two factor authentication is now available for local accounts from 1 9 two factor authentication can be enforced for all local accounts with the given application property system security local account 2fa enforced there are no mechanisms to select specific local accounts to be enabled or disabled as of now user setup upon the first login after 2fa activation, users will see the following page after successful user/password login any authenticator app that is compatible with google authenticator specification can be used google authenticator, microsoft authenticator, authy … once the qr code has been scanned, you can enter the one time password generated by the authenticator app to verify your setup and login to the platform managing authentication factors tracking factors are stored in the authentication factor table a verified factor means the factor has been successfully used to login at least once, unverified means the user has attempted to login since 2fa activation but hasn’t successfully setup their totp factor deactivating factors a factor can be deactivated, once deactivated a factor can not be reused a new factor will created upon the next login notes 2fa only affects login for local accounts through the ui, this won’t affect local accounts used to access apis only one factor can be active at the time, meaning a user can not use several phones to login