingPolicy } from "./autotype-policy.component";
 export { MasterPasswordPolicy } from "./master-password.component";
-export { OrganizationDataOwnershipPolicy } from "./organization-data-ownership.component";
+export {
+  OrganizationDataOwnershipPolicy,
+  OrganizationDataOwnershipPolicyComponent,
+} from "./organization-data-ownership.component";
 export { PasswordGeneratorPolicy } from "./password-generator.component";
 export { RemoveUnlockWithPinPolicy } from "./remove-unlock-with-pin.component";
 export { RequireSsoPolicy } from "./require-sso.component";
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.html b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.html
index 2b6c86b1fdc..bd2237bc2fd 100644
--- a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.html
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.html
@@ -1,8 +1,57 @@
-<bit-callout type="warning">
-  {{ "personalOwnershipExemption" | i18n }}
-</bit-callout>
+<p>
+  {{ "organizationDataOwnershipDescContent" | i18n }}
+  <a
+    bitLink
+    href="https://bitwarden.com/resources/credential-lifecycle-management/"
+    target="_blank"
+  >
+    {{ "organizationDataOwnershipContentAnchor" | i18n }}.
+  </a>
+</p>
 
 <bit-form-control>
   <input type="checkbox" bitCheckbox [formControl]="enabled" id="enabled" />
   <bit-label>{{ "turnOn" | i18n }}</bit-label>
 </bit-form-control>
+
+<ng-template #dialog>
+  <bit-simple-dialog background="alt">
+    <span bitDialogTitle>{{ "organizationDataOwnershipWarningTitle" | i18n }}</span>
+    <ng-container bitDialogContent>
+      <div class="tw-text-left tw-overflow-hidden">
+        {{ "organizationDataOwnershipWarningContentTop" | i18n }}
+        <div class="tw-flex tw-flex-col tw-p-2">
+          <ul class="tw-list-disc tw-pl-5 tw-space-y-2 tw-break-words tw-mb-0">
+            <li>
+              {{ "organizationDataOwnershipWarning1" | i18n }}
+            </li>
+            <li>
+              {{ "organizationDataOwnershipWarning2" | i18n }}
+            </li>
+            <li>
+              {{ "organizationDataOwnershipWarning3" | i18n }}
+            </li>
+          </ul>
+        </div>
+        {{ "organizationDataOwnershipWarningContentBottom" | i18n }}
+        <a
+          bitLink
+          href="https://bitwarden.com/resources/credential-lifecycle-management/"
+          target="_blank"
+        >
+          {{ "organizationDataOwnershipContentAnchor" | i18n }}.
+        </a>
+      </div>
+    </ng-container>
+    <ng-container bitDialogFooter>
+      <span class="tw-flex tw-gap-2">
+        <button bitButton buttonType="primary" [bitDialogClose]="true" type="submit">
+          {{ "continue" | i18n }}
+        </button>
+        <button bitButton buttonType="secondary" [bitDialogClose]="false" type="button">
+          {{ "cancel" | i18n }}
+        </button>
+      </span>
+    </ng-container>
+  </bit-simple-dialog>
+</ng-template>
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.ts
index ceecf8f2ecc..e4a07b7440d 100644
--- a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/organization-data-ownership.component.ts
@@ -1,22 +1,38 @@
-import { ChangeDetectionStrategy, Component } from "@angular/core";
-import { of, Observable } from "rxjs";
+import { ChangeDetectionStrategy, Component, OnInit, TemplateRef, ViewChild } from "@angular/core";
+import { lastValueFrom, map, Observable } from "rxjs";
 
 import { PolicyType } from "@bitwarden/common/admin-console/enums";
 import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
+import { PolicyRequest } from "@bitwarden/common/admin-console/models/request/policy.request";
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
+import { EncryptService } from "@bitwarden/common/key-management/crypto/abstractions/encrypt.service";
 import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
+import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
+import { OrgKey } from "@bitwarden/common/types/key";
+import { CenterPositionStrategy, DialogService } from "@bitwarden/components";
+import { EncString } from "@bitwarden/sdk-internal";
 
 import { SharedModule } from "../../../../shared";
 import { BasePolicyEditDefinition, BasePolicyEditComponent } from "../base-policy-edit.component";
 
+export interface VNextPolicyRequest {
+  policy: PolicyRequest;
+  metadata: {
+    defaultUserCollectionName: string;
+  };
+}
+
 export class OrganizationDataOwnershipPolicy extends BasePolicyEditDefinition {
   name = "organizationDataOwnership";
-  description = "personalOwnershipPolicyDesc";
+  description = "organizationDataOwnershipDesc";
   type = PolicyType.OrganizationDataOwnership;
   component = OrganizationDataOwnershipPolicyComponent;
+  showDescription = false;
 
-  display$(organization: Organization, configService: ConfigService): Observable<boolean> {
-    // TODO Remove this entire component upon verifying that it can be deleted due to its sole reliance of the CreateDefaultLocation feature flag
-    return of(false);
+  override display$(organization: Organization, configService: ConfigService): Observable<boolean> {
+    return configService
+      .getFeatureFlag$(FeatureFlag.MigrateMyVaultToMyItems)
+      .pipe(map((enabled) => !enabled));
   }
 }
 
@@ -26,4 +42,61 @@ export class OrganizationDataOwnershipPolicy extends BasePolicyEditDefinition {
   imports: [SharedModule],
   changeDetection: ChangeDetectionStrategy.OnPush,
 })
-export class OrganizationDataOwnershipPolicyComponent extends BasePolicyEditComponent {}
+export class OrganizationDataOwnershipPolicyComponent
+  extends BasePolicyEditComponent
+  implements OnInit
+{
+  constructor(
+    private dialogService: DialogService,
+    private i18nService: I18nService,
+    private encryptService: EncryptService,
+  ) {
+    super();
+  }
+
+  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
+  // eslint-disable-next-line @angular-eslint/prefer-signals
+  @ViewChild("dialog", { static: true }) warningContent!: TemplateRef<unknown>;
+
+  override async confirm(): Promise<boolean> {
+    if (this.policyResponse?.enabled && !this.enabled.value) {
+      const dialogRef = this.dialogService.open(this.warningContent, {
+        positionStrategy: new CenterPositionStrategy(),
+      });
+      const result = await lastValueFrom(dialogRef.closed);
+      return Boolean(result);
+    }
+    return true;
+  }
+
+  async buildVNextRequest(orgKey: OrgKey): Promise<VNextPolicyRequest> {
+    if (!this.policy) {
+      throw new Error("Policy was not found");
+    }
+
+    const defaultUserCollectionName = await this.getEncryptedDefaultUserCollectionName(orgKey);
+
+    const request: VNextPolicyRequest = {
+      policy: {
+        enabled: this.enabled.value ?? false,
+        data: this.buildRequestData(),
+      },
+      metadata: {
+        defaultUserCollectionName,
+      },
+    };
+
+    return request;
+  }
+
+  private async getEncryptedDefaultUserCollectionName(orgKey: OrgKey): Promise<EncString> {
+    const defaultCollectionName = this.i18nService.t("myItems");
+    const encrypted = await this.encryptService.encryptString(defaultCollectionName, orgKey);
+
+    if (!encrypted.encryptedString) {
+      throw new Error("Encryption error");
+    }
+
+    return encrypted.encryptedString;
+  }
+}
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.html b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.html
index bd2237bc2fd..e6c93b323c2 100644
--- a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.html
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.html
@@ -1,57 +1,52 @@
-<p>
-  {{ "organizationDataOwnershipDescContent" | i18n }}
-  <a
-    bitLink
-    href="https://bitwarden.com/resources/credential-lifecycle-management/"
-    target="_blank"
-  >
-    {{ "organizationDataOwnershipContentAnchor" | i18n }}.
-  </a>
-</p>
+<ng-container [ngTemplateOutlet]="steps[step()]()"></ng-container>
 
-<bit-form-control>
-  <input type="checkbox" bitCheckbox [formControl]="enabled" id="enabled" />
-  <bit-label>{{ "turnOn" | i18n }}</bit-label>
-</bit-form-control>
+<ng-template #step0>
+  <p>
+    {{ "centralizeDataOwnershipDesc" | i18n }}
+    <a
+      bitLink
+      href="https://bitwarden.com/resources/credential-lifecycle-management/"
+      target="_blank"
+    >
+      {{ "centralizeDataOwnershipContentAnchor" | i18n }}
+      <i class="bwi bwi-external-link"></i>
+    </a>
+  </p>
 
-<ng-template #dialog>
-  <bit-simple-dialog background="alt">
-    <span bitDialogTitle>{{ "organizationDataOwnershipWarningTitle" | i18n }}</span>
-    <ng-container bitDialogContent>
-      <div class="tw-text-left tw-overflow-hidden">
-        {{ "organizationDataOwnershipWarningContentTop" | i18n }}
-        <div class="tw-flex tw-flex-col tw-p-2">
-          <ul class="tw-list-disc tw-pl-5 tw-space-y-2 tw-break-words tw-mb-0">
-            <li>
-              {{ "organizationDataOwnershipWarning1" | i18n }}
-            </li>
-            <li>
-              {{ "organizationDataOwnershipWarning2" | i18n }}
-            </li>
-            <li>
-              {{ "organizationDataOwnershipWarning3" | i18n }}
-            </li>
-          </ul>
-        </div>
-        {{ "organizationDataOwnershipWarningContentBottom" | i18n }}
-        <a
-          bitLink
-          href="https://bitwarden.com/resources/credential-lifecycle-management/"
-          target="_blank"
-        >
-          {{ "organizationDataOwnershipContentAnchor" | i18n }}.
-        </a>
-      </div>
-    </ng-container>
-    <ng-container bitDialogFooter>
-      <span class="tw-flex tw-gap-2">
-        <button bitButton buttonType="primary" [bitDialogClose]="true" type="submit">
-          {{ "continue" | i18n }}
-        </button>
-        <button bitButton buttonType="secondary" [bitDialogClose]="false" type="button">
-          {{ "cancel" | i18n }}
-        </button>
-      </span>
-    </ng-container>
-  </bit-simple-dialog>
+  <div class="tw-text-left tw-overflow-hidden tw-mb-2">
+    <strong>{{ "benefits" | i18n }}:</strong>
+    <ul class="tw-pl-7 tw-space-y-2 tw-pt-2">
+      <li>
+        {{ "centralizeDataOwnershipBenefit1" | i18n }}
+      </li>
+      <li>
+        {{ "centralizeDataOwnershipBenefit2" | i18n }}
+      </li>
+      <li>
+        {{ "centralizeDataOwnershipBenefit3" | i18n }}
+      </li>
+    </ul>
+  </div>
+
+  <bit-form-control>
+    <input class="tw-mt-4" type="checkbox" bitCheckbox [formControl]="enabled" id="enabled" />
+    <bit-label>{{ "turnOn" | i18n }}</bit-label>
+  </bit-form-control>
+</ng-template>
+
+<ng-template #step1>
+  <div class="tw-flex tw-flex-col tw-gap-2 tw-overflow-hidden">
+    <span>
+      {{ "centralizeDataOwnershipWarningDesc" | i18n }}
+    </span>
+    <a
+      class="tw-mt-4"
+      bitLink
+      href="https://bitwarden.com/resources/credential-lifecycle-management/"
+      target="_blank"
+    >
+      {{ "centralizeDataOwnershipWarningLink" | i18n }}
+      <i class="bwi bwi-external-link"></i>
+    </a>
+  </div>
 </ng-template>
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.ts
index 59670457d88..e1b2f14d457 100644
--- a/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.ts
@@ -1,18 +1,30 @@
-import { ChangeDetectionStrategy, Component, OnInit, TemplateRef, ViewChild } from "@angular/core";
-import { lastValueFrom } from "rxjs";
+import {
+  ChangeDetectionStrategy,
+  Component,
+  OnInit,
+  signal,
+  Signal,
+  TemplateRef,
+  viewChild,
+  WritableSignal,
+} from "@angular/core";
+import { Observable } from "rxjs";
 
 import { PolicyType } from "@bitwarden/common/admin-console/enums";
+import { Organization } from "@bitwarden/common/admin-console/models/domain/organization";
 import { PolicyRequest } from "@bitwarden/common/admin-console/models/request/policy.request";
+import { FeatureFlag } from "@bitwarden/common/enums/feature-flag.enum";
 import { EncryptService } from "@bitwarden/common/key-management/crypto/abstractions/encrypt.service";
+import { ConfigService } from "@bitwarden/common/platform/abstractions/config/config.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { OrgKey } from "@bitwarden/common/types/key";
-import { CenterPositionStrategy, DialogService } from "@bitwarden/components";
 import { EncString } from "@bitwarden/sdk-internal";
 
 import { SharedModule } from "../../../../shared";
 import { BasePolicyEditDefinition, BasePolicyEditComponent } from "../base-policy-edit.component";
+import { OrganizationDataOwnershipPolicyDialogComponent } from "../policy-edit-dialogs";
 
