About two-factor authentication
When two-factor authentication is enabled for the realm, all access to the realm GUI must be authenticated with a second authentication mechanism. The value of this setting is also the default setting for two-factor authentication when accessing individual organizations. You can override this default setting per organization.
You must specify a mobile phone number for every administrator before enabling loopback authentication through mobile messaging.
Configuring authentication settings for the realm
For details about authentication methods, see
About realm security.1. Log in to the SAM using a realm administrator account.
2. Choose Realm > Settings.
3. Optionally, enable the password policy.
4. Configure settings.
Configuring authentication settings for individual accounts
1. At the realm, choose Admins.
2. Select the account.
3. Select the Authentication tab.
4. Optionally, set two-factor authentication to use the realm setting: always on regardless of realm setting, or never on regardless of realm setting.
5. Optionally, enable Override realm session expiration time. When enabled, this user’s session will always remain active.
6. Optionally, change the account password.