Merge branch 'docs/disabling-2fa-does-not-disable-enforcement-rules' into 'master'

Disabling 2FA does not disable enforcement rules See merge request gitlab-org/gitlab!37759

Merge branch 'docs/disabling-2fa-does-not-disable-enforcement-rules' into 'master'
Disabling 2FA does not disable enforcement rules See merge request gitlab-org/gitlab!37759
00bf677c · Mike Jang · f6adacd5 · c5e82070 · 00bf677c
Commit 00bf677c authored Sep 30, 2020 by Mike Jang
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 0 deletions

doc/security/two_factor_authentication.md doc/security/two_factor_authentication.md +11 -0

No files found.
--- a/doc/security/two_factor_authentication.md
+++ b/doc/security/two_factor_authentication.md
@@ -68,6 +68,17 @@ The following are important notes about 2FA:

 ## Disabling 2FA for everyone

+CAUTION: **Caution:**
+Disabling 2FA for everyone does not disable the [enforce 2FA for all users](#enforcing-2fa-for-all-users)
+or [enforce 2FA for all users in a group](#enforcing-2fa-for-all-users-in-a-group)
+settings. In addition to the steps in this section, you will need to disable any enforced 2FA
+settings so users aren't asked to set up 2FA again, the next time the user signs in to GitLab.
+Disabling 2FA for everyone does not disable the [enforce 2FA for all users](#enforcing-2fa-for-all-users)
+or [enforce 2FA for all users in a group](#enforcing-2fa-for-all-users-in-a-group)
+settings if they have been configured. In addition to the steps in this section,
+you will need to disable any enforced 2FA settings so users aren't asked to setup
+2FA again when the next login to GitLab.
+
 There may be some special situations where you want to disable 2FA for everyone
 even when forced 2FA is disabled. There is a Rake task for that: