To add a second form of identity verification to your sign in process, you need to configure the two-factor authentication requirements for your account. You can configure a requirement for all users and for individual users as needed.
For accounts configured to use the Client Certificate or the One-Time Password (OTP) option, you can only configure requirements for individual users. These types of account configurations require all account members to use their username and password and a second form of authentication to sign in to their account: client certificate or one-time password.
In your CertCentral account, in the left main menu, go to Settings > Authentication Settings.
In the Two-Factor Authentication Requirements section, click Add New Requirement.
On the Add Two Factor Requirement page, under Authentication Type, select the second form of authentication you want to require:
Apply Rule To
Under Apply Rule To, select who you want the rule to apply to:
Click Create Requirement.
On the Authentication Settings page (in the left main menu, go to Settings > Authentication Settings), in the Two-Factor Authentication Requirements section, each new two-factor authentication rule/requirement is added to the table.
Additionally, as users sign in and generate client certificates and initialize OTP apps or devices, they are added to the applicable table—One-Time Password (OTP) Devices or Issued Client Certificates.