Disabling the support for user+password login

The recent bug related to the 2FA has exposed us to a situation we need to tackle asap. To support our SOC2 implementation, we have a policy that centralizes all the user management from our internal & external applications to our Google account. It means that users must log in into FA using the Google SSO integration.

However, we have noticed that we have a considerable amount of users using the FA with a combination of user&password.

I want to evaluate with you if it’s possible to disable the support of the user&password login and make it mandatory the usage of the Google SSO, only.

Feature(s) impacted

Account management

Observed behavior

When creating the FA account, users can chose between using the Google SSO or creating a user&password-related account.

Expected behavior

User can only use Google SSO to create a FA account.


  • Project name: TymeshiftFA

Hello @Raphael_Neves, and thanks for reaching out to us.
Someone from our customer success team will be in touch with you shortly about the topic, by the end of this week.

Have a nice day,


A few more details:
This kind of feature is already available in Forest Admin, as part of the SSO feature.
You can find more details in the documentation

As well as in our blog

Hi @Nicolas.M :wave:

We already have the Google SSO working. The issue is: when someone new joins the company, this person has the option to use the SSO or create an account using user+password.

The outcome we want is that everyone must use Google SSO as the only option. Currently, the majority of our employees are using user+pass.

I would break this in two parts:

  1. Only allow new users to join FA using the SSO
  2. Migrate the current users using user+pass to SSO

Are we doing something bad to get both options available when creating a new account:?