# Two-Factor Authentication Settings

Aerofiler supports the following two-factor authentication settings:

* Users may disable their own TFA - users may optionally enable and disable their own TFA
* Only Administrators may disable TFA - users may optionally enable their own TFA, but once enabled, only an Administrator account can disable TFA
* Require TFA for all users - all users, including Administrators, must have TFA enabled in their account

**Removing two-factor authentication**

For the Settings "Users may disable their own TFA" and "Only Administrators may disable their own TFA", an Administrator may remove the TFA setting for a user. To do this, click the following icon:

<figure><img src="https://990055713-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FpzhcJuh5qEG7uLa8k3LR%2Fuploads%2F7wS4fRGWR4kDemK3QsSE%2Fimage.png?alt=media&#x26;token=f6e293a0-a361-4d2f-aa99-d851477ef027" alt=""><figcaption></figcaption></figure>

You will then be prompted to confirm removal:

<figure><img src="https://990055713-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FpzhcJuh5qEG7uLa8k3LR%2Fuploads%2FybTjsTn76XKsTUEvOAin%2Fimage.png?alt=media&#x26;token=59bf3bd3-932e-4bb8-aca0-566503513afc" alt=""><figcaption></figcaption></figure>

A demonstration of removing two-factor authentication (no sound) is below:

{% embed url="<https://www.loom.com/share/f6c400164d1441db854f310d332be065>" %}

**Require TFA for all users**

When you select "Require TFA for all users" and click "Save", if you have not already enabled TFA for your account, you will be prompted to enter a TFA code. Aerofiler's TFA is compatible with a number of authentication applications including Duo, Google Authenticator and Microsoft Authenticator.

{% hint style="info" %}
When this setting is enabled, existing users who do not have TFA enabled will be required to enable TFA to continue using Aerofiler. New users will be prompted to enable TFA when they first login.
{% endhint %}