This idea has been archived, contributions have been disabled
Our company stores some documents in Projectplace with such high security level that the users need to have the two way identification feature activated. This feature can only be activated by the user him- or herself, not from the administration center. So far so good (although it would have been more convenient if it could be done by admin).
But the problem comes when we realise that the user also can deactivate the same feature whenever he or she feels like. Our suggestion is that when a two way identification has been activated, it can only be deactivated by a top administrator.
Enforcing two-step authentication is done on account level and you need to be an account administrator to activate this. The users will then not be able to turn it off. Here you can read more about this.