Rocket.Chat's Community Open Call 🎤 Jan 19th, 2022 Join us!

Force users to use 2FA through TOTP

I’m new to Rocket.Chat and I have done a fresh installation.
Now I’m playing with settings to see if we can use Rocket.Chat.


I’m able to create users and they can login, so far so good.
The user can choose to activate 2FA using TOTP, but we would like to force that option.
All users should use 2FA using TOTP all the time and an user shouldn’t be allowed to deactivate that in there account.
Is this possible? And if yes, how?

Thanks for any help.

Server Setup Information

  • Version of Rocket.Chat Server: 4.2.2
  • Operating System: ubuntu
  • Deployment Method: manual nginx ssl
  • Number of Running Instances: 1
  • DB Replicaset Oplog: ?
  • NodeJS Version: 12.18.4
  • MongoDB Version: 5.0.5
  • Proxy: nginx
  • Firewalls involved:

Any additional Information


I was not able to find a configuration for that too.

It would be nice to force this and, once activated, don’t allow the user itself to deactivate.

We have a repo for features requests. Would you mind open an issue there?


Done. see here