Mult-factor authentication is optional for Account Users (end users of the portal). By default it is disabled.
This service allows users to securely login by using a second channel to deliver an authentication token to the user, so a user’s account cannot be compromised only by someone else learning their login credentials.
STEP: Login as a Super Admin
STEP: Access Advanced Config and add "ENABLE_MULTI_FACTOR_AUTH": true
NOTE: Account Users can disable multi-factor authentication for their accounts, but only if multi-factor authentication is already enabled in the advanced cofig. The option for doing so is on the User Profile page as shown below