Backoffice 2FA admin controll

Hi!

I’m looking into implementing 2FA for the backoffice using this guide: Two-factor Authentication | Umbraco CMS

I’m wondering if there’s a way to either automatically activate 2FA on all users, or if anyone has implemented a custom solution for a admin user to activate it on all users?

If that’s not possible, have anyone implemented a custom solution for a admin to at least see which users that has activated 2FA? That way they would at least have some control over it.

Hi Camilla

We had a similar situation recently, and we found an old Umbraco Discord thread that provided some example implementations: Making 2FA Mandatory for Admin Users Umbraco #help-with-umbraco

We took heavy inspiration from Mark Drake’s solution, and also added a app setting to toggle whether 2FA is enforced for all users or not, accessing the variable with this function:

const twoFactorIsEnforced = () => {
  return Umbraco.Sys.ServerVariables.twoFactor.enforceTwoFactor;
}

Hope this helps!

1 Like