You can see which organization owners, members, and outside collaborators have enabled two-factor authentication.
Before requiring two-factor authentication (2FA), you can notify users about the upcoming change and verify who already uses 2FA.
Organization owners can require organization members, outside collaborators, and billing managers to enable two-factor authentication for their personal accounts, making it harder for malicious actors to access an organization's repositories and settings.