-interface VNextPolicyRequest {
+export interface VNextPolicyRequest {
   policy: PolicyRequest;
   metadata: {
     defaultUserCollectionName: string;
@@ -20,11 +32,17 @@ interface VNextPolicyRequest {
 }
 
 export class vNextOrganizationDataOwnershipPolicy extends BasePolicyEditDefinition {
-  name = "organizationDataOwnership";
-  description = "organizationDataOwnershipDesc";
+  name = "centralizeDataOwnership";
+  description = "centralizeDataOwnershipDesc";
   type = PolicyType.OrganizationDataOwnership;
   component = vNextOrganizationDataOwnershipPolicyComponent;
   showDescription = false;
+
+  editDialogComponent = OrganizationDataOwnershipPolicyDialogComponent;
+
+  override display$(organization: Organization, configService: ConfigService): Observable<boolean> {
+    return configService.getFeatureFlag$(FeatureFlag.MigrateMyVaultToMyItems);
+  }
 }
 
 @Component({
@@ -38,27 +56,16 @@ export class vNextOrganizationDataOwnershipPolicyComponent
   implements OnInit
 {
   constructor(
-    private dialogService: DialogService,
     private i18nService: I18nService,
     private encryptService: EncryptService,
   ) {
     super();
   }
+  private readonly policyForm: Signal<TemplateRef<any> | undefined> = viewChild("step0");
+  private readonly warningContent: Signal<TemplateRef<any> | undefined> = viewChild("step1");
+  protected readonly step: WritableSignal<number> = signal(0);
 
-  // FIXME(https://bitwarden.atlassian.net/browse/CL-903): Migrate to Signals
-  // eslint-disable-next-line @angular-eslint/prefer-signals
-  @ViewChild("dialog", { static: true }) warningContent!: TemplateRef<unknown>;
-
-  override async confirm(): Promise<boolean> {
-    if (this.policyResponse?.enabled && !this.enabled.value) {
-      const dialogRef = this.dialogService.open(this.warningContent, {
-        positionStrategy: new CenterPositionStrategy(),
-      });
-      const result = await lastValueFrom(dialogRef.closed);
-      return Boolean(result);
-    }
-    return true;
-  }
+  protected steps = [this.policyForm, this.warningContent];
 
   async buildVNextRequest(orgKey: OrgKey): Promise<VNextPolicyRequest> {
     if (!this.policy) {
@@ -90,4 +97,8 @@ export class vNextOrganizationDataOwnershipPolicyComponent
 
     return encrypted.encryptedString;
   }
+
+  setStep(step: number) {
+    this.step.set(step);
+  }
 }
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialog.component.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialog.component.ts
index c633ff5f421..f1b3d04cc7a 100644
--- a/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialog.component.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialog.component.ts
@@ -16,6 +16,7 @@ import { AccountService } from "@bitwarden/common/auth/abstractions/account.serv
 import { getUserId } from "@bitwarden/common/auth/services/account.service";
 import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
 import { OrganizationId } from "@bitwarden/common/types/guid";
+import { OrgKey } from "@bitwarden/common/types/key";
 import {
   DIALOG_DATA,
   DialogConfig,
@@ -28,7 +29,7 @@ import { KeyService } from "@bitwarden/key-management";
 import { SharedModule } from "../../../shared";
 
 import { BasePolicyEditDefinition, BasePolicyEditComponent } from "./base-policy-edit.component";
-import { vNextOrganizationDataOwnershipPolicyComponent } from "./policy-edit-definitions/vnext-organization-data-ownership.component";
+import { VNextPolicyRequest } from "./policy-edit-definitions/organization-data-ownership.component";
 
 export type PolicyEditDialogData = {
   /**
@@ -73,13 +74,24 @@ export class PolicyEditDialogComponent implements AfterViewInit {
     private formBuilder: FormBuilder,
     protected dialogRef: DialogRef<PolicyEditDialogResult>,
     protected toastService: ToastService,
-    private keyService: KeyService,
+    protected keyService: KeyService,
   ) {}
 
   get policy(): BasePolicyEditDefinition {
     return this.data.policy;
   }
 
+  /**
+   * Type guard to check if the policy component has the buildVNextRequest method.
+   */
+  private hasVNextRequest(
+    component: BasePolicyEditComponent,
+  ): component is BasePolicyEditComponent & {
+    buildVNextRequest: (orgKey: OrgKey) => Promise<VNextPolicyRequest>;
+  } {
+    return "buildVNextRequest" in component && typeof component.buildVNextRequest === "function";
+  }
+
   /**
    * Instantiates the child policy component and inserts it into the view.
    */
@@ -129,7 +141,7 @@ export class PolicyEditDialogComponent implements AfterViewInit {
     }
 
     try {
-      if (this.policyComponent instanceof vNextOrganizationDataOwnershipPolicyComponent) {
+      if (this.hasVNextRequest(this.policyComponent)) {
         await this.handleVNextSubmission(this.policyComponent);
       } else {
         await this.handleStandardSubmission();
@@ -158,7 +170,9 @@ export class PolicyEditDialogComponent implements AfterViewInit {
   }
 
   private async handleVNextSubmission(
-    policyComponent: vNextOrganizationDataOwnershipPolicyComponent,
+    policyComponent: BasePolicyEditComponent & {
+      buildVNextRequest: (orgKey: OrgKey) => Promise<VNextPolicyRequest>;
+    },
   ): Promise<void> {
     const orgKey = await firstValueFrom(
       this.accountService.activeAccount$.pipe(
@@ -173,12 +187,12 @@ export class PolicyEditDialogComponent implements AfterViewInit {
       throw new Error("No encryption key for this organization.");
     }
 
-    const vNextRequest = await policyComponent.buildVNextRequest(orgKey);
+    const request = await policyComponent.buildVNextRequest(orgKey);
 
     await this.policyApiService.putPolicyVNext(
       this.data.organizationId,
       this.data.policy.type,
-      vNextRequest,
+      request,
     );
   }
   static open = (dialogService: DialogService, config: DialogConfig<PolicyEditDialogData>) => {
diff --git a/apps/web/src/app/admin-console/organizations/policies/auto-confirm-edit-policy-dialog.component.html b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/auto-confirm-edit-policy-dialog.component.html
similarity index 100%
rename from apps/web/src/app/admin-console/organizations/policies/auto-confirm-edit-policy-dialog.component.html
rename to apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/auto-confirm-edit-policy-dialog.component.html
diff --git a/apps/web/src/app/admin-console/organizations/policies/auto-confirm-edit-policy-dialog.component.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/auto-confirm-edit-policy-dialog.component.ts
similarity index 94%
rename from apps/web/src/app/admin-console/organizations/policies/auto-confirm-edit-policy-dialog.component.ts
rename to apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/auto-confirm-edit-policy-dialog.component.ts
index 9dfb8ebb7e7..fbdeffc71bb 100644
--- a/apps/web/src/app/admin-console/organizations/policies/auto-confirm-edit-policy-dialog.component.ts
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/auto-confirm-edit-policy-dialog.component.ts
@@ -41,20 +41,15 @@ import {
 } from "@bitwarden/components";
 import { KeyService } from "@bitwarden/key-management";
 
-import { SharedModule } from "../../../shared";
-
-import { AutoConfirmPolicyEditComponent } from "./policy-edit-definitions/auto-confirm-policy.component";
+import { SharedModule } from "../../../../shared";
+import { AutoConfirmPolicyEditComponent } from "../policy-edit-definitions/auto-confirm-policy.component";
 import {
   PolicyEditDialogComponent,
   PolicyEditDialogData,
   PolicyEditDialogResult,
-} from "./policy-edit-dialog.component";
+} from "../policy-edit-dialog.component";
 
-export type MultiStepSubmit = {
-  sideEffect: () => Promise<void>;
-  footerContent: Signal<TemplateRef<unknown> | undefined>;
-  titleContent: Signal<TemplateRef<unknown> | undefined>;
-};
+import { MultiStepSubmit } from "./models";
 
 export type AutoConfirmPolicyDialogData = PolicyEditDialogData & {
   firstTimeDialog?: boolean;
@@ -202,6 +197,7 @@ export class AutoConfirmPolicyDialogComponent
     }
 
     const autoConfirmRequest = await this.policyComponent.buildRequest();
+
     await this.policyApiService.putPolicy(
       this.data.organizationId,
       this.data.policy.type,
@@ -235,7 +231,7 @@ export class AutoConfirmPolicyDialogComponent
       data: null,
     };
 
-    await this.policyApiService.putPolicy(
+    await this.policyApiService.putPolicyVNext(
       this.data.organizationId,
       PolicyType.SingleOrg,
       singleOrgRequest,
@@ -260,7 +256,10 @@ export class AutoConfirmPolicyDialogComponent
 
     try {
       const multiStepSubmit = await firstValueFrom(this.multiStepSubmit);
-      await multiStepSubmit[this.currentStep()].sideEffect();
+      const sideEffect = multiStepSubmit[this.currentStep()].sideEffect;
+      if (sideEffect) {
+        await sideEffect();
+      }
 
