2
Forced 2FA / Two-Step Authentication
Idea shared by Chris - 1/6/2022 at 4:40 PM
Completed
A customer today asked us for the ability to force 2-factor authentication / Two-Step Authentication onto their users to setup for the accounts.

5 Replies

Reply to Thread
0
Tony Scholz Replied
Employee Post
Hello Chris. 

This is currently available on a per domain basis. 


so that 2FA is forced for all of the domain users. 

Thank you
Tony Scholz System/Network Administrator SmarterTools Inc. www.smartertools.com
0
New users are forced to set it up on their first login. Users that exist before it is enabled are not forced to set it up. Once a user sets up 2FA, they cannot remove it with the Forced option ON (which is a nice feature). 

What we would like is a way to force existing users to enable 2FA. Can that be done?
0
Employee Replied
Employee Post
Hi Chris, 

Existing users should be prompted to set it up during their next webmail login as well. We will look into this behavior and apply a fix as needed. 

Kind regards,
0
Employee Replied
Employee Post
Hi Chris, 

We did some testing of this feature, and I'm afraid we can't replicate the behavior you're seeing. When we force Two-Step Authentication for a domain, existing users are prompted to configure it on their next webmail login (just like the new users).

That said, please note that Two-Step Authentication is not applicable for users who authenticate via Active Directory. If your existing users are set up with Active Directory authentication, this would explain why they don't receive the prompt to set up Two-Step Authentication, even when it's forced. 

I'm going to open a support ticket with you so we can look into why this is happening on your server. We can update this thread for others once we have an answer. 
0
Kyle Kerst Replied
Employee Post
Hey Chris! :-) I wasn't able to reach you via the ticket we opened with you and so I've closed it for the time being. Please let us know if you have some time to circle back to this in the future. 
Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com

Reply to Thread