HELP FILE

How to Force a User Group to Use Two-Factor Authentication

    Force all members of a User Group to follow a two-step process to verify their identity when logging in to their account.

    Only Central users with User management permission can edit or enforce a login policy.

    1. In Central, click Users > Manage.

      Result: The Users page is displayed.

    2. Click edit permissions next to the name of the User Group you want to edit.

      Result: The Edit page is displayed.

    3. Under Extra Security, select Two-factor authentication.
    4. Click Save.

      Result: Users must follow a two-step process to verify their identity. They can choose any method currently available for the client. The policy cannot force them to use a specific method. For details, see Two-Step Verification.

    Results: Upon next login, the user must set up Two-factor authentication.
    Tip: As a courtesy to your users, you may want to notify them when you apply policy changes. Central does not automatically notify users of policy changes. If users need assistance setting up two-step verification, direct them to: How to Setup Two-Factor Authentication for Your Own Account.
    Tip: When using Central in a browser, Login Policy does not allow you to save devices. This only applies if the Master Account Holder enables Two-factor authentication under Users > Login Policy.
    Article last updated: 27 September, 2022