       if (this.currentStep() === multiStepSubmit.length - 1) {
         this.dialogRef.close("saved");
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/index.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/index.ts
new file mode 100644
index 00000000000..307d0da04b0
--- /dev/null
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/index.ts
@@ -0,0 +1,3 @@
+export * from "./auto-confirm-edit-policy-dialog.component";
+export * from "./organization-data-ownership-edit-policy-dialog.component";
+export * from "./models";
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/models.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/models.ts
new file mode 100644
index 00000000000..86120623701
--- /dev/null
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/models.ts
@@ -0,0 +1,7 @@
+import { Signal, TemplateRef } from "@angular/core";
+
+export type MultiStepSubmit = {
+  sideEffect?: () => Promise<void>;
+  footerContent: Signal<TemplateRef<unknown> | undefined>;
+  titleContent: Signal<TemplateRef<unknown> | undefined>;
+};
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/organization-data-ownership-edit-policy-dialog.component.html b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/organization-data-ownership-edit-policy-dialog.component.html
new file mode 100644
index 00000000000..73691e94199
--- /dev/null
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/organization-data-ownership-edit-policy-dialog.component.html
@@ -0,0 +1,72 @@
+<form [formGroup]="formGroup" [bitSubmit]="submit">
+  <bit-dialog [loading]="loading">
+    <ng-container bitDialogTitle>
+      @let title = multiStepSubmit()[currentStep()]?.titleContent();
+      @if (title) {
+        <ng-container [ngTemplateOutlet]="title"></ng-container>
+      }
+    </ng-container>
+
+    <ng-container bitDialogContent>
+      @if (loading) {
+        <div>
+          <i
+            class="bwi bwi-spinner bwi-spin tw-text-muted"
+            title="{{ 'loading' | i18n }}"
+            aria-hidden="true"
+          ></i>
+          <span class="tw-sr-only">{{ "loading" | i18n }}</span>
+        </div>
+      }
+      <div [hidden]="loading">
+        @if (policy.showDescription) {
+          <p bitTypography="body1">{{ policy.description | i18n }}</p>
+        }
+      </div>
+      <ng-template #policyForm></ng-template>
+    </ng-container>
+    <ng-container bitDialogFooter>
+      @let footer = multiStepSubmit()[currentStep()]?.footerContent();
+      @if (footer) {
+        <ng-container [ngTemplateOutlet]="footer"></ng-container>
+      }
+    </ng-container>
+  </bit-dialog>
+</form>
+
+<ng-template #step0Title>
+  {{ policy.name | i18n }}
+</ng-template>
+
+<ng-template #step1Title>
+  {{ "centralizeDataOwnershipWarningTitle" | i18n }}
+</ng-template>
+
+<ng-template #step0>
+  <button
+    bitButton
+    buttonType="primary"
+    [disabled]="saveDisabled$ | async"
+    bitFormButton
+    type="submit"
+  >
+    @if (policyComponent?.policyResponse?.enabled) {
+      {{ "save" | i18n }}
+    } @else {
+      {{ "continue" | i18n }}
+    }
+  </button>
+
+  <button bitButton buttonType="secondary" bitDialogClose type="button">
+    {{ "cancel" | i18n }}
+  </button>
+</ng-template>
+
+<ng-template #step1>
+  <button bitButton buttonType="primary" bitFormButton type="submit">
+    {{ "continue" | i18n }}
+  </button>
+  <button bitButton buttonType="secondary" bitDialogClose type="button">
+    {{ "cancel" | i18n }}
+  </button>
+</ng-template>
diff --git a/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/organization-data-ownership-edit-policy-dialog.component.ts b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/organization-data-ownership-edit-policy-dialog.component.ts
new file mode 100644
index 00000000000..7869eab0063
--- /dev/null
+++ b/apps/web/src/app/admin-console/organizations/policies/policy-edit-dialogs/organization-data-ownership-edit-policy-dialog.component.ts
@@ -0,0 +1,224 @@
+import {
+  AfterViewInit,
+  ChangeDetectorRef,
+  Component,
+  Inject,
+  signal,
+  TemplateRef,
+  viewChild,
+  WritableSignal,
+} from "@angular/core";
+import { FormBuilder } from "@angular/forms";
+import {
+  catchError,
+  combineLatest,
+  defer,
+  firstValueFrom,
+  from,
+  map,
+  Observable,
+  of,
+  startWith,
+  switchMap,
+} from "rxjs";
+
+import { PolicyApiServiceAbstraction } from "@bitwarden/common/admin-console/abstractions/policy/policy-api.service.abstraction";
+import { PolicyType } from "@bitwarden/common/admin-console/enums";
+import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
+import { getUserId } from "@bitwarden/common/auth/services/account.service";
+import { assertNonNullish } from "@bitwarden/common/auth/utils";
+import { I18nService } from "@bitwarden/common/platform/abstractions/i18n.service";
+import { OrganizationId } from "@bitwarden/common/types/guid";
+import {
+  DIALOG_DATA,
+  DialogConfig,
+  DialogRef,
+  DialogService,
+  ToastService,
+} from "@bitwarden/components";
+import { KeyService } from "@bitwarden/key-management";
+
+import { SharedModule } from "../../../../shared";
+import { vNextOrganizationDataOwnershipPolicyComponent } from "../policy-edit-definitions";
+import {
+  PolicyEditDialogComponent,
+  PolicyEditDialogData,
+  PolicyEditDialogResult,
+} from "../policy-edit-dialog.component";
+
+import { MultiStepSubmit } from "./models";
+
+/**
+ * Custom policy dialog component for Centralize Organization Data
+ * Ownership policy. Satisfies the PolicyDialogComponent interface
+ * structurally via its static open() function.
+ */
+// FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
+// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
+@Component({
+  templateUrl: "organization-data-ownership-edit-policy-dialog.component.html",
+  imports: [SharedModule],
+})
+export class OrganizationDataOwnershipPolicyDialogComponent
+  extends PolicyEditDialogComponent
+  implements AfterViewInit
+{
+  policyType = PolicyType;
+
+  protected centralizeDataOwnershipEnabled$: Observable<boolean> = defer(() =>
+    from(
+      this.policyApiService.getPolicy(
+        this.data.organizationId,
+        PolicyType.OrganizationDataOwnership,
+      ),
+    ).pipe(
+      map((policy) => policy.enabled),
+      catchError(() => of(false)),
+    ),
+  );
+
+  protected readonly currentStep: WritableSignal<number> = signal(0);
+  protected readonly multiStepSubmit: WritableSignal<MultiStepSubmit[]> = signal([]);
+
+  private readonly policyForm = viewChild.required<TemplateRef<unknown>>("step0");
+  private readonly warningContent = viewChild.required<TemplateRef<unknown>>("step1");
+  private readonly policyFormTitle = viewChild.required<TemplateRef<unknown>>("step0Title");
+  private readonly warningTitle = viewChild.required<TemplateRef<unknown>>("step1Title");
+
+  override policyComponent: vNextOrganizationDataOwnershipPolicyComponent | undefined;
+
+  constructor(
+    @Inject(DIALOG_DATA) protected data: PolicyEditDialogData,
+    accountService: AccountService,
+    policyApiService: PolicyApiServiceAbstraction,
+    i18nService: I18nService,
+    cdr: ChangeDetectorRef,
+    formBuilder: FormBuilder,
+    dialogRef: DialogRef<PolicyEditDialogResult>,
+    toastService: ToastService,
+    protected keyService: KeyService,
+  ) {
+    super(
+      data,
+      accountService,
+      policyApiService,
+      i18nService,
+      cdr,
+      formBuilder,
+      dialogRef,
+      toastService,
+      keyService,
+    );
+  }
+
+  async ngAfterViewInit() {
+    await super.ngAfterViewInit();
+
+    if (this.policyComponent) {
+      this.saveDisabled$ = combineLatest([
+        this.centralizeDataOwnershipEnabled$,
+        this.policyComponent.enabled.valueChanges.pipe(
+          startWith(this.policyComponent.enabled.value),
+        ),
+      ]).pipe(map(([policyEnabled, value]) => !policyEnabled && !value));
+    }
+
+    this.multiStepSubmit.set(this.buildMultiStepSubmit());
+  }
+
+  private buildMultiStepSubmit(): MultiStepSubmit[] {
+    if (this.policyComponent?.policyResponse?.enabled) {
+      return [
+        {
+          sideEffect: () => this.handleSubmit(),
+          footerContent: this.policyForm,
+          titleContent: this.policyFormTitle,
+        },
+      ];
+    }
+
+    return [
+      {
+        footerContent: this.policyForm,
+        titleContent: this.policyFormTitle,
+      },
+      {
+        sideEffect: () => this.handleSubmit(),
+        footerContent: this.warningContent,
+        titleContent: this.warningTitle,
+      },
+    ];
+  }
+
+  private async handleSubmit() {
+    if (!this.policyComponent) {
+      throw new Error("PolicyComponent not initialized.");
+    }
+
+    const orgKey = await firstValueFrom(
+      this.accountService.activeAccount$.pipe(
+        getUserId,
+        switchMap((userId) => this.keyService.orgKeys$(userId)),
+      ),
+    );
+
+    assertNonNullish(orgKey, "Org key not provided");
+
+    const request = await this.policyComponent.buildVNextRequest(
+      orgKey[this.data.organizationId as OrganizationId],
+    );
+
+    await this.policyApiService.putPolicyVNext(
+      this.data.organizationId,
+      this.data.policy.type,
+      request,
+    );
+
+    this.toastService.showToast({
+      variant: "success",
+      message: this.i18nService.t("editedPolicyId", this.i18nService.t(this.data.policy.name)),
+    });
+
+    if (!this.policyComponent.enabled.value) {
+      this.dialogRef.close("saved");
+    }
+  }
+
+  submit = async () => {
+    if (!this.policyComponent) {
+      throw new Error("PolicyComponent not initialized.");
+    }
+
+    if ((await this.policyComponent.confirm()) == false) {
+      this.dialogRef.close();
+      return;
+    }
+
+    try {
+      const sideEffect = this.multiStepSubmit()[this.currentStep()].sideEffect;
+      if (sideEffect) {
+        await sideEffect();
+      }
+
+      if (this.currentStep() === this.multiStepSubmit().length - 1) {
+        this.dialogRef.close("saved");
+        return;
+      }
+
+      this.currentStep.update((value) => value + 1);
+      this.policyComponent.setStep(this.currentStep());
+    } catch (error: any) {
+      this.toastService.showToast({
+        variant: "error",
+        message: error.message,
+      });
+    }
+  };
+
+  static open = (dialogService: DialogService, config: DialogConfig<PolicyEditDialogData>) => {
+    return dialogService.open<PolicyEditDialogResult>(
+      OrganizationDataOwnershipPolicyDialogComponent,
+      config,
+    );
+  };
+}
diff --git a/apps/web/src/app/dirt/reports/pages/inactive-two-factor-report.component.html b/apps/web/src/app/dirt/reports/pages/inactive-two-factor-report.component.html
index 05758a854c2..9a99a55b77b 100644
--- a/apps/web/src/app/dirt/reports/pages/inactive-two-factor-report.component.html
+++ b/apps/web/src/app/dirt/reports/pages/inactive-two-factor-report.component.html
@@ -31,81 +31,75 @@
           </bit-toggle>
         </ng-container>
       </bit-toggle-group>
-      <bit-table [dataSource]="dataSource">
+      <bit-table-scroll [dataSource]="dataSource" [rowSize]="75">
         <ng-container header *ngIf="!isAdminConsoleActive">
-          <tr bitRow>
-            <th bitCell></th>
-            <th bitCell>{{ "name" | i18n }}</th>
-            <th bitCell>{{ "owner" | i18n }}</th>
-            <th bitCell></th>
-          </tr>
+          <th bitCell></th>
+          <th bitCell>{{ "name" | i18n }}</th>
+          <th bitCell>{{ "owner" | i18n }}</th>
+          <th bitCell></th>
         </ng-container>
-        <tbody>
-          <ng-template body let-rows$>
-            <tr bitRow *ngFor="let r of rows$ | async">
-              <td bitCell>
-                <app-vault-icon [cipher]="r"></app-vault-icon>
-              </td>
-              <td bitCell>
-                <ng-container *ngIf="!organization || canManageCipher(r); else cantManage">
-                  <a
-                    bitLink
-                    href="#"
-                    appStopClick
-                    (click)="selectCipher(r)"
-                    title="{{ 'editItemWithName' | i18n: r.name }}"
-                    >{{ r.name }}</a
-                  >
-                </ng-container>
-                <ng-template #cantManage>
-                  <span>{{ r.name }}</span>
-                </ng-template>
-                <ng-container *ngIf="!organization && r.organizationId">
-                  <i
-                    class="bwi bwi-collection-shared tw-ml-1"
-                    appStopProp
-                    title="{{ 'shared' | i18n }}"
-                    aria-hidden="true"
-                  ></i>
-                  <span class="tw-sr-only">{{ "shared" | i18n }}</span>
-                </ng-container>
-                <ng-container *ngIf="r.hasAttachments">
-                  <i
-                    class="bwi bwi-paperclip tw-ml-1"
-                    appStopProp
-                    title="{{ 'attachments' | i18n }}"
-                    aria-hidden="true"
-                  ></i>
-                  <span class="tw-sr-only">{{ "attachments" | i18n }}</span>
-                </ng-container>
-                <br />
-                <small>{{ r.subTitle }}</small>
-              </td>
-              <td bitCell>
-                <app-org-badge
-                  *ngIf="!organization"
-                  [disabled]="disabled"
-                  [organizationId]="r.organizationId"
-                  [organizationName]="r.organizationId | orgNameFromId: (organizations$ | async)"
-                  appStopProp
-                >
-                </app-org-badge>
-              </td>
-              <td bitCell class="tw-text-right">
-                <a
-                  bitBadge
-                  href="{{ cipherDocs.get(r.id) }}"
-                  target="_blank"
-                  rel="noreferrer"
-                  *ngIf="cipherDocs.has(r.id)"
-                >
-                  {{ "instructions" | i18n }}</a
-                >
-              </td>
-            </tr>
-          </ng-template>
-        </tbody></bit-table
-      >
+        <ng-template bitRowDef let-row>
+          <td bitCell>
+            <app-vault-icon [cipher]="row"></app-vault-icon>
+          </td>
+          <td bitCell>
+            <ng-container *ngIf="!organization || canManageCipher(row); else cantManage">
+              <a
+                bitLink
+                href="#"
+                appStopClick
+                (click)="selectCipher(row)"
+                title="{{ 'editItemWithName' | i18n: row.name }}"
+                >{{ row.name }}</a
+              >
+            </ng-container>
+            <ng-template #cantManage>
+              <span>{{ row.name }}</span>
+            </ng-template>
+            <ng-container *ngIf="!organization && row.organizationId">
+              <i
+                class="bwi bwi-collection-shared tw-ml-1"
+                appStopProp
+                title="{{ 'shared' | i18n }}"
+                aria-hidden="true"
+              ></i>
+              <span class="tw-sr-only">{{ "shared" | i18n }}</span>
+            </ng-container>
+            <ng-container *ngIf="row.hasAttachments">
+              <i
+                class="bwi bwi-paperclip tw-ml-1"
+                appStopProp
+                title="{{ 'attachments' | i18n }}"
+                aria-hidden="true"
+              ></i>
+              <span class="tw-sr-only">{{ "attachments" | i18n }}</span>
+            </ng-container>
+            <br />
+            <small>{{ row.subTitle }}</small>
+          </td>
+          <td bitCell>
+            <app-org-badge
+              *ngIf="!organization"
+              [disabled]="disabled"
+              [organizationId]="row.organizationId"
+              [organizationName]="row.organizationId | orgNameFromId: (organizations$ | async)"
+              appStopProp
+            >
+            </app-org-badge>
+          </td>
+          <td bitCell class="tw-text-right">
+            <a
+              bitBadge
+              href="{{ cipherDocs.get(row.id) }}"
+              target="_blank"
+              rel="noreferrer"
+              *ngIf="cipherDocs.has(row.id)"
+            >
+              {{ "instructions" | i18n }}</a
+            >
+          </td>
+        </ng-template>
+      </bit-table-scroll>
     </ng-container>
   </div>
 </bit-container>
diff --git a/apps/web/src/app/dirt/reports/pages/unsecured-websites-report.component.html b/apps/web/src/app/dirt/reports/pages/unsecured-websites-report.component.html
index 5dd11b59999..cc7537333ad 100644
--- a/apps/web/src/app/dirt/reports/pages/unsecured-websites-report.component.html
+++ b/apps/web/src/app/dirt/reports/pages/unsecured-websites-report.component.html
@@ -32,68 +32,63 @@
           </bit-toggle>
         </ng-container>
       </bit-toggle-group>
-      <bit-table [dataSource]="dataSource">
+      <bit-table-scroll [dataSource]="dataSource" [rowSize]="75">
         <ng-container header *ngIf="!isAdminConsoleActive">
-          <tr bitRow>
-            <th bitCell></th>
-            <th bitCell>{{ "name" | i18n }}</th>
-            <th bitCell>{{ "owner" | i18n }}</th>
-            <th bitCell></th>
-          </tr>
+          <th bitCell></th>
+          <th bitCell>{{ "name" | i18n }}</th>
+          <th bitCell>{{ "owner" | i18n }}</th>
         </ng-container>
-        <ng-template body let-rows$>
-          <tr bitRow *ngFor="let r of rows$ | async">
-            <td bitCell>
-              <app-vault-icon [cipher]="r"></app-vault-icon>
-            </td>
-            <td bitCell>
-              <ng-container *ngIf="!organization || canManageCipher(r); else cantManage">
-                <a
-                  bitLink
-                  href="#"
-                  appStopClick
-                  (click)="selectCipher(r)"
-                  title="{{ 'editItemWithName' | i18n: r.name }}"
-                  >{{ r.name }}</a
-                >
-              </ng-container>
-              <ng-template #cantManage>
-                <span>{{ r.name }}</span>
-              </ng-template>
-              <ng-container *ngIf="!organization && r.organizationId">
-                <i
-                  class="bwi bwi-collection-shared tw-ml-1"
-                  appStopProp
-                  title="{{ 'shared' | i18n }}"
-                  aria-hidden="true"
-                ></i>
-                <span class="tw-sr-only">{{ "shared" | i18n }}</span>
-              </ng-container>
-              <ng-container *ngIf="r.hasAttachments">
-                <i
-                  class="bwi bwi-paperclip tw-ml-1"
-                  appStopProp
-                  title="{{ 'attachments' | i18n }}"
-                  aria-hidden="true"
-                ></i>
-                <span class="tw-sr-only">{{ "attachments" | i18n }}</span>
-              </ng-container>
-              <br />
-              <small>{{ r.subTitle }}</small>
-            </td>
-            <td bitCell>
-              <app-org-badge
-                *ngIf="!organization"
-                [disabled]="disabled"
-                [organizationId]="r.organizationId"
-                [organizationName]="r.organizationId | orgNameFromId: (organizations$ | async)"
-                appStopProp
+        <ng-template bitRowDef let-row>
+          <td bitCell>
+            <app-vault-icon [cipher]="row"></app-vault-icon>
+          </td>
+          <td bitCell>
+            <ng-container *ngIf="!organization || canManageCipher(row); else cantManage">
+              <a
+                bitLink
+                href="#"
+                appStopClick
+                (click)="selectCipher(row)"
+                title="{{ 'editItemWithName' | i18n: row.name }}"
+                >{{ row.name }}</a
               >
-              </app-org-badge>
-            </td>
-          </tr>
+            </ng-container>
+            <ng-template #cantManage>
+              <span>{{ row.name }}</span>
+            </ng-template>
+            <ng-container *ngIf="!organization && row.organizationId">
+              <i
+                class="bwi bwi-collection-shared tw-ml-1"
+                appStopProp
+                title="{{ 'shared' | i18n }}"
+                aria-hidden="true"
+              ></i>
+              <span class="tw-sr-only">{{ "shared" | i18n }}</span>
+            </ng-container>
+            <ng-container *ngIf="row.hasAttachments">
+              <i
+                class="bwi bwi-paperclip tw-ml-1"
+                appStopProp
+                title="{{ 'attachments' | i18n }}"
+                aria-hidden="true"
+              ></i>
+              <span class="tw-sr-only">{{ "attachments" | i18n }}</span>
+            </ng-container>
+            <br />
+            <small>{{ row.subTitle }}</small>
+          </td>
+          <td bitCell>
+            <app-org-badge
+              *ngIf="!organization"
+              [disabled]="disabled"
+              [organizationId]="row.organizationId"
+              [organizationName]="row.organizationId | orgNameFromId: (organizations$ | async)"
+              appStopProp
+            >
+            </app-org-badge>
+          </td>
         </ng-template>
-      </bit-table>
+      </bit-table-scroll>
     </ng-container>
   </div>
 </bit-container>
diff --git a/apps/web/src/app/dirt/reports/reports-layout.component.html b/apps/web/src/app/dirt/reports/reports-layout.component.html
index a27556a7aa9..0cb5d304a34 100644
--- a/apps/web/src/app/dirt/reports/reports-layout.component.html
+++ b/apps/web/src/app/dirt/reports/reports-layout.component.html
@@ -2,8 +2,10 @@
 
