We wanted to enforce all our agents to use 2FA for every login session. Since we are dealing with a very sensitive data, we do not want our agents opting out or disabling 2FA. As can be seen in the below screenshot, agents can "disable” 2FA for the next 30 days. Once they do that, They cannot Undo that. Admins will never know that agent "disabled 2FA for the next 30 days”. There is also no way for Admins to Undo or even restrict that (They have to Disable 2FA and Enable it again on more time).
This is really important for us, and as I am sure many other users of Freshworks products.
Any solution to that? What can we do?
Greetings from Freshdesk!
As of now we can either mandate 2FA or disable it. Mandating 2FA will give the option for ‘Dont ask 2FA code for this computer for the next 30 days’ and I’m afraid it cannot be removed as customization is only possible in the customer portal and not the organization domain.