DOS4210

Require two-factor authentication in your organization

DOS4210

GitHub organization critical builtIn

Description

Requiring an additional authentication method adds another level of security for your organization. Require two-factor authentication for everyone in your organization. Learn more: https://docs.github.com/en/organizations/keeping-your-organization-secure/managing-two-factor-authentication-for-your-organization/requiring-two-factor-authentication-in-your-organization https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/configuring-two-factor-authentication

Recommendation

1. Go to Organization Settings. 
2. In the 'Security' section of the sidebar, click on Authentication security. 
3. Under the 'Two-factor authentication' section. 
4. Ensure the 'Require two-factor authentication for everyone in the organization' setting is enabled.

Policy Rule

{
  "target": "GHOrganization",
  "if": {
    "allOf": [
      {
        "resource": "GHOrganization",
        "property": "TwoFactorRequirementEnabled",
        "operator": "equals",
        "value": true
      }
    ]
  },
  "then": {
    "effect": "Audit"
  }
}
« DOS4040 DOS4300 »
Rule Details
  • Rule ID: DOS4210
  • Code: GH_Organization_Authentication_Security_Require_2FA
  • Platform: GitHub
  • Category: organization
  • Severity: critical
  • Type: builtIn
Related Rules

Copyright © DevOps Shield. All Rights Reserved. Privacy Policy | Cookie Policy | Terms and Conditions