Two Factor Authentication Should Be Enabled for External Collaborators
policy name: two_factor_authentication_is_disabled_for_an_external_collaborator
An external collaborator’s two factor authentication is disabled. Turn it on in the collaborator setting, or globally in the account, to prevent any access without MFA.
Collaborators without two-factor authentication are prime targets for phising and social engineering attacks, as compromise only requires acquiring the collaborator’s password. This is doubly important for external collaborators, as these are identities that aren’t likely managed by you or your organization and may be easier to compromise.
- Login with the user credentials
- Go to the user settings page
- Select “Account” on the left navigation bar
- Press “Enable two-factor authentication”