Enforcing two-factor authentication (2FA) for organizations
Two-factor authentication (2FA) provides an additional layer of security, and we strongly recommend all users set it up.
Learn how to set up two-factor authentication (2FA) for your Proton Account
To better protect the high-profile businesses and organizations that rely on Proton for Business, we allow organization administrators (admins) to monitor and enforce 2FA in their organization.
If you’re an admin with a Proton for Business plan, you can:
- See how many members of your organization have set up 2FA
- Send members reminders to set up 2FA
- See which members have set up 2FA
- Enforce 2FA for admins or all organization members
See how many organization members have set up 2FA
You can quickly check how many members have already set up 2FA in your organization.
1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Authentication security.
2. Displayed at the top is the number of members with 2FA set up out of the total number of people in your organization.
In this example, your organization has 38 members, but none of them has set up 2FA yet.
Send members reminders in a 2FA campaign
Before enforcing 2FA, it’s good practice to launch a campaign to get your organization members to switch on 2FA for their accounts. Contact them to explain why 2FA is so important with simple instructions to set it up.
Once you’ve started your 2FA campaign, you can send email reminders to those who haven’t set up 2FA yet.
To send a reminder:
1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Authentication security → Two-factor authentication reminders.
2. Click Send email reminder.
3. A pop-up will appear with the list of members the reminder will be sent to. Only members with an assigned address who haven’t set up 2FA will receive the reminder. Click Send reminder.
See which members have set up 2FA
To see who has set up 2FA:
1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Users and addresses.
2. Once a member sets up 2FA for their Proton Account, a 2FA label appears below their name in the Users and addresses dashboard. You can use this dashboard to track who has set up 2FA.
Enforce 2FA in your organization
Once you’re satisfied with your 2FA campaign, you can enforce 2FA for your organization.
You can enforce 2FA for:
- Administrators (admins) only, or
- All organization members
To enforce 2FA:
1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Authentication security → Two-factor authentication enforcement.
2. Switch on either Require 2FA for administrators or Require 2FA for all.
When you enforce 2FA for your organization, any new member joining must set up 2FA to fully use their account.
If a member doesn’t set up 2FA, their account will be restricted; for example, they won’t be able to access their mailbox. They’ll see the following error message and will need to set up 2FA to get full access to their account.
Learn how to set up two-factor authentication (2FA) for your Proton Account