Account Settings

Require two-factor authentication in your account

Last updated: July 15, 2020

Two-factor authentication adds an extra layer of protection to your account and data. If you are a Super Admin or have permissions to edit account defaults, you can require every user in your account to use two-factor authentication. 

  • In your HubSpot account, click the settings icon settings in the main navigation bar.
  • In the left sidebar menu, navigate to Account Defaults
  • In the Security section on the General Info tab, click to toggle the Require Two-Factor Authentication (2FA) switch on. 
  • In the dialog box, click Yesrequire-2fa

Please note: once the switch is toggled on, the requirement will only take effect after 24 hours. The 24-hour grace period is for users to set up their two-factor authentication method, if they haven't done so yet. If a user does not set it up after 24 hours, they will be asked to set it up next time they log in to HubSpot.

Once enabled, every user in the account will receive an email and an in-app notification to enable two-factor authentication in their account.

  • Users who already have set up their two-factor authentication methods will be reminded to generate back-up codes.
  • Users who have not set up their two-factor authentication method can set it up via a CTA in the email or through a prompt in the notification. HubSpot will then guide the user through adding their mobile device to their account. This device will be used for verification each time they log in.

portal-two-factor-authLearn more about what happens when you enable or require two-factor authentication and SSO at the same time