github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/website/source/docs/enterprise/organizations/authentication-policy.html.md (about) 1 --- 2 layout: "enterprise" 3 page_title: "Authentication Policy - Organizations - Terraform Enterprise" 4 sidebar_current: "docs-enterprise-organizations-policy" 5 description: |- 6 Owners can set organization-wide authentication policy in Terraform Enterprise. 7 --- 8 9 10 # Set an Organization Authentication Policy 11 12 Because organization membership affords members access to potentially sensitive 13 resources, owners can set organization-wide authentication policy in Terraform 14 Enterprise. 15 16 ## Requiring Two-Factor Authentication 17 18 Organization owners can require that all organization team members use 19 [two-factor authentication](/docs/enterprise/user-accounts/authentication.html). 20 Those that lack two-factor authentication will be locked out of the web 21 interface until they enable it or leave the organization. 22 23 Visit your organization's configuration page to enable this feature. All 24 organization owners must have two-factor authentication enabled to require the 25 practice organization-wide. Note: locked-out users are still be able to interact 26 with Terraform Enterprise using their `ATLAS_TOKEN`. 27 28 ## Disabling Two-Factor Authentication Requirement 29 30 Organization owners can disable the two-factor authentication requirement from 31 their organization's configuration page. Locked-out team members (those who have 32 not enabled two-factor authentication) will have their memberships reinstated.