Exclude users from using 2FA


We use discourse. I enabled 2FA for all users. However, some users do not have a smartphone or really do not want to use 2FA.

I want to grant the an exception but it seems that they cannot register when the enforce 2FA for all users is enabled.
It seems that one can only disable 2FA if user was registered with 2FA but I cannot see an option to invite a new user to register without having to set up 2FA.

Is there a workaround to exclude some users not to use 2FA upon registration ?

Thanks !

I think the only possible options are:

  1. Forced for everyone (all)
  2. Forced for Staff users (staff)
  3. Not forced (no)

So if you disable the enforce_second_factor setting by changing it to no, users willing to use 2FA can still enroll by visiting /my/preferences/account but that will allow users to register without nagging about 2fa.

1 Like


Yes I think that’s the only option currently.

It would be nice If we could work with groups of users to have a more detailed level of control ?

Any plans to integrate that in future versions?