Access Two-Factor Authentication Page
Click the βοΈ Settings icon in the left sidebar. You must have Manager permission for the General Settings module.
On the Settings page, click the "Security" tab.
Click the "Enable" button under "Two-Factor Authentication For All Users."
Step 1: Enable 2FA For All Users
A pop-up screen will appear asking you to select one or more methods to verify user identity in the first step:
Email Verification: Send verification codes to users' emails.
SMS Verification: Send codes via SMS to users' phone numbers (a paid service that requires a request to the customer success manager).
Authenticator App: Send codes to users via the authenticator app.
You can enable the "Remember me" option to reduce verification steps and save devices as trusted.
Finally, click "Enable."
Step 2: Complete the Two-Factor Authentication Setup
In this step:
You'll receive an email with the verification code.
Copy the code, enter it, and click "Verify."
A success message will confirm that two-factor authentication is enabled. An email with setup instructions will be sent to all existing users, who will need to enable authentication at their next login.
Disable & Edit Two-Factor Authentication
You can edit or disable 2FA, but we don't recommend doing so. Enabling 2FA adds an extra security layer that protects all users from attackers.
To disable 2FA: Click the "Disable" button and confirm the action. You'll receive an email with an OTP code. Copy and enter the code to disable this feature for all users.
β
To edit 2FA: Click the "Edit" button to change 2FA methods (Email, SMS, and/or Authenticator App) and confirm the action. You'll receive an email with an OTP code. Copy and enter the code to apply the changes for all users.
β
βοΈ FAQs
π‘ What is Two-Factor Authentication (2FA)?
π‘ What is Two-Factor Authentication (2FA)?
Two-Factor Authentication (2FA) is a security feature that adds an extra layer of protection to user accounts. It requires users to provide two forms of verification when logging in: their password and a one-time code sent via email, SMS, or an authenticator app.
β Is 2FA mandatory for all users once enabled?
β Is 2FA mandatory for all users once enabled?
Yes, once you enable 2FA for all users in your organization, every user will be required to set it up during their next login. This ensures consistent security across your organization.
β¨ What happens if a user doesn't receive the verification code?
β¨ What happens if a user doesn't receive the verification code?
If a user doesn't receive the verification code, they should:
Check their spam or junk email folder if using email verification
Verify their phone number is correct if using SMS verification
Ensure their authenticator app is properly configured
Contact your organization's administrator for assistance
π Can users choose their preferred 2FA method?
π Can users choose their preferred 2FA method?
Users can only use the verification methods you enable as an administrator. If you enable multiple methods (Email, SMS, and/or Authenticator App), users can choose their preferred option from those available. For more information, check this guide: Set Up Two-Factor Authentication (2FA) for the First Time
β
What does the "Remember me" option do?
β What does the "Remember me" option do?
The "Remember me" option allows users to save their device as trusted. When enabled, users won't need to complete the 2FA verification process every time they log in from that specific device, reducing friction while maintaining security.
π¬ Is SMS verification included in my plan?
π¬ Is SMS verification included in my plan?
No, SMS verification is a paid service that requires a separate request to your customer success manager. Email verification and Authenticator App verification are included by default.
π© What happens to active user sessions when 2FA is enabled?
π© What happens to active user sessions when 2FA is enabled?
When you enable 2FA, all existing users will receive an email with setup instructions. They will be required to complete the 2FA setup process during their next login attempt.
β Can individual users disable 2FA for themselves?
β Can individual users disable 2FA for themselves?
No, individual users cannot disable 2FA once it's enabled for all users by an administrator. Only administrators with Manager permission for the General Settings module can disable or edit 2FA settings organization-wide.