Allowed 2FA Methods

What is it?

Allowed 2FA Methods enables admins to configure which two-factor authentication (2FA) methods users in their organization can log in with. When the setting is turned on, admins can restrict which methods are allowed: SMS 2FA or Authenticator Apps (e.g. Google Authenticator, Authy, Duo). When the setting is off—which is the default mode—all 2FA methods offered through HubSpot are allowed.

Note that the HubSpot Mobile App will be a default method that will always be enabled.

Why does it matter?

To meet the needs of customers' organizational security policies, this feature allows admins to set which two-factor authentication (2FA) are allowed for users to access their account.

How does it work?

Admins can navigate to Settings -> Security tab -> Settings & Activity to configure this setting. 2FA must be required for your account in order to turn this setting on. Additionally, if an admin disallows a 2FA method that users currently use, those users will be prompted to switch their 2FA method to an allowed one.

Who gets it?

Starter+

Customer agent now handles all your front office conversations with Agent Goals & Lead Qualification

What is it? The Customer Agent just got a major upgrade! Now, it can handle all your front office traffic—qualifying prospects, adding them to your CRM, and even booking meetings with your sales team.

24 Sep 2025

Smart Properties: Contact Object Support

What is it? You can now create smart properties for Contacts in HubSpot. Why does it matter? Smart properties for Contacts unlocks new ways to personalize outreach, segment your database, and..

24 Sep 2025

Unified Landing Page Creation