 <div class="tw-flex tw-flex-wrap tw-gap-4 tw-mt-4">
   <div class="tw-w-full">
-    <a bitButton routerLink="./" *ngIf="!homepage">
-      {{ "backToReports" | i18n }}
-    </a>
+    @if (!homepage) {
+      <a bitButton routerLink="./">
+        {{ "backToReports" | i18n }}
+      </a>
+    }
   </div>
 </div>
diff --git a/apps/web/src/app/dirt/reports/reports-layout.component.ts b/apps/web/src/app/dirt/reports/reports-layout.component.ts
index c2fbf858590..a6d84ccb037 100644
--- a/apps/web/src/app/dirt/reports/reports-layout.component.ts
+++ b/apps/web/src/app/dirt/reports/reports-layout.component.ts
@@ -1,6 +1,6 @@
-import { Component, OnDestroy } from "@angular/core";
+import { Component } from "@angular/core";
+import { takeUntilDestroyed } from "@angular/core/rxjs-interop";
 import { NavigationEnd, Router } from "@angular/router";
-import { Subscription } from "rxjs";
 import { filter } from "rxjs/operators";
 
 // FIXME(https://bitwarden.atlassian.net/browse/CL-764): Migrate to OnPush
@@ -10,20 +10,20 @@ import { filter } from "rxjs/operators";
   templateUrl: "reports-layout.component.html",
   standalone: false,
 })
-export class ReportsLayoutComponent implements OnDestroy {
+export class ReportsLayoutComponent {
   homepage = true;
-  subscription: Subscription;
 
   constructor(router: Router) {
-    this.subscription = router.events
-      .pipe(filter((event) => event instanceof NavigationEnd))
-      // eslint-disable-next-line rxjs-angular/prefer-takeuntil
+    const reportsHomeRoute = "/reports";
+
+    this.homepage = router.url === reportsHomeRoute;
+    router.events
+      .pipe(
+        takeUntilDestroyed(),
+        filter((event) => event instanceof NavigationEnd),
+      )
       .subscribe((event) => {
-        this.homepage = (event as NavigationEnd).url == "/reports";
+        this.homepage = (event as NavigationEnd).url == reportsHomeRoute;
       });
   }
-
-  ngOnDestroy(): void {
-    this.subscription?.unsubscribe();
-  }
 }
diff --git a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html
index 5b9f9db3e62..081829a8d83 100644
--- a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html
+++ b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html
@@ -171,37 +171,47 @@
 
       <bit-menu-divider *ngIf="showMenuDivider"></bit-menu-divider>
 
-      @if (!viewingOrgVault) {
-        <button bitMenuItem type="button" *ngIf="showFavorite" (click)="toggleFavorite()">
+      @if (showFavorite) {
+        <button bitMenuItem type="button" (click)="toggleFavorite()">
           <i class="bwi bwi-fw bwi-star" aria-hidden="true"></i>
           {{ (cipher.favorite ? "unfavorite" : "favorite") | i18n }}
         </button>
       }
-      <button bitMenuItem type="button" (click)="editCipher()" *ngIf="canEditCipher">
-        <i class="bwi bwi-fw bwi-pencil-square" aria-hidden="true"></i>
-        {{ "edit" | i18n }}
-      </button>
-      <button bitMenuItem *ngIf="showAttachments" type="button" (click)="attachments()">
-        <i class="bwi bwi-fw bwi-paperclip" aria-hidden="true"></i>
-        {{ "attachments" | i18n }}
-      </button>
-      <button bitMenuItem *ngIf="showClone" type="button" (click)="clone()">
-        <i class="bwi bwi-fw bwi-files" aria-hidden="true"></i>
-        {{ "clone" | i18n }}
-      </button>
-      <button
-        bitMenuItem
-        *ngIf="showAssignToCollections"
-        type="button"
-        (click)="assignToCollections()"
-      >
-        <i class="bwi bwi-fw bwi-collection-shared" aria-hidden="true"></i>
-        {{ "assignToCollections" | i18n }}
-      </button>
-      <button bitMenuItem *ngIf="showEventLogs" type="button" (click)="events()">
-        <i class="bwi bwi-fw bwi-file-text" aria-hidden="true"></i>
-        {{ "eventLogs" | i18n }}
-      </button>
+      @if (!isDeleted && canEditCipher) {
+        <button bitMenuItem type="button" (click)="editCipher()">
+          <i class="bwi bwi-fw bwi-pencil-square" aria-hidden="true"></i>
+          {{ "edit" | i18n }}
+        </button>
+      }
+      @if (showAttachments) {
+        <button bitMenuItem type="button" (click)="attachments()">
+          <i class="bwi bwi-fw bwi-paperclip" aria-hidden="true"></i>
+          {{ "attachments" | i18n }}
+        </button>
+      }
+      @if (showClone) {
+        <button bitMenuItem type="button" (click)="clone()">
+          <i class="bwi bwi-fw bwi-files" aria-hidden="true"></i>
+          {{ "clone" | i18n }}
+        </button>
+      }
+      @if (showAssignToCollections) {
+        <button
+          bitMenuItem
+          *ngIf="showAssignToCollections"
+          type="button"
+          (click)="assignToCollections()"
+        >
+          <i class="bwi bwi-fw bwi-collection-shared" aria-hidden="true"></i>
+          {{ "assignToCollections" | i18n }}
+        </button>
+      }
+      @if (showEventLogs) {
+        <button bitMenuItem type="button" (click)="events()">
+          <i class="bwi bwi-fw bwi-file-text" aria-hidden="true"></i>
+          {{ "eventLogs" | i18n }}
+        </button>
+      }
       @if (showArchiveButton) {
         @if (userCanArchive) {
           <button bitMenuItem (click)="archive()" type="button">
diff --git a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.ts b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.ts
index ec0fe42f927..f795f9533eb 100644
--- a/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.ts
+++ b/apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.ts
@@ -161,7 +161,9 @@ export class VaultCipherRowComponent<C extends CipherViewLike> implements OnInit
       return false;
     }
 
