Skip to main content

This version of GitHub Enterprise Server was discontinued on 2024-09-25. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Preparing to require two-factor authentication in your organization

Before requiring two-factor authentication (2FA), you can notify users about the upcoming change and verify who already uses 2FA.

We recommend that you notify organization members and outside collaborators at least one week before you require 2FA in your organization.

When you require use of two-factor authentication for your organization, outside collaborators (including bot accounts) who do not use 2FA will be removed from the organization and lose access to its repositories. They will also lose access to their forks of the organization's private repositories. Members and billing managers will retain membership but not be able to access your organization resources until they meet your 2FA requirement.

Before requiring 2FA in your organization, we recommend that you: