Two-factor authentication is a feature that combines something you know like your password and something you have like your phone, thus adding another layer of Security. After you enter your password, you'll get a second code sent to your phone. Only after you enter the code will you get into your account.
To increase account security, organization admins can enforce 2FA as a policy for all or some users and groups.
Note: When two-factor authentication is enabled, users will be asked to enter the two-factor authentication code every time you log in via password, thus making it harder for others to log in as you.
Note: Only when Freshworks login is enabled will the Organization admin enforce 2FA as a policy.
Where to enforce the two-factor authentication policy?
Log in to the Neo Admin Center using your Organization URL.
Navigate to Security> Default Login Methods.
Under Freshworks Login, click on the edit button to view and update the policy. (Note: When you enable the Freshworks Login by toggling the switch, the policy will come into effect.)
The password policy and 2FA policy screen will appear.
Scroll down to the 2FA section and click on Mandate 2FA and specify who you want to mandate the policy for before you click on the Save button.
Note: If you don't want to make 2FA mandatory for your users, you can enable the 'Don't mandate 2FA' option. Here, the users can choose to configure 2FA for their accounts. Here's how!
Organization admins can
mandate 2FA as a policy for all users
Note: if any users are exempted from the policy, mention the names in the 'Except for the following users (Optional)' field.
mandate 2FA only for organization admins
mandate 2FA for only some users - here, you can search the users in your organization and include them in the list.
What happens when an organization admin mandates 2FA for all or some users?
Once the policy is enforced, an email is sent to the users with a link to set up 2FA for their accounts. The link will redirect the user to the login page. Once he/she logs in, the user will be taken to the 2FA setup page. New users can configure 2FA as part of the activation flow.
Note: The users for whom the 2FA is mandated can't disable the 2FA once enabled.
If you need further assistance, please feel free to write to firstname.lastname@example.org with your queries. We're more than happy to help.