To enable Two-Factor Authentication (2FA), go to the Company Menu and click on Company Settings.
Select the option to Enable Two-Factor Authentication.
When your users login, they will see 2FA is enabled on the company card.
When they click to login to a 2FA Enabled company, they will be sent a code to verify. If they have a mobile number on their user profile, we'll send via sms. If they only have an-email address on file, we'll send to their e-mail instead. Please note, that you must have an account with Twilio in order to leverage the 2FA feature for SMS. See the article for setting up a Twilio account.
The user will enter the code and click to verify.
Upon successfully authenticating, we'll set a verification cookie and keep them logged in for the duration of their session.
If they enter the wrong code, it expired or it was already used, the user will receive an error message.