Support and Documentation

Two-factor authentication at the user level

You can enable or disable two-factor authentication at the user level, which overrides any setting you made at the site level or at the role level.

Caution

Enabling two-factor authentication for a user locks that account until the user is able to enter an authentication password. Ensure that the user is trained and has an authenticator installed on a device before enabling two-factor authentication.

Procedure. To enable or disable two-factor authentication at the user level:
  1. From the Navigation Menu, select Users & Roles.

  2. In the Users widget, select the user for whom you want to enable or disable two-factor authentication. The Edit Tool User widget appears.

  3. Toward the right of the widget, select |mi-more_horiz| > Advanced. A widget appears.

  4. From the Two-Factor Authentication Required field, select one of the following:

    • Default—User's two-factor authentication setting is the same as at the role level; if that level is set to Default, user's setting is the same as at the site level.

    • Required—User needs two-factor authentication to log in.

    • Not Required—User does not need two-factor authentication to log in.

  5. Click Save.

Note

Individual users can enable two-factor authentication even if it is not required. For details, see Enabling two-factor authentication.