Multi-Factor Authentication - Pangolin Docs

Enable or Disable 2FA
Supported Methods
Enforcement

Pangolin supports two‑factor authentication (2FA) for Pangolin user accounts.

Enable or Disable 2FA

Click your profile menu (top right) to enable two‑factor authentication.
You will need to confirm your password and code before enabling/disabling 2FA.

Supported Methods

Time‑based one‑time code (TOTP): Use an authenticator app (e.g., 1Password, Google Authenticator).
Push via email: Contact sales to enable.
Push via Duo: Contact sales to enable.

Enforcement

Two‑factor enforcement (requiring 2FA at login) is available in Enterprise Edition only.

To enable enforcement, go to Organization Settings and toggle 2FA enforcement in the Security section.

Enforcement is configured per organization.
MFA enforcement only applies to internal Pangolin user accounts. This policy does not apply to accounts linked to an external identity provider.
When enforced, users must enable 2FA before accessing the organization or its resources.
Users without 2FA will see a prompt directing them to enable it before proceeding.

Password Rotation

⌘I