-    return CipherViewLikeUtils.isArchived(this.cipher);
+    return (
+      CipherViewLikeUtils.isArchived(this.cipher) && !CipherViewLikeUtils.isDeleted(this.cipher)
+    );
   }
 
   protected get clickAction() {
@@ -191,7 +193,7 @@ export class VaultCipherRowComponent<C extends CipherViewLike> implements OnInit
   // Do not show attachments button if:
   // item is archived AND user is not premium user
   protected get showAttachments() {
-    if (CipherViewLikeUtils.isArchived(this.cipher) && !this.userCanArchive) {
+    if ((CipherViewLikeUtils.isArchived(this.cipher) && !this.userCanArchive) || this.isDeleted) {
       return false;
     }
     return this.canEditCipher || this.hasAttachments;
@@ -387,7 +389,12 @@ export class VaultCipherRowComponent<C extends CipherViewLike> implements OnInit
   }
 
   protected get showFavorite() {
-    if (CipherViewLikeUtils.isArchived(this.cipher) && !this.userCanArchive) {
+    if (
+      (!this.viewingOrgVault &&
+        CipherViewLikeUtils.isArchived(this.cipher) &&
+        !this.userCanArchive) ||
+      CipherViewLikeUtils.isDeleted(this.cipher)
+    ) {
       return false;
     }
     return true;
diff --git a/apps/web/src/app/vault/components/vault-items/vault-items.component.html b/apps/web/src/app/vault/components/vault-items/vault-items.component.html
index 70c44e80a39..3aa3e0846f2 100644
--- a/apps/web/src/app/vault/components/vault-items/vault-items.component.html
+++ b/apps/web/src/app/vault/components/vault-items/vault-items.component.html
@@ -84,20 +84,19 @@
               {{ "assignToCollections" | i18n }}
             </button>
 
-            <button *ngIf="bulkArchiveAllowed" type="button" bitMenuItem (click)="bulkArchive()">
-              <i class="bwi bwi-fw bwi-archive" aria-hidden="true"></i>
-              {{ "archiveVerb" | i18n }}
-            </button>
+            @if (bulkArchiveAllowed) {
+              <button type="button" bitMenuItem (click)="bulkArchive()">
+                <i class="bwi bwi-fw bwi-archive" aria-hidden="true"></i>
+                {{ "archiveVerb" | i18n }}
+              </button>
+            }
 
-            <button
-              *ngIf="bulkUnarchiveAllowed"
-              type="button"
-              bitMenuItem
-              (click)="bulkUnarchive()"
-            >
-              <i class="bwi bwi-fw bwi-unarchive" aria-hidden="true"></i>
-              {{ "unArchive" | i18n }}
-            </button>
+            @if (bulkUnarchiveAllowed) {
+              <button type="button" bitMenuItem (click)="bulkUnarchive()">
+                <i class="bwi bwi-fw bwi-unarchive" aria-hidden="true"></i>
+                {{ "unArchive" | i18n }}
+              </button>
+            }
 
             <button
               *ngIf="canRestoreSelected$ | async"
diff --git a/apps/web/src/app/vault/components/vault-items/vault-items.component.ts b/apps/web/src/app/vault/components/vault-items/vault-items.component.ts
index 7deaa2ff75e..3511257d6da 100644
--- a/apps/web/src/app/vault/components/vault-items/vault-items.component.ts
+++ b/apps/web/src/app/vault/components/vault-items/vault-items.component.ts
@@ -277,7 +277,12 @@ export class VaultItemsComponent<C extends CipherViewLike> {
 
   get bulkArchiveAllowed() {
     const hasCollectionsSelected = this.selection.selected.some((item) => item.collection);
-    if (this.selection.selected.length === 0 || !this.userCanArchive || hasCollectionsSelected) {
+    if (
+      this.selection.selected.length === 0 ||
+      !this.userCanArchive ||
+      hasCollectionsSelected ||
+      this.showBulkTrashOptions
+    ) {
       return false;
     }
 
@@ -291,7 +296,7 @@ export class VaultItemsComponent<C extends CipherViewLike> {
 
   // Bulk Unarchive button should appear for Archive vault even if user does not have archive permissions
   get bulkUnarchiveAllowed() {
-    if (this.selection.selected.length === 0) {
+    if (this.selection.selected.length === 0 || this.showBulkTrashOptions) {
       return false;
     }
 
diff --git a/apps/web/src/app/vault/individual-vault/vault.component.ts b/apps/web/src/app/vault/individual-vault/vault.component.ts
index 527df0b5370..5ca3a11d5ab 100644
--- a/apps/web/src/app/vault/individual-vault/vault.component.ts
+++ b/apps/web/src/app/vault/individual-vault/vault.component.ts
@@ -1271,6 +1271,7 @@ export class VaultComponent<C extends CipherViewLike> implements OnInit, OnDestr
   }
 
   restore = async (c: C): Promise<boolean> => {
+    let toastMessage;
     if (!CipherViewLikeUtils.isDeleted(c)) {
       return;
     }
@@ -1284,13 +1285,19 @@ export class VaultComponent<C extends CipherViewLike> implements OnInit, OnDestr
       return;
     }
 
+    if (CipherViewLikeUtils.isArchived(c)) {
+      toastMessage = this.i18nService.t("archivedItemRestored");
+    } else {
+      toastMessage = this.i18nService.t("restoredItem");
+    }
+
     try {
       const activeUserId = await firstValueFrom(this.accountService.activeAccount$.pipe(getUserId));
       await this.cipherService.restoreWithServer(uuidAsString(c.id), activeUserId);
       this.toastService.showToast({
         variant: "success",
         title: null,
-        message: this.i18nService.t("restoredItem"),
+        message: toastMessage,
       });
       this.refresh();
     } catch (e) {
@@ -1299,11 +1306,18 @@ export class VaultComponent<C extends CipherViewLike> implements OnInit, OnDestr
   };
 
   async bulkRestore(ciphers: C[]) {
+    let toastMessage;
     if (ciphers.some((c) => !c.edit)) {
       this.showMissingPermissionsError();
       return;
     }
 
