You can see which members of your organization should enable two-factor authentication. If a malicious user gains access to your organization, they'll be able to access your repositories and settings.

  1. In the top right corner of GitHub Enterprise, click your profile photo, then click Your profile. Profile photo

  2. On the left side of your profile page, under "Organizations", click the icon for your organization. organization icons

  3. Under your organization name, click People. The People tab

  4. Members of your organization without two-factor authentication are listed with an orange triangle. Org member without 2FA

  5. If a member does not have 2FA enabled, they can turn it on from their personal account's security settings page. For more information, see "Securing your account with two-factor authentication."

You can also access the list of organization members who don't use 2FA through the GitHub API. Here's an example script demonstrating how to do this.

Further reading