Enabling or Disabling Two-Factor Authentication at the Role Level

You can enable or disable two-factor authentication at the role level, which overrides any setting you made at the site level.

Caution

Enabling two-factor authentication for a role locks all accounts associated with that role until the users are able to enter an authentication password. Ensure your users are trained and have an authenticator installed on their phones before enabling two-factor authentication at the role level.

  1. From the Navigation Menu, select Admin > Users & Roles.
  2. In the Roles widget, select the role for which you want to enable or disable two-factor authentication. The Edit Tool Role widget appears.
  3. Under the Advanced tab, from the Two-Factor Authentication Required? field, make one of the following selections:
    • Default—Two-factor authentication setting for the role’s users is the same as at the site level.
    • Required—Role’s users need two-factor authentication to log in.
    • Not Required—Role’s users do not need two-factor authentication to log in.
  4. Click Save.