+    if (ciphers.some((c) => !CipherViewLikeUtils.isArchived(c))) {
+      toastMessage = this.i18nService.t("restoredItems");
+    } else {
+      toastMessage = this.i18nService.t("archivedItemsRestored");
+    }
+
     if (!(await this.repromptCipher(ciphers))) {
       return;
     }
@@ -1323,7 +1337,7 @@ export class VaultComponent<C extends CipherViewLike> implements OnInit, OnDestr
     this.toastService.showToast({
       variant: "success",
       title: null,
-      message: this.i18nService.t("restoredItems"),
+      message: toastMessage,
     });
     this.refresh();
   }
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index 81e5adde6ec..74a873f94e4 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -5427,6 +5427,12 @@
   "restoreSelected": {
     "message": "Restore selected"
   },
+  "archivedItemRestored": {
+    "message": "Archived item restored"
+  },
+  "archivedItemsRestored": {
+    "message": "Archived items restored"
+  },
   "restoredItem": {
     "message": "Item restored"
   },
@@ -5918,6 +5924,37 @@
       }
     }
   },
+  "centralizeDataOwnership":{
+    "message": "Centralize organization ownership"
+  },
+  "centralizeDataOwnershipDesc":{
+    "message": "All member items will be owned and managed by the organization. Admins and owners are exempt. "
+  },
+  "centralizeDataOwnershipContentAnchor": {
+    "message": "Learn more about centralized ownership",
+    "description": "This will be used as a hyperlink"
+  },
+  "benefits":{
+    "message": "Benefits"
+  },
+  "centralizeDataOwnershipBenefit1":{
+    "message": "Gain full visibility into credential health, including shared and unshared items."
+  },
+  "centralizeDataOwnershipBenefit2":{
+    "message": "Easily transfer items during member offboarding and succession, ensuring there are no access gaps."
+  },
+  "centralizeDataOwnershipBenefit3":{
+    "message": "Give all users a dedicated \"My Items\" space for managing their own logins."
+  },
+  "centralizeDataOwnershipWarningTitle": {
+    "message": "Prompt members to transfer their items"
+  },
+  "centralizeDataOwnershipWarningDesc": {
+    "message": "If members have items in their individual vault, they will be prompted to either transfer them to the organization or leave. If they leave, their access is revoked but can be restored anytime."
+  },
+  "centralizeDataOwnershipWarningLink": {
+    "message": "Learn more about the transfer"
+  },
   "organizationDataOwnership": {
     "message": "Enforce organization data ownership"
   },
diff --git a/libs/angular/src/vault/index.ts b/libs/angular/src/vault/index.ts
index b9131338a45..a89be7bc2c4 100644
--- a/libs/angular/src/vault/index.ts
+++ b/libs/angular/src/vault/index.ts
@@ -1,4 +1,8 @@
 // Note: Nudge related code is exported from `libs/angular` because it is consumed by multiple
 // `libs/*` packages. Exporting from the `libs/vault` package creates circular dependencies.
 export { NudgesService, NudgeStatus, NudgeType } from "./services/nudges.service";
-export { AUTOFILL_NUDGE_SERVICE } from "./services/nudge-injection-tokens";
+export {
+  AUTOFILL_NUDGE_SERVICE,
+  AUTO_CONFIRM_NUDGE_SERVICE,
+} from "./services/nudge-injection-tokens";
+export { AutoConfirmNudgeService } from "./services/custom-nudges-services";
diff --git a/libs/angular/src/vault/services/custom-nudges-services/README.md b/libs/angular/src/vault/services/custom-nudges-services/README.md
new file mode 100644
index 00000000000..f0759979de9
--- /dev/null
+++ b/libs/angular/src/vault/services/custom-nudges-services/README.md
@@ -0,0 +1,204 @@
+# Custom Nudge Services
+
+This folder contains custom implementations of `SingleNudgeService` that provide specialized logic for determining when nudges should be shown or dismissed.
+
+## Architecture Overview
+
+### Core Components
+
+- **`NudgesService`** (`../nudges.service.ts`) - The main service that components use to check nudge status and dismiss nudges
+- **`SingleNudgeService`** - Interface that all nudge services implement
+- **`DefaultSingleNudgeService`** - Base implementation that stores dismissed state in user state
+- **Custom nudge services** - Specialized implementations with additional logic
+
+### How It Works
+
+1. Components call `NudgesService.showNudgeSpotlight$()` or `showNudgeBadge$()` with a `NudgeType`
+2. `NudgesService` routes to the appropriate custom nudge service (or falls back to `DefaultSingleNudgeService`)
+3. The custom service returns a `NudgeStatus` indicating if the badge/spotlight should be shown
+4. Custom services can combine the persisted dismissed state with dynamic conditions (e.g., account age, vault contents)
+
+### NudgeStatus
+
+```typescript
+type NudgeStatus = {
+  hasBadgeDismissed: boolean; // True if the badge indicator should be hidden
+  hasSpotlightDismissed: boolean; // True if the spotlight/callout should be hidden
+};
+```
+
+## Service Categories
+
+### Universal Services
+
+These services work on **all clients** (browser, web, desktop) and use `@Injectable({ providedIn: "root" })`.
+
+| Service                           | Purpose                                                                |
+| --------------------------------- | ---------------------------------------------------------------------- |
+| `NewAccountNudgeService`          | Auto-dismisses after account is 30 days old                            |
+| `NewItemNudgeService`             | Checks cipher counts for "add first item" nudges                       |
+| `HasItemsNudgeService`            | Checks if vault has items                                              |
+| `EmptyVaultNudgeService`          | Checks empty vault state                                               |
+| `AccountSecurityNudgeService`     | Checks security settings (PIN, biometrics)                             |
+| `VaultSettingsImportNudgeService` | Checks import status                                                   |
+| `NoOpNudgeService`                | Always returns dismissed (used as fallback for client specific nudges) |
+
+### Client-Specific Services
+
+These services require **platform-specific features** and must be explicitly registered in each client that supports them.
+
+| Service                       | Clients      | Requires                               |
+| ----------------------------- | ------------ | -------------------------------------- |
+| `AutoConfirmNudgeService`     | Browser only | `AutomaticUserConfirmationService`     |
+| `BrowserAutofillNudgeService` | Browser only | `BrowserApi` (lives in `apps/browser`) |
+
+## Adding a New Nudge Service
+
+### Step 1: Determine if Universal or Client-Specific
+
+**Universal** - If your service only depends on:
+
+- `StateProvider`
+- Services available in all clients (e.g., `CipherService`, `OrganizationService`)
+
+**Client-Specific** - If your service depends on:
+
+- Browser APIs (`BrowserApi`, autofill services)
+- Services only available in certain clients
+- Platform-specific features
+
+### Step 2: Create the Service
+
+#### For Universal Services
+
+```typescript
+// my-nudge.service.ts
+import { Injectable } from "@angular/core";
+import { combineLatest, map, Observable } from "rxjs";
+
+import { StateProvider } from "@bitwarden/common/platform/state";
+import { UserId } from "@bitwarden/common/types/guid";
+
+import { DefaultSingleNudgeService } from "../default-single-nudge.service";
+import { NudgeStatus, NudgeType } from "../nudges.service";
+
+@Injectable({ providedIn: "root" })
+export class MyNudgeService extends DefaultSingleNudgeService {
+  constructor(
+    stateProvider: StateProvider,
+    private myDependency: MyDependency, // Must be available in all clients
+  ) {
+    super(stateProvider);
+  }
+
+  nudgeStatus$(nudgeType: NudgeType, userId: UserId): Observable<NudgeStatus> {
+    return combineLatest([
+      this.getNudgeStatus$(nudgeType, userId), // Gets persisted dismissed state
+      this.myDependency.someData$,
+    ]).pipe(
+      map(([persistedStatus, data]) => {
+        // Return dismissed if user already dismissed OR your condition is met
+        const autoDismiss = /* your logic */;
+        return {
+          hasBadgeDismissed: persistedStatus.hasBadgeDismissed || autoDismiss,
+          hasSpotlightDismissed: persistedStatus.hasSpotlightDismissed || autoDismiss,
+        };
+      }),
+    );
+  }
+}
+```
+
+#### For Client-Specific Services
+
+```typescript
+// my-client-specific-nudge.service.ts
+import { Injectable } from "@angular/core";
+import { combineLatest, map, Observable } from "rxjs";
+
+import { StateProvider } from "@bitwarden/common/platform/state";
+import { UserId } from "@bitwarden/common/types/guid";
+
+import { DefaultSingleNudgeService } from "../default-single-nudge.service";
+import { NudgeStatus, NudgeType } from "../nudges.service";
+
+@Injectable() // NO providedIn: "root"
+export class MyClientSpecificNudgeService extends DefaultSingleNudgeService {
+  constructor(
+    stateProvider: StateProvider,
+    private clientSpecificService: ClientSpecificService,
+  ) {
+    super(stateProvider);
+  }
+
+  nudgeStatus$(nudgeType: NudgeType, userId: UserId): Observable<NudgeStatus> {
+    return combineLatest([
+      this.getNudgeStatus$(nudgeType, userId),
+      this.clientSpecificService.someData$,
+    ]).pipe(
+      map(([persistedStatus, data]) => {
+        const autoDismiss = /* your logic */;
+        return {
+          hasBadgeDismissed: persistedStatus.hasBadgeDismissed || autoDismiss,
+          hasSpotlightDismissed: persistedStatus.hasSpotlightDismissed || autoDismiss,
+        };
+      }),
+    );
+  }
+}
+```
+
+### Step 3: Add NudgeType
+
+Add your nudge type to `NudgeType` in `../nudges.service.ts`:
+
+```typescript
+export const NudgeType = {
+  // ... existing types
+  MyNewNudge: "my-new-nudge",
+} as const;
+```
+
+### Step 4: Register in NudgesService
+
+#### For Universal Services
+
+Add to `customNudgeServices` map in `../nudges.service.ts`:
+
+```typescript
+private customNudgeServices: Partial<Record<NudgeType, SingleNudgeService>> = {
+  // ... existing
+  [NudgeType.MyNewNudge]: inject(MyNudgeService),
+};
+```
+
+#### For Client-Specific Services
+
+1. **Add injection token** in `../nudge-injection-tokens.ts`:
+
+```typescript
+export const MY_NUDGE_SERVICE = new InjectionToken<SingleNudgeService>("MyNudgeService");
+```
+
+2. **Inject with optional** in `../nudges.service.ts`:
+
+```typescript
+private myNudgeService = inject(MY_NUDGE_SERVICE, { optional: true });
+
+private customNudgeServices = {
+  // ... existing
+  [NudgeType.MyNewNudge]: this.myNudgeService ?? this.noOpNudgeService,
+};
+```
+
+3. **Register in each supporting client** (e.g., `apps/browser/src/popup/services/services.module.ts`):
+
+```typescript
+import { MY_NUDGE_SERVICE } from "@bitwarden/angular/vault";
+
+safeProvider({
+  provide: MY_NUDGE_SERVICE as SafeInjectionToken<SingleNudgeService>,
+  useClass: MyClientSpecificNudgeService,
+  deps: [StateProvider, ClientSpecificService],
+}),
+```
diff --git a/libs/angular/src/vault/services/custom-nudges-services/auto-confirm-nudge.service.ts b/libs/angular/src/vault/services/custom-nudges-services/auto-confirm-nudge.service.ts
index 52fc87d7604..9fe843e50e0 100644
--- a/libs/angular/src/vault/services/custom-nudges-services/auto-confirm-nudge.service.ts
+++ b/libs/angular/src/vault/services/custom-nudges-services/auto-confirm-nudge.service.ts
@@ -1,15 +1,24 @@
-import { inject, Injectable } from "@angular/core";
+import { Injectable } from "@angular/core";
 import { combineLatest, map, Observable } from "rxjs";
 
 import { AutomaticUserConfirmationService } from "@bitwarden/auto-confirm";
+import { StateProvider } from "@bitwarden/common/platform/state";
 import { UserId } from "@bitwarden/user-core";
 
 import { DefaultSingleNudgeService } from "../default-single-nudge.service";
 import { NudgeType, NudgeStatus } from "../nudges.service";
 
-@Injectable({ providedIn: "root" })
+/**
+ * Browser specific nudge service for auto-confirm nudge.
+ */
+@Injectable()
 export class AutoConfirmNudgeService extends DefaultSingleNudgeService {
-  autoConfirmService = inject(AutomaticUserConfirmationService);
+  constructor(
+    stateProvider: StateProvider,
+    private autoConfirmService: AutomaticUserConfirmationService,
+  ) {
+    super(stateProvider);
+  }
 
   nudgeStatus$(nudgeType: NudgeType, userId: UserId): Observable<NudgeStatus> {
     return combineLatest([
diff --git a/libs/angular/src/vault/services/custom-nudges-services/new-account-nudge.service.ts b/libs/angular/src/vault/services/custom-nudges-services/new-account-nudge.service.ts
index 39af9a2e4aa..8c18da8a103 100644
--- a/libs/angular/src/vault/services/custom-nudges-services/new-account-nudge.service.ts
+++ b/libs/angular/src/vault/services/custom-nudges-services/new-account-nudge.service.ts
@@ -1,10 +1,11 @@
-import { Injectable, inject } from "@angular/core";
+import { Injectable } from "@angular/core";
 import { Observable, combineLatest, from, map, of } from "rxjs";
 import { catchError } from "rxjs/operators";
 
 import { VaultProfileService } from "@bitwarden/angular/vault/services/vault-profile.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import { UserId } from "@bitwarden/common/types/guid";
+import { StateProvider } from "@bitwarden/state";
 
 import { DefaultSingleNudgeService } from "../default-single-nudge.service";
 import { NudgeStatus, NudgeType } from "../nudges.service";
@@ -18,8 +19,13 @@ const THIRTY_DAYS_MS = 30 * 24 * 60 * 60 * 1000;
   providedIn: "root",
 })
 export class NewAccountNudgeService extends DefaultSingleNudgeService {
-  vaultProfileService = inject(VaultProfileService);
-  logService = inject(LogService);
+  constructor(
+    stateProvider: StateProvider,
+    private vaultProfileService: VaultProfileService,
+    private logService: LogService,
+  ) {
+    super(stateProvider);
+  }
 
   nudgeStatus$(nudgeType: NudgeType, userId: UserId): Observable<NudgeStatus> {
     const profileDate$ = from(this.vaultProfileService.getProfileCreationDate(userId)).pipe(
diff --git a/libs/angular/src/vault/services/default-single-nudge.service.ts b/libs/angular/src/vault/services/default-single-nudge.service.ts
index 8abc344c4a0..06c08371f41 100644
--- a/libs/angular/src/vault/services/default-single-nudge.service.ts
+++ b/libs/angular/src/vault/services/default-single-nudge.service.ts
@@ -1,4 +1,4 @@
-import { inject, Injectable } from "@angular/core";
+import { Injectable } from "@angular/core";
 import { map, Observable } from "rxjs";
 
 import { StateProvider } from "@bitwarden/common/platform/state";
@@ -22,7 +22,11 @@ export interface SingleNudgeService {
   providedIn: "root",
 })
 export class DefaultSingleNudgeService implements SingleNudgeService {
-  stateProvider = inject(StateProvider);
+  protected stateProvider: StateProvider;
+
+  constructor(stateProvider: StateProvider) {
+    this.stateProvider = stateProvider;
+  }
 
   protected getNudgeStatus$(nudgeType: NudgeType, userId: UserId): Observable<NudgeStatus> {
     return this.stateProvider
diff --git a/libs/angular/src/vault/services/nudge-injection-tokens.ts b/libs/angular/src/vault/services/nudge-injection-tokens.ts
index 52a0838d356..43db5ec1dc6 100644
--- a/libs/angular/src/vault/services/nudge-injection-tokens.ts
+++ b/libs/angular/src/vault/services/nudge-injection-tokens.ts
@@ -2,6 +2,25 @@ import { InjectionToken } from "@angular/core";
 
 import { SingleNudgeService } from "./default-single-nudge.service";
 
+/**
+ * Injection tokens for client specific nudge services.
+ *
+ * These services require platform-specific features and must be explicitly
+ * provided by each client that supports them. If not provided, NudgesService
+ * falls back to NoOpNudgeService.
+ *
+ * Client specific services should use constructor injection (not inject())
+ * to maintain safeProvider type safety.
+ *
+ * Universal services use @Injectable({ providedIn: "root" }) and can use inject().
+ */
+
+/** Browser: Requires BrowserApi  */
 export const AUTOFILL_NUDGE_SERVICE = new InjectionToken<SingleNudgeService>(
   "AutofillNudgeService",
 );
+
+/** Browser: Requires AutomaticUserConfirmationService */
+export const AUTO_CONFIRM_NUDGE_SERVICE = new InjectionToken<SingleNudgeService>(
+  "AutoConfirmNudgeService",
+);
diff --git a/libs/angular/src/vault/services/nudges.service.ts b/libs/angular/src/vault/services/nudges.service.ts
index afd0d184d6e..a8a8feb073f 100644
--- a/libs/angular/src/vault/services/nudges.service.ts
+++ b/libs/angular/src/vault/services/nudges.service.ts
@@ -12,11 +12,10 @@ import {
   NewItemNudgeService,
   AccountSecurityNudgeService,
   VaultSettingsImportNudgeService,
-  AutoConfirmNudgeService,
   NoOpNudgeService,
 } from "./custom-nudges-services";
 import { DefaultSingleNudgeService, SingleNudgeService } from "./default-single-nudge.service";
-import { AUTOFILL_NUDGE_SERVICE } from "./nudge-injection-tokens";
+import { AUTOFILL_NUDGE_SERVICE, AUTO_CONFIRM_NUDGE_SERVICE } from "./nudge-injection-tokens";
 
 export type NudgeStatus = {
   hasBadgeDismissed: boolean;
@@ -63,12 +62,21 @@ export class NudgesService {
   // NoOp service that always returns dismissed
   private noOpNudgeService = inject(NoOpNudgeService);
 
