Force 2FA for user in an organization

Hi :wave: ,

To increase the security of our organization, we would like to force our employees to use 2FA when they are added to the Buildkite organization. Instead of addressing every employee personally, we would like this to be something that has to be activated when someone is added to the organization and has not yet activated 2FA. Several other services we use offer this functionality, and we were wondering if this is something Buildkite will implement as well.

It’s something we’ve talked about, but it’s also very complicated to do well so we’ve been waiting to see how 2FA is adopted.

Which services have you seen it done well in?

+1.

In answer to the above: I don’t mind the way github does this. It’s a single checkbox to enable. And if you’re enabling this on existing orgs they remove any users without an associated 2FA device.