Enable two-factor authentication

From Security settings, click Enable two-factor. Scan the QR code with any TOTP app (1Password, Authy, Google Authenticator), enter the 6-digit code, and save your backup codes — these are the only way to recover access if you lose your authenticator.

Org admins can require MFA for everyone in Org settings → Security. Members without MFA enabled are prompted to set it up on next login; existing sessions are not invalidated.