Skip to content

Add option to enforce two factor authentication on administrator users

What does this MR do and why?

This MR Adds a setting that allows to enforce two-factor authentication on administator users. Issue link: Enforce 2FA for GitLab administrators (#427549 - closed)

Screenshots or screen recordings

EnforceAdmin2FAVideo audited Screenshot_from_2023-12-07_11-27-38

Before After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

2FA enforcement

  1. Connect to the instance
  2. Go to the admin area
  3. Under "Sign-in restrictions", find the checkbox "Require administrators to enable 2FA"
  4. Click the checkbox
  5. Connect as any administrator user without 2FA, and notice that you are asked to add a two factor authentication.

Audited

  1. Disable the feature again
  2. Go to the left pane, and click "Monitoring" -> "Audit events"
  3. View that there are audit events on enabling and disabling the features

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

!
Edited by Dominic Couture

Merge request reports

Loading