Ability to see which accounts do not have 2FA enabled in an organization

XMLWordPrintable

    • 70

      Problem Definition

      • Ability to see which users do not have 2FA enabled in an organization
      • An organization could be forcing all of their managed accounts to use SSO but they may have external accounts accessing their products that they cannot manage, and it would be helpful to know which of these accounts are not using 2FA

      Why this is important

      The customer wants to audit and inform users to enable 2FA if excluded in an organization

      Workaround

      This data is viewable in the Managed accounts export (does not work for external accounts)

      Potential Solutions:

      • The Insights page under Security->Insights has a section at the bottom that details Two-step verification coverage
        It shows the number of accounts using/not using each security type. For example it shows how many accounts Log in without two-step verification. However, it only shows the number of accounts and doesn't show who those accounts actually are.
      • Make 2FA status available in account profile page
      • Add filter to managed accounts page
      • Allow a way to export external accounts not using 2FA

            Assignee:
            David Olive (Inactive)
            Reporter:
            Ratnarup (Inactive)
            Votes:
            151 Vote for this issue
            Watchers:
            111 Start watching this issue

              Created:
              Updated: