[Yandex Cloud documentation](../../index.md) > [Yandex Identity Hub](../index.md) > [Step-by-step guides](index.md) > Authentication > Enabling the two-factor authentication requirement for Yandex accounts

# Enabling the two-factor authentication requirement

You can deny Yandex Cloud authentication to all [Yandex account](../../iam/concepts/users/accounts.md#passport) users in your organization without [two-factor authentication](https://yandex.com/support/id/en/authorization/twofa.html) enabled.

{% note warning %}

With this setting on, all users authenticated without the two-factor identity check, including administrators and owners, will lose access to the organization and all its resources.

To grant access to the organization, [configure](https://id.yandex.ru/security/enter-methods) two-factor authentication for the Yandex account. It is best to notify the users of the organization in advance of the required actions.

{% endnote %}

{% list tabs group=instructions %}

- Cloud Center UI {#cloud-center}

  1. Log in to [Yandex Identity Hub](https://center.yandex.cloud/organization) using an administrator or organization owner account.

      [Switch](manage-organizations.md#switch-to-another-org) to an organization of your choice as required.

  1. In the left-hand panel, select ![shield](../../_assets/console-icons/shield.svg) **Security settings**.
  1. Navigate to the **Other parameters** tab and, under **Authentication settings**, enable **Require a second authentication factor for users with a Yandex account.**.

{% endlist %}

#### Useful links {#see-also}

* [Enabling access via OS Login](os-login-access.md)
* [Enabling the use of refresh tokens in the Yandex Cloud CLI](enable-refresh-tokens.md)
* [Blocking users from viewing information about organization members](hide-user-info.md)