-  // Optional Browser-specific service provided via injection token (not all clients have autofill)
+  // Client specific services (optional, via injection tokens)
+  // These services require platform-specific features and fallback to NoOpNudgeService if not provided
+
   private autofillNudgeService = inject(AUTOFILL_NUDGE_SERVICE, { optional: true });
+  private autoConfirmNudgeService = inject(AUTO_CONFIRM_NUDGE_SERVICE, { optional: true });
 
   /**
    * Custom nudge services to use for specific nudge types
    * Each nudge type can have its own service to determine when to show the nudge
+   *
+   * NOTE: If a custom nudge service requires client specific services/features:
+   *  1. The custom nudge service must be provided via injection token and marked as optional.
+   *  2. The custom nudge service must be manually registered with that token in the client(s).
+   *
+   *  See the README.md in the custom-nudge-services folder for more details on adding custom nudges.
    * @private
    */
   private customNudgeServices: Partial<Record<NudgeType, SingleNudgeService>> = {
@@ -84,7 +92,7 @@ export class NudgesService {
     [NudgeType.NewIdentityItemStatus]: this.newItemNudgeService,
     [NudgeType.NewNoteItemStatus]: this.newItemNudgeService,
     [NudgeType.NewSshItemStatus]: this.newItemNudgeService,
-    [NudgeType.AutoConfirmNudge]: inject(AutoConfirmNudgeService),
+    [NudgeType.AutoConfirmNudge]: this.autoConfirmNudgeService ?? this.noOpNudgeService,
   };
 
   /**
diff --git a/libs/common/src/enums/feature-flag.enum.ts b/libs/common/src/enums/feature-flag.enum.ts
index 0f834abbe2a..9f6beb5f81e 100644
--- a/libs/common/src/enums/feature-flag.enum.ts
+++ b/libs/common/src/enums/feature-flag.enum.ts
@@ -23,6 +23,7 @@ export enum FeatureFlag {
   MacOsNativeCredentialSync = "macos-native-credential-sync",
   WindowsDesktopAutotype = "windows-desktop-autotype",
   WindowsDesktopAutotypeGA = "windows-desktop-autotype-ga",
+  SSHAgentV2 = "ssh-agent-v2",
 
   /* Billing */
   TrialPaymentOptional = "PM-8163-trial-payment",
@@ -107,6 +108,7 @@ export const DefaultFeatureFlagValue = {
   [FeatureFlag.MacOsNativeCredentialSync]: FALSE,
   [FeatureFlag.WindowsDesktopAutotype]: FALSE,
   [FeatureFlag.WindowsDesktopAutotypeGA]: FALSE,
+  [FeatureFlag.SSHAgentV2]: FALSE,
 
   /* Tools */
   [FeatureFlag.UseSdkPasswordGenerators]: FALSE,
diff --git a/libs/components/src/breadcrumbs/breadcrumbs.component.html b/libs/components/src/breadcrumbs/breadcrumbs.component.html
index ee5ad79c739..d666c641572 100644
--- a/libs/components/src/breadcrumbs/breadcrumbs.component.html
+++ b/libs/components/src/breadcrumbs/breadcrumbs.component.html
@@ -2,7 +2,6 @@
   @if (breadcrumb.route(); as route) {
     <a
       bitLink
-      linkType="primary"
       class="tw-my-2 tw-inline-block"
       [routerLink]="route"
       [queryParams]="breadcrumb.queryParams()"
@@ -14,7 +13,6 @@
     <button
       type="button"
       bitLink
-      linkType="primary"
       class="tw-my-2 tw-inline-block"
       (click)="breadcrumb.onClick($event)"
     >
@@ -42,7 +40,6 @@
       @if (breadcrumb.route(); as route) {
         <a
           bitMenuItem
-          linkType="primary"
           [routerLink]="route"
           [queryParams]="breadcrumb.queryParams()"
           [queryParamsHandling]="breadcrumb.queryParamsHandling()"
@@ -50,7 +47,7 @@
           <ng-container [ngTemplateOutlet]="breadcrumb.content()"></ng-container>
         </a>
       } @else {
-        <button type="button" bitMenuItem linkType="primary" (click)="breadcrumb.onClick($event)">
+        <button type="button" bitMenuItem (click)="breadcrumb.onClick($event)">
           <ng-container [ngTemplateOutlet]="breadcrumb.content()"></ng-container>
         </button>
       }
@@ -61,7 +58,6 @@
     @if (breadcrumb.route(); as route) {
       <a
         bitLink
-        linkType="primary"
         class="tw-my-2 tw-inline-block"
         [routerLink]="route"
         [queryParams]="breadcrumb.queryParams()"
@@ -73,7 +69,6 @@
       <button
         type="button"
         bitLink
-        linkType="primary"
         class="tw-my-2 tw-inline-block"
         (click)="breadcrumb.onClick($event)"
       >
diff --git a/libs/components/src/link/link.directive.ts b/libs/components/src/link/link.directive.ts
index e6de8ac8402..62f0d8b878f 100644
--- a/libs/components/src/link/link.directive.ts
+++ b/libs/components/src/link/link.directive.ts
@@ -3,21 +3,34 @@ import { input, HostBinding, Directive, inject, ElementRef, booleanAttribute } f
 import { AriaDisableDirective } from "../a11y";
 import { ariaDisableElement } from "../utils";
 
-export type LinkType = "primary" | "secondary" | "contrast" | "light";
+export const LinkTypes = [
+  "primary",
+  "secondary",
+  "contrast",
+  "light",
+  "default",
+  "subtle",
+  "success",
+  "warning",
+  "danger",
+] as const;
+
+export type LinkType = (typeof LinkTypes)[number];
 
 const linkStyles: Record<LinkType, string[]> = {
-  primary: [
-    "!tw-text-primary-600",
-    "hover:!tw-text-primary-700",
-    "focus-visible:before:tw-ring-primary-600",
-  ],
-  secondary: ["!tw-text-main", "hover:!tw-text-main", "focus-visible:before:tw-ring-primary-600"],
+  primary: ["tw-text-fg-brand", "hover:tw-text-fg-brand-strong"],
+  default: ["tw-text-fg-brand", "hover:tw-text-fg-brand-strong"],
+  secondary: ["tw-text-fg-heading", "hover:tw-text-fg-heading"],
+  light: ["tw-text-fg-white", "hover:tw-text-fg-white", "focus-visible:before:tw-ring-fg-contrast"],
+  subtle: ["!tw-text-fg-heading", "hover:tw-text-fg-heading"],
+  success: ["tw-text-fg-success", "hover:tw-text-fg-success-strong"],
+  warning: ["tw-text-fg-warning", "hover:tw-text-fg-warning-strong"],
+  danger: ["tw-text-fg-danger", "hover:tw-text-fg-danger-strong"],
   contrast: [
-    "!tw-text-contrast",
-    "hover:!tw-text-contrast",
-    "focus-visible:before:tw-ring-text-contrast",
+    "tw-text-fg-contrast",
+    "hover:tw-text-fg-contrast",
+    "focus-visible:before:tw-ring-fg-contrast",
   ],
-  light: ["!tw-text-alt2", "hover:!tw-text-alt2", "focus-visible:before:tw-ring-text-alt2"],
 };
 
 const commonStyles = [
@@ -32,16 +45,18 @@ const commonStyles = [
   "tw-rounded",
   "tw-transition",
   "tw-no-underline",
+  "tw-cursor-pointer",
   "hover:tw-underline",
   "hover:tw-decoration-1",
   "disabled:tw-no-underline",
   "disabled:tw-cursor-not-allowed",
-  "disabled:!tw-text-secondary-300",
-  "disabled:hover:!tw-text-secondary-300",
+  "disabled:!tw-text-fg-disabled",
+  "disabled:hover:!tw-text-fg-disabled",
   "disabled:hover:tw-no-underline",
   "focus-visible:tw-outline-none",
   "focus-visible:tw-underline",
   "focus-visible:tw-decoration-1",
+  "focus-visible:before:tw-ring-border-focus",
 
   // Workaround for html button tag not being able to be set to `display: inline`
   // and at the same time not being able to use `tw-ring-offset` because of box-shadow issue.
@@ -63,14 +78,14 @@ const commonStyles = [
   "focus-visible:tw-z-10",
   "aria-disabled:tw-no-underline",
   "aria-disabled:tw-pointer-events-none",
-  "aria-disabled:!tw-text-secondary-300",
-  "aria-disabled:hover:!tw-text-secondary-300",
+  "aria-disabled:!tw-text-fg-disabled",
+  "aria-disabled:hover:!tw-text-fg-disabled",
   "aria-disabled:hover:tw-no-underline",
 ];
 
 @Directive()
 abstract class LinkDirective {
-  readonly linkType = input<LinkType>("primary");
+  readonly linkType = input<LinkType>("default");
 }
 
 /**
diff --git a/libs/components/src/link/link.mdx b/libs/components/src/link/link.mdx
index 072e0dd84d8..4954effb6c0 100644
--- a/libs/components/src/link/link.mdx
+++ b/libs/components/src/link/link.mdx
@@ -18,10 +18,15 @@ import { LinkModule } from "@bitwarden/components";
 
 You can use one of the following variants by providing it as the `linkType` input:
 
-- `primary` - most common, uses brand color
-- `secondary` - matches the main text color
+- @deprecated `primary` => use `default` instead
+- @deprecated `secondary` => use `subtle` instead
+- `default` - most common, uses brand color
+- `subtle` - matches the main text color
 - `contrast` - for high contrast against a dark background (or a light background in dark mode)
 - `light` - always a light color, even in dark mode
+- `warning` - used in association with warning callouts/banners
+- `success` - used in association with success callouts/banners
+- `danger` - used in association with danger callouts/banners
 
 ## Sizes
 
diff --git a/libs/components/src/link/link.stories.ts b/libs/components/src/link/link.stories.ts
index ae91c9be108..d27c4f74332 100644
--- a/libs/components/src/link/link.stories.ts
+++ b/libs/components/src/link/link.stories.ts
@@ -2,7 +2,7 @@ import { Meta, StoryObj, moduleMetadata } from "@storybook/angular";
 
 import { formatArgsForCodeSnippet } from "../../../../.storybook/format-args-for-code-snippet";
 
