2-Factor Authentication

Policy Description

The 2-Factor Authentication (2FA) policy allows administrators to require that users enable 2FA to log in to their Password Boss account.

When this policy is enabled users will be prompted to enable 2FA when they log in to Password Boss or when their accounts are synchronized. There is a built-in grace period of 3 prompts over 3 days to allow the users to have their mobile authenticator app setup and available.

If users have not enabled 2FA after 3 prompts, on the 4th prompt users will not be able to access Password Boss until they complete the 2FA setup.

Settings

  • The default value is DISABLED
  • When this policy is ENABLED users will be prompted to set up 2FA the next time they log in to Password Boss or sync their account.
  • When this policy is DISABLED users can enable or disable 2FA in the Password Boss app.

📘

Note

Disabling this policy does not disable 2FA for users. Disabling this policy gives the user the ability to turn of 2FA if they choose to do so.

Recommendation

We recommend implementing 2-Factor Authentication for all companies.

Tip: encourage your users to finish 2FA set up right away and not to wait until the end of the prompts to avoid being forced to enable 2FA.

Availability

This policy is available to all accounts with a paid or trial business subscription.