Enforce Two-Factor Authentication for All Members of an Account

This article describes a feature in Public Beta.

Table of Contents


Two-Factor authentication provides an extra level of security to protect your user credentials. You can enforce Two-Factor authentication for account members by enabling the feature on the account.

When you have multiple users managing an account, it’s vital to reduce the likelihood of a user’s credentials being compromised. This feature is available on all accounts that have the ability to manage members of an account.

Enabling Two-Factor authentication enforcement

You can enable Two-Factor authentication enforcement from your account members page.

You can only enable Two-Factor authentication enforcement on an account if all users have Two-Factor authentication enabled. If they don’t enable it, you have to remove them from the team to enable this feature, then re-invite them. They’ll be asked to enable Two-Factor authentication after they sign up so they can join your account.

To enable Two-Factor authentication enforcement
  1. Log in to DNSimple with your user credentials.
  2. Go to your account settings by selecting the or link from the navigation.

    Settings menu

  3. Select from the menu on the left.
  4. Scroll down until you see the section. When all members of your Team have Two-Factor authentication enabled, you can use this feature.

    Two-Factor authentication enforcement

  5. If there are users in your account that don’t have Two-Factor authentication enabled, you’ll see a list of users that are non-compliant. You can remove the users from the account in the section above.

Disabling Two-Factor authentication enforcement

To disable Two-Factor authentication
  1. Log in to DNSimple with your user credentials.
  2. Go to your account settings by selecting the or link from the navigation.

    Settings menu

  3. Select from the menu on the left.
  4. Scroll down until you see the section. There’s a link to the feature.

    Disable Two-Factor authentication enforcement

Disabling Two-Factor authentication while in an enforced team

If you’re part of a team that enforces Two-Factor authentication, you can still disable Two-Factor authentication on your personal account.

If you disable Two-Factor authentication, you will be removed from all accounts that enforce Two-Factor authentication.

Inviting new people into an 2FA enforcing team

There are no restrictions on inviting new people to your account. When you invite users to join your account that don’t have an DNSimple account, they’ll be asked to enable Two-Factor authentication after they sign up so they can join your account.

If the user already has a DNSimple account, they can’t join the team if they don’t have Two-Factor authentication enabled.