Activation and Deactivation of Two-Factor Authentication for an Individual User
Updated
by
Rim Ferchichi
As an administrator, you have the power to customize security settings to meet the individual needs of your users.
To assist you in this process, here is a detailed guide to activate two-factor authentication at the user level.
Activation and deactivation of two-factor authentication for an individual user:
Access the administration panel and navigate to the User and Access section.
In the User and Access settings, locate the Users section and select a user.
Find the option to enable two-factor authentication for the user and toggle the switch to activate it.
After activation, the user will be automatically logged out of all devices and will need to set up two-factor authentication during their next login.
Disabling two-factor authentication for a user follows a similar process, with the option to toggle the switch to disable it. The user will not be logged out, and no second authentication factor will be required during the next login.
After activation or deactivation:
This message will appear on your screen. Please read it carefully and click on Got it.
Administrators are prompted to confirm their action, ensuring awareness of the consequences.
For companies that have enabled single sign-on (SSO), activating two-factor authentication (2FA) for specific users, even if SSO is disabled for those users, is not feasible for security reasons. Single sign-on (SSO) provides a more robust and centralized authentication mechanism compared to two-factor authentication alone. SSO combines authentication factors, including passwords and additional verification methods, in a single, highly secure framework. Therefore, activating two-factor authentication for users within an SSO-enabled tenant would introduce potential conflicts and compromise the security benefits provided by SSO. Thus, it is recommended to rely on the inherent security features of SSO rather than implementing two-factor authentication separately where possible.
Activating two-factor authentication for users with access to multiple companies is not recommended due to potential conflicts and administrative challenges. A significant issue arises from the possibility for multiple administrators to activate or deactivate two-factor authentication for the same user in different companies, leading to inconsistency and confusion in the authentication process. Additionally, managing two-factor authentication settings for users with multi-tenant access lacks centralized control, making it difficult to enforce consistent security measures for all affiliated companies.