Allowed 2FA Methods enables admins to configure which two-factor authentication (2FA) methods users in their organization can log in with. When the setting is turned on, admins can restrict which methods are allowed: SMS 2FA or Authenticator Apps (e.g. Google Authenticator, Authy, Duo). When the setting is off—which is the default mode—all 2FA methods offered through HubSpot are allowed.
Note that the HubSpot Mobile App will be a default method that will always be enabled.
To meet the needs of customers' organizational security policies, this feature allows admins to set which two-factor authentication (2FA) are allowed for users to access their account.
Admins can navigate to Settings -> Security tab -> Settings & Activity to configure this setting. 2FA must be required for your account in order to turn this setting on. Additionally, if an admin disallows a 2FA method that users currently use, those users will be prompted to switch their 2FA method to an allowed one.
Starter+