Users Management: Organizational Setting to View/Enforce use of 2FA
complete
Chad Brigance
Allow the owner of the organization to have the option of enforcing the use of 2FA for all users. Also update the "Users" view to show which users have 2FA enabled.
Log In
Irina Vasilkova
marked this post as
complete
Status Update: Feature Released 🚀
Hello everyone,
Thank you for your feedback! We recognize that for many of you—especially those navigating compliance or internal security audits—mandating 2FA is a non-negotiable requirement for scaling.
We are excited to announce that Two-Factor Authentication (2FA) Enforcement is now live!
Key Highlights
Mandatory security: Admins can now enforce 2FA organization-wide with a single toggle, ensuring a password alone is never enough to access your workflows.
Frictionless setup: Users without 2FA are automatically guided through a setup workflow upon their next login.
Locked governance: Prevents users from manually disabling their 2FA, maintaining a permanent security shield.
Availability: This feature is now available for Enterprise plans. You can find it under Organization Settings in the main navigation bar.
Learn more about this update: https://help.make.com/introducing-two-factor-authentication-enforcement
Stuart Mackenzie
So greedy - paywalling behind the enterprise plan only.
A
Anastasi Hornakova
Stuart Mackenzie Hi Stuart, it's Anastasi from the Product team.
I really appreciate you being candid. I understand how seeing any security feature behind a higher tier can feel disappointing when you're just trying to keep your work safe.
I want to reassure you that your personal security is never something we’d ask you to pay for. Every Make user, including those on our Free plan, has full access to 2FA to protect their account.
We view 2FA as your personal shield (free) and Enforcement as a tool for administrative control (Enterprise). We will continue to evaluate demand for this capability on other plans.
Trevor Dearham
I don't see the point of adding 2FA enforcement to the Enterprise plan, where someone would be more likely to use SSO, which doesn't work with 2FA enforcement. If you're preventing the only plans that will ever use the functionality from having access, why bother adding it
A
Anastasi Hornakova
Trevor Dearham Hi Trevor, we hear your frustration and appreciate you being so direct.
We prioritized the Enforcement toggle specifically because we saw a high volume of requests for it from our largest customers. They often face complex regulatory audits where they need to centrally mandate and prove security compliance across hundreds of users. While many use SSO, there is still a significant group in hybrid environments who requested this native "fail-safe" for their admin teams.
It is important to note that 2FA itself is available on all Make plans, so every user can secure their account today.
However, your point on plan accessibility is well-taken. We will evaluate demand for it on non-enterprise plans.
Antoine Humeau
And as with SAML SSO, it's only available to Enterprise users. Again showing that security is not the primary concern.
A
Anastasi Hornakova
Antoine Humeau Hi Antoine,
thank you for sharing this. We completely agree that security is a top priority, which is why 2FA is available to every single Make user on all plans, including Free.
We want to be clear about why this specific Enforcement toggle is on the Enterprise tier: we developed the Enforcement capability in direct response to a pain point experienced mostly by our Enterprise customers. These organizations required centralized governance tools to meet strict legal and compliance mandates.
While we provide the security tools (2FA) to everyone for free, the administrative management of those tools (Enforcement) was built to solve those specific Enterprise-scale needs.
We genuinely appreciate the feedback regarding our plan tiers, and we will evaluate the non-enterprise plans demand.
Irina Vasilkova
marked this post as
complete
Status Update: Feature Released 🚀
Hello everyone,
Thank you for your feedback! We recognize that for many of you—especially those navigating compliance or internal security audits—mandating 2FA is a non-negotiable requirement for scaling.
We are excited to announce that Two-Factor Authentication (2FA) Enforcement is now live!
Key Highlights
Mandatory security: Admins can now enforce 2FA organization-wide with a single toggle, ensuring a password alone is never enough to access your workflows.
Frictionless setup: Users without 2FA are automatically guided through a setup workflow upon their next login.
Locked governance: Prevents users from manually disabling their 2FA, maintaining a permanent security shield.
Availability: This feature is now available for Enterprise plans. You can find it under Organization Settings in the main navigation bar.
Learn more about this update: https://help.make.com/introducing-two-factor-authentication-enforcement
Tristan Hill
Why is this something we have to request in 2026?
Stuart Mackenzie
Without this feature, we have to rule out Make.
Jonas Lerch
This is a basic security control we expect from all SaaS vendors these days. We also expect it not to be hidden behind a pricing tier. All accounts with passwords should default to require 2FA anyways.
Regulations like NIS2 are coming up which make 2FA mandatory for a lot of organizations in the European Union. Please implement this asap.
Tom Ballard
with SAS security in focus this feature is required for audit
Lorenzo Mira Mateo
up!
Tim Middlecote
This is essential for a wider rollout across our organisation
Load More
→