Require Two-Factor Authentication for Organization Members
Nov 24, 2025 by
Byron Karlen
Organizations on Production and Enterprise plans can now require members to enable two-factor authentication (2FA). For organizations with SSO enabled, this requirement only applies to non-SSO users.
Why require 2FA?
2FA adds an essential layer of security to your organization by ensuring that compromised passwords alone cannot grant unauthorized access to your projects, credentials, and builds. By requiring 2FA at the organization level, you enforce consistent security standards across your team.
How it works
- New members can accept an invitation to your organization only once they have enabled 2FA
- Members are prevented from disabling 2FA once enabled
- When 2FA becomes required, existing members without 2FA remain in the organization. They should enable it themselves, or be removed and re-invited to enforce the requirement.
Organization owners and admins can enable this requirement from the account’s settings page.