How to Enable Organization 2-Factor Authentication (2FA)

For organizations handling sensitive information, requiring 2-Factor Authentication (2FA) for all users adds an important layer of security. Organization-wide 2FA ensures that every team member verifies their identity using a second factor before accessing Notehouse.

Once enabled, users who haven’t already set up 2FA will be prompted to do so the next time they log in. If not enabled when required, users will not be able to access the application until enrollment is complete.

Table of Contents

About Organization 2FA

When organization-wide 2FA is enabled, all users are required to authenticate using two factors when logging in. This requirement applies to existing users and any new users added to the organization.

Supported 2FA methods include authenticator apps and SMS. Users must complete 2FA enrollment before they can access Notehouse, and the requirement cannot be skipped or bypassed.

When to Enable Organization-Wide 2FA

You may want to enable 2FA if your organization:

  • Handles sensitive or confidential client data
  • Is subject to compliance requirements such as HIPAA
  • Has internal security policies requiring two-factor authentication
  • Wants to reduce the risk of unauthorized account access

How to Enable Organization 2FA

Only the Account Owner can enable organization-wide 2FA.

  1. Go to Account Settings
  2. Open the Organization tab
  3. Click Enable, then confirm

Security settings showing organization-wide 2-factor authentication as inactive with an Enable button.


How Does This Impact Users in My Organization?

  • Users already enrolled can continue using their existing 2FA method without interruption.
  • Users without 2FA are prompted to enroll at their next login and must complete setup before accessing the app.
  • New users are required to set up 2FA during onboarding before they can proceed.

Disabling the Requirement

If needed, the Account Owner can disable the 2FA requirement from the Organization tab in Account Settings by following the same steps and selecting Disable. Existing 2FA enrollments remain in place, and users can choose whether to keep or remove 2FA after the requirement is turned off.

Consider the security implications before disabling organization-wide 2FA. Organizations subject to HIPAA or other compliance requirements may need to keep this requirement enabled. Notehouse is not responsible for compliance or security risks that may result from disabling this feature.

For questions, contact us at support@getnotehouse.com.

Still need help? Contact Us Contact Us

Related Articles