The administrator can force the all users to use of two-factor authentication (2FA) without allowing users to disable it. This significantly improves system security by protecting accounts against unauthorized access, even if a password is compromised. This centralized measure eliminates potential weaknesses caused by human error, such as disabling 2FA for convenience. It ensures a uniform minimum level of protection across the organization, reducing the risk of security breaches.
It would be nice to have a checkbox in the HA general settings menu to enable it by the administrator.