2FA adds a second layer of security to your account. Users can only sign in if they have two forms of authentication: something you know and something you have.
2FA is mandatory for all DigiCert accounts and cannot be disabled by users. If your technical requirements necessitate disabling it, contact Support to request an exception.
Two-factor authentication and SSO
When two-factor authentication is enabled:
SSO using SAML
DigiCert will prompt you to enter an OTP when signing in, even if you have already provided an OTP to your identity provider (IdP).
SSO using OIDC
DigiCert will skip the OTP prompt if you have already provided an OTP to your IdP.