Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

CONNECT

TABLE OF CONTENTS

Enforce multifactor authentication

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedSep 03, 2025
  • 2 minute read

Important: Multifactor authentication enforcement is enabled by default for all new CONNECT accounts created after August 18, 2025.

An Account Administrator can enforce multifactor authentication (MFA) for all non-federated users in an account. MFA enforcement greatly increases the security of your account.

When MFA is enforced on your account, all non-federated users receive an email to inform them of the enforcement. All non-federated users associated with the account are not able to access it until they complete the registration of a multifactor authentication device.

Note: As a non-federated account administrator you must register an MFA device for your user profile before you can enforce MFA at the account level. This ensures you are not locked out of the account when the enforcement begins.

To enforce MFA for non-federated users on an account

  1. Select Account details from the navigation rail.

  2. Select Enforce MFA.

  3. Read the MFA frequently asked questions.

  4. Select the checkboxes that read:

    • I understand and accept the impact of enforcing MFA for non-federated users

    • I have registered my own MFA device, or I am a federated user

    • I understand that I must configure my identity provider to enforce MFA for federated users

  5. Select Enforce MFA for non-federated users.

To remove MFA enforcement for non-federated users from your account

Important: For security reasons we do not recommend you remove MFA from your account once it is already enabled.

  1. Select Account details from the navigation rail.

  2. Select Enforce MFA.

  3. Select Remove MFA enforcement.

  4. A Remove MFA dialog opens. Select the checkbox to remove enforcement.

    Impact on federated users

    When you enforce MFA with this setting, federated users are not impacted and can continue to use their current sign in method, such as single sign-on (SSO). However, we recommend you enable MFA for your federated users through your chosen identity provider to keep your account secure. To do this you must configure the setting directly with your identity provider, such as Microsoft Entra ID.

    Additional information on the enforcement page

    User summary

    The user summary section of the MFA enforcement interface provides you with an overview of the MFA status of all users associated with the account.

    Those with federated accounts will not show an MFA status, but all non-federated user types will be shown as registered or not registered for MFA.

    Not registered for MFA

    The not registered for MFA table gives you a user-by-user view of all those not yet registered for MFA. For each user you can see their:

    • Username

    • Display name

    • MFA status

    In This Topic
    TitleResults for “How to create a CRG?”Also Available in