diff --git a/src/user.rs b/src/user.rs
index 8f29adc..615a99e 100644
--- a/src/user.rs
+++ b/src/user.rs
@@ -743,20 +743,66 @@ impl User {
             }
         } else {
             // LA has identified this bucket as blocked. This change
-            // will not be reverted, so replace the primary credential
-            // with a new level 0 credential and work on gaining trust
-            // for that one.
-            let res = Self::get_new_credential(&config).await;
-            if res.is_ok() {
-                let (new_cred, bl) = res.unwrap();
-                let fingerprint = bl.get_hashed_fingerprint();
-                if !bridges.contains_key(&fingerprint) {
-                    let bridge = Bridge::from_bridge_line(&bl);
-                    bridges.insert(fingerprint, bridge);
+            // will not be reverted, so either migrate or replace the
+            // primary credential with a new level 0 credential and work
+            // on gaining trust for that one.
+
+            // Migrate if able
+            if level >= MIN_TRUST_LEVEL {
+                if let Ok(migcred) = check_blockage(
+                    &config.la_net,
+                    &self.primary_cred,
+                    get_lox_pub(&config.la_pubkeys),
+                )
+                .await
+                {
+                    if let Ok(cred) = blockage_migration(
+                        &config.la_net,
+                        &self.primary_cred,
+                        &migcred,
+                        get_lox_pub(&config.la_pubkeys),
+                        get_migration_pub(&config.la_pubkeys),
+                    )
+                    .await
+                    {
+                        self.primary_cred = cred;
+
+                        // You can't migrate to level 3 or 4, so the
+                        // censor doesn't want this new credential
+
+                        // Download bucket to see if bridge is still
+                        // reachable and if we have any new bridges
+                        let (bucket, _reachcred) =
+                            get_bucket(&config.la_net, &self.primary_cred).await?;
+
+                        // Make sure each bridge is in global bridges
+                        // set and known by censor
+                        for bridgeline in bucket {
+                            if bridgeline != BridgeLine::default() {
+                                if !bridges.contains_key(&bridgeline.get_hashed_fingerprint()) {
+                                    let bridge = Bridge::from_bridge_line(&bridgeline);
+                                    bridges.insert(bridgeline.get_hashed_fingerprint(), bridge);
+                                }
+                                censor.learn_bridge(&bridgeline.get_hashed_fingerprint());
+                            }
+                        }
+                    }
+                }
+            } else {
+                // If unable to migrate, try to get a new open-entry
+                // credential and start over
+                let res = Self::get_new_credential(&config).await;
+                if res.is_ok() {
+                    let (new_cred, bl) = res.unwrap();
+                    let fingerprint = bl.get_hashed_fingerprint();
+                    if !bridges.contains_key(&fingerprint) {
+                        let bridge = Bridge::from_bridge_line(&bl);
+                        bridges.insert(fingerprint, bridge);
+                    }
+                    censor.learn_bridge(&fingerprint);
+                    // Censor doesn't want new_cred yet
+                    self.primary_cred = new_cred;
                 }
-                censor.learn_bridge(&fingerprint);
-                // Censor doesn't want new_cred yet
-                self.primary_cred = new_cred;
             }
         }