Proton

Enforcing two-factor authentication (2FA) for organizations

Reading
3 mins
Category
Manage organization

Two-factor authentication (2FA) provides an additional layer of security, and we strongly recommend all users set it up.

Learn how to set up two-factor authentication (2FA) for your Proton Account

To better protect the high-profile businesses and organizations that rely on Proton for Business, we allow organization administrators (admins) to monitor and enforce 2FA in their organization.

If you’re an admin with a Proton for Business plan, you can:

Authentication security settings showing two-factor authentication settings

See how many organization members have set up 2FA

You can quickly check how many members have already set up 2FA in your organization.

1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Authentication security.

2. Displayed at the top is the number of members with 2FA set up out of the total number of people in your organization.

In this example, your organization has 38 members, but none of them has set up 2FA yet.

Authentication security section showing 0/38, meaning out of your total 38 members, no one has set up 2FA

Send members reminders in a 2FA campaign

Before enforcing 2FA, it’s good practice to launch a campaign to get your organization members to switch on 2FA for their accounts. Contact them to explain why 2FA is so important with simple instructions to set it up.

Once you’ve started your 2FA campaign, you can send email reminders to those who haven’t set up 2FA yet.

To send a reminder:

1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Authentication security → Two-factor authentication reminders.

2. Click Send email reminder.

Send email reminder button

3. A pop-up will appear with the list of members the reminder will be sent to. Only members with an assigned address who haven’t set up 2FA will receive the reminder. Click Send reminder.

List of email addresses your 2FA reminder will be sent to plus Send reminder button

See which members have set up 2FA

To see who has set up 2FA:

1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Users and addresses.

2. Once a member sets up 2FA for their Proton Account, a 2FA label appears below their name in the Users and addresses dashboard. You can use this dashboard to track who has set up 2FA.

2FA label below user's name in the Users and addresses dashboard

Enforce 2FA in your organization

Once you’re satisfied with your 2FA campaign, you can enforce 2FA for your organization.

You can enforce 2FA for:

  • Administrators (admins) only, or
  • All organization members

To enforce 2FA:

1. Log in to your administrator Proton Account at account.proton.me and click Settings → All settings → Organization → Authentication security → Two-factor authentication enforcement.

2. Switch on either Require 2FA for administrators or Require 2FA for all.

Switches to enforce 2FA: either require 2FA for administrators only, or require 2FA for everyone

When you enforce 2FA for your organization, any new member joining must set up 2FA to fully use their account.

If a member doesn’t set up 2FA, their account will be restricted; for example, they won’t be able to access their mailbox. They’ll see the following error message and will need to set up 2FA to get full access to their account.

Your account is restricted error message, saying you must enable 2FA to restore your account's full functionality

Learn how to set up two-factor authentication (2FA) for your Proton Account

Didn’t find what you were looking for?

Get help
General contactcontact@proton.me
Media contactmedia@proton.me
Legal contactlegal@proton.me
Partnerships contactpartners@proton.me