⌘K
Back to all articles
Settings

Authentication

Set workspace sign-in policy including required 2FA, session timeout, passwords, and IP allowlist.

Updated May 27, 2026

Authentication settings set the workspace's sign-in policy. These apply to all members.

Authentication settings

What you can set

  1. Require two-factor

    Require MFA for everyone. You must have two-factor enrolled yourself before turning this on.

  2. Session timeout

    Set how long before an idle session signs out.

  3. Password policy

    Set minimum length, complexity, breach checking, reuse blocking, and expiry.

  4. IP allowlist

    Restrict access to specific IP ranges (enterprise).

  5. Field encryption

    Enable application-layer field encryption. Once enabled it cannot be turned off.

A Force sign-out action revokes every active session in the workspace. Use it if you suspect a credential was compromised.

What's next

See MFA and review devices in Active sessions.