-import { AnchorLinkDirective, ButtonLinkDirective } from "./link.directive";
+import { AnchorLinkDirective, ButtonLinkDirective, LinkTypes } from "./link.directive";
 import { LinkModule } from "./link.module";
 
 export default {
@@ -14,7 +14,7 @@ export default {
   ],
   argTypes: {
     linkType: {
-      options: ["primary", "secondary", "contrast"],
+      options: LinkTypes.map((type) => type),
       control: { type: "radio" },
     },
   },
@@ -30,48 +30,153 @@ type Story = StoryObj<ButtonLinkDirective>;
 
 export const Default: Story = {
   render: (args) => ({
+    props: {
+      linkType: args.linkType,
+      backgroundClass:
+        args.linkType === "contrast"
+          ? "tw-bg-bg-contrast"
+          : args.linkType === "light"
+            ? "tw-bg-bg-brand"
+            : "tw-bg-transparent",
+    },
     template: /*html*/ `
-      <a bitLink ${formatArgsForCodeSnippet<ButtonLinkDirective>(args)}>Your text here</a>
+      <div class="tw-p-2" [class]="backgroundClass">
+        <a bitLink href="" ${formatArgsForCodeSnippet<ButtonLinkDirective>(args)}>Your text here</a>
+      </div>
     `,
   }),
+  args: {
+    linkType: "primary",
+  },
+  parameters: {
+    chromatic: { disableSnapshot: true },
+  },
+};
+
+export const AllVariations: Story = {
+  render: () => ({
+    template: /*html*/ `
+      <div class="tw-flex tw-flex-col tw-gap-6">
+        <div class="tw-flex tw-gap-4 tw-p-2">
+          <a bitLink linkType="primary" href="#">Primary</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2">
+          <a bitLink linkType="secondary" href="#">Secondary</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2 tw-bg-bg-contrast">
+          <a bitLink linkType="contrast" href="#">Contrast</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2 tw-bg-bg-brand">
+          <a bitLink linkType="light" href="#">Light</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2">
+          <a bitLink linkType="default" href="#">Default</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2">
+          <a bitLink linkType="subtle" href="#">Subtle</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2">
+          <a bitLink linkType="success" href="#">Success</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2">
+          <a bitLink linkType="warning" href="#">Warning</a>
+        </div>
+        <div class="tw-flex tw-gap-4 tw-p-2">
+          <a bitLink linkType="danger" href="#">Danger</a>
+        </div>
+      </div>
+    `,
+  }),
+  parameters: {
+    controls: {
+      exclude: ["linkType"],
+      hideNoControlsWarning: true,
+    },
+  },
 };
 
 export const InteractionStates: Story = {
   render: () => ({
     template: /*html*/ `
-      <div class="tw-flex tw-gap-4 tw-p-2 tw-mb-6">
+      <div class="tw-flex tw-flex-col tw-gap-6">
+        <div class="tw-flex tw-gap-4 tw-p-2">
         <a bitLink linkType="primary" href="#">Primary</a>
         <a bitLink linkType="primary" href="#" class="tw-test-hover">Primary</a>
         <a bitLink linkType="primary" href="#" class="tw-test-focus-visible">Primary</a>
         <a bitLink linkType="primary" href="#" class="tw-test-hover tw-test-focus-visible">Primary</a>
       </div>
-      <div class="tw-flex tw-gap-4 tw-p-2 tw-mb-6">
+      <div class="tw-flex tw-gap-4 tw-p-2">
         <a bitLink linkType="secondary" href="#">Secondary</a>
         <a bitLink linkType="secondary" href="#" class="tw-test-hover">Secondary</a>
         <a bitLink linkType="secondary" href="#" class="tw-test-focus-visible">Secondary</a>
         <a bitLink linkType="secondary" href="#" class="tw-test-hover tw-test-focus-visible">Secondary</a>
       </div>
-      <div class="tw-flex tw-gap-4 tw-p-2 tw-mb-6 tw-bg-primary-600">
+      <div class="tw-flex tw-gap-4 tw-p-2 tw-bg-bg-contrast">
         <a bitLink linkType="contrast" href="#">Contrast</a>
         <a bitLink linkType="contrast" href="#" class="tw-test-hover">Contrast</a>
         <a bitLink linkType="contrast" href="#" class="tw-test-focus-visible">Contrast</a>
         <a bitLink linkType="contrast" href="#" class="tw-test-hover tw-test-focus-visible">Contrast</a>
       </div>
-      <div class="tw-flex tw-gap-4 tw-p-2 tw-mb-6 tw-bg-primary-600">
+      <div class="tw-flex tw-gap-4 tw-p-2 tw-bg-bg-brand">
         <a bitLink linkType="light" href="#">Light</a>
         <a bitLink linkType="light" href="#" class="tw-test-hover">Light</a>
         <a bitLink linkType="light" href="#" class="tw-test-focus-visible">Light</a>
         <a bitLink linkType="light" href="#" class="tw-test-hover tw-test-focus-visible">Light</a>
       </div>
+      <div class="tw-flex tw-gap-4 tw-p-2">
+        <a bitLink linkType="default" href="#">Default</a>
+        <a bitLink linkType="default" href="#" class="tw-test-hover">Default</a>
+        <a bitLink linkType="default" href="#" class="tw-test-focus-visible">Default</a>
+        <a bitLink linkType="default" href="#" class="tw-test-hover tw-test-focus-visible">Default</a>
+      </div>
+      <div class="tw-flex tw-gap-4 tw-p-2">
+        <a bitLink linkType="subtle" href="#">Subtle</a>
+        <a bitLink linkType="subtle" href="#" class="tw-test-hover">Subtle</a>
+        <a bitLink linkType="subtle" href="#" class="tw-test-focus-visible">Subtle</a>
+        <a bitLink linkType="subtle" href="#" class="tw-test-hover tw-test-focus-visible">Subtle</a>
+      </div>
+      <div class="tw-flex tw-gap-4 tw-p-2">
+        <a bitLink linkType="success" href="#">Success</a>
+        <a bitLink linkType="success" href="#" class="tw-test-hover">Success</a>
+        <a bitLink linkType="success" href="#" class="tw-test-focus-visible">Success</a>
+        <a bitLink linkType="success" href="#" class="tw-test-hover tw-test-focus-visible">Success</a>
+      </div>
+      <div class="tw-flex tw-gap-4 tw-p-2">
+        <a bitLink linkType="warning" href="#">Warning</a>
+        <a bitLink linkType="warning" href="#" class="tw-test-hover">Warning</a>
+        <a bitLink linkType="warning" href="#" class="tw-test-focus-visible">Warning</a>
+        <a bitLink linkType="warning" href="#" class="tw-test-hover tw-test-focus-visible">Warning</a>
+      </div>
+      <div class="tw-flex tw-gap-4 tw-p-2">
+        <a bitLink linkType="danger" href="#">Danger</a>
+        <a bitLink linkType="danger" href="#" class="tw-test-hover">Danger</a>
+        <a bitLink linkType="danger" href="#" class="tw-test-focus-visible">Danger</a>
+        <a bitLink linkType="danger" href="#" class="tw-test-hover tw-test-focus-visible">Danger</a>
+      </div>
+      </div>
     `,
   }),
+  parameters: {
+    controls: {
+      exclude: ["linkType"],
+      hideNoControlsWarning: true,
+    },
+  },
 };
 
 export const Buttons: Story = {
   render: (args) => ({
-    props: args,
+    props: {
+      linkType: args.linkType,
+      backgroundClass:
+        args.linkType === "contrast"
+          ? "tw-bg-bg-contrast"
+          : args.linkType === "light"
+            ? "tw-bg-bg-brand"
+            : "tw-bg-transparent",
+    },
     template: /*html*/ `
-    <div class="tw-p-2" [ngClass]="{ 'tw-bg-transparent': linkType != 'contrast', 'tw-bg-primary-600': linkType === 'contrast' }">
+    <div class="tw-p-2" [class]="backgroundClass">
       <div class="tw-block tw-p-2">
         <button type="button" bitLink [linkType]="linkType">Button</button>
       </div>
@@ -100,9 +205,17 @@ export const Buttons: Story = {
 
 export const Anchors: StoryObj<AnchorLinkDirective> = {
   render: (args) => ({
-    props: args,
+    props: {
+      linkType: args.linkType,
+      backgroundClass:
+        args.linkType === "contrast"
+          ? "tw-bg-bg-contrast"
+          : args.linkType === "light"
+            ? "tw-bg-bg-brand"
+            : "tw-bg-transparent",
+    },
     template: /*html*/ `
-    <div class="tw-p-2" [ngClass]="{ 'tw-bg-transparent': linkType != 'contrast', 'tw-bg-primary-600': linkType === 'contrast' }">
+    <div class="tw-p-2" [class]="backgroundClass">
       <div class="tw-block tw-p-2">
         <a bitLink [linkType]="linkType" href="#">Anchor</a>
       </div>
@@ -138,18 +251,15 @@ export const Inline: Story = {
       </span>
     `,
   }),
-  args: {
-    linkType: "primary",
-  },
 };
 
-export const Disabled: Story = {
+export const Inactive: Story = {
   render: (args) => ({
     props: args,
     template: /*html*/ `
       <button type="button" bitLink disabled linkType="primary" class="tw-me-2">Primary</button>
       <button type="button" bitLink disabled linkType="secondary" class="tw-me-2">Secondary</button>
-      <div class="tw-bg-primary-600 tw-p-2 tw-inline-block">
+      <div class="tw-bg-bg-contrast tw-p-2 tw-inline-block">
         <button type="button" bitLink disabled linkType="contrast">Contrast</button>
       </div>
     `,
diff --git a/libs/components/src/stories/kitchen-sink/components/kitchen-sink-form.component.ts b/libs/components/src/stories/kitchen-sink/components/kitchen-sink-form.component.ts
index 23c95cafb8a..e54064f0c9d 100644
--- a/libs/components/src/stories/kitchen-sink/components/kitchen-sink-form.component.ts
+++ b/libs/components/src/stories/kitchen-sink/components/kitchen-sink-form.component.ts
@@ -73,7 +73,6 @@ import { KitchenSinkSharedModule } from "../kitchen-sink-shared.module";
           A random password
           <button
             bitLink
-            linkType="primary"
             [bitPopoverTriggerFor]="myPopover"
             #triggerRef="popoverTrigger"
             type="button"
diff --git a/libs/components/src/stories/kitchen-sink/components/kitchen-sink-main.component.ts b/libs/components/src/stories/kitchen-sink/components/kitchen-sink-main.component.ts
index 81b5e1b49c5..d935061d5e3 100644
--- a/libs/components/src/stories/kitchen-sink/components/kitchen-sink-main.component.ts
+++ b/libs/components/src/stories/kitchen-sink/components/kitchen-sink-main.component.ts
@@ -112,13 +112,12 @@ class KitchenSinkDialogComponent {
 
     <div class="tw-my-6">
       <h1 bitTypography="h1">Bitwarden Kitchen Sink<bit-avatar text="Bit Warden"></bit-avatar></h1>
-      <a bitLink linkType="primary" href="#">This is a link</a>
+      <a bitLink href="#">This is a link</a>
       <p bitTypography="body1" class="tw-inline">
         &nbsp;and this is a link button popover trigger:&nbsp;
       </p>
       <button
         bitLink
-        linkType="primary"
         [bitPopoverTriggerFor]="myPopover"
         #triggerRef="popoverTrigger"
         type="button"
diff --git a/libs/vault/src/services/archive-cipher-utilities.service.spec.ts b/libs/vault/src/services/archive-cipher-utilities.service.spec.ts
index 5df1bff9a56..ea00f482987 100644
--- a/libs/vault/src/services/archive-cipher-utilities.service.spec.ts
+++ b/libs/vault/src/services/archive-cipher-utilities.service.spec.ts
@@ -120,5 +120,19 @@ describe("ArchiveCipherUtilitiesService", () => {
         message: "errorOccurred",
       });
     });
+
+    it("calls password reprompt check when unarchiving", async () => {
+      await service.unarchiveCipher(mockCipher);
+
+      expect(passwordRepromptService.passwordRepromptCheck).toHaveBeenCalledWith(mockCipher);
+    });
+
+    it("returns early when password reprompt fails on unarchive", async () => {
+      passwordRepromptService.passwordRepromptCheck.mockResolvedValue(false);
+
+      await service.unarchiveCipher(mockCipher);
+
+      expect(cipherArchiveService.unarchiveWithServer).not.toHaveBeenCalled();
+    });
   });
 });
diff --git a/libs/vault/src/services/archive-cipher-utilities.service.ts b/libs/vault/src/services/archive-cipher-utilities.service.ts
index 93e752b57dd..b747961a701 100644
--- a/libs/vault/src/services/archive-cipher-utilities.service.ts
+++ b/libs/vault/src/services/archive-cipher-utilities.service.ts
@@ -74,7 +74,14 @@ export class ArchiveCipherUtilitiesService {
    * @param cipher The cipher to unarchive
    * @returns The unarchived cipher on success, or undefined on failure
    */
-  async unarchiveCipher(cipher: CipherView) {
+  async unarchiveCipher(cipher: CipherView, skipReprompt = false) {
+    if (!skipReprompt) {
+      const repromptPassed = await this.passwordRepromptService.passwordRepromptCheck(cipher);
+      if (!repromptPassed) {
+        return;
+      }
+    }
+
     const userId = await firstValueFrom(this.accountService.activeAccount$.pipe(getUserId));
     try {
       const cipherResponse = await this.cipherArchiveService.unarchiveWithServer(