NOTE: This article is about administering two-factor authentication for an organisation. If you want to learn how to add or remove 2FA from your account please read this article.

Turning on Two-factor Authentication (2FA)  adds an additional layer of security to your organisations user accounts. As well as your password (something you know) you also need to provide a code from an app on your smartphone (something you have) before users can access their accounts.

Enabling Two-factor Authentication

To access 2FA options for your organisation login and go to Settings > System Management > Settings from the left hand function menu. Scroll down to find the Two-factor Authentication option:

You can choose from the following options:

• off – no 2FA for any account
• Enabled but not mandatory – users can choose to add 2FA to their accounts if they wish
• Enabled and mandatory for Managers & Admins – optional for users but mandatory for those who have an admin or management role.
• Enabled and mandatory for all – every user account must use 2FA

When you click the Update button at the bottom of the page the setting is immediately applied so ensure that you have informed those affected prior to setting.

Forcing Users to have 2FA

If you choose to make 2FA mandatory for some or all user accounts they will not be able to access their accounts until they have set up 2FA. Users will be shown this screen and given options to set up 2FA or logout.