Enforcing Secure Login
Require 2FA and/or Google account login for your team.
Your workspace can require its members to use any combination of the following login practices:
Only workspace Admins can enable or disable login enforcement features.
Two-factor authentication
Enforce two-factor authentication (2FA) from your Workspace Settings page:
If you enforce 2FA, your team members can’t access the workspace’s resources or settings until they enable 2FA for their Render account.
Team members with SSH or API keys can’t use these keys to access workspace resources until they enable 2FA.
Google account login
Enforce Google-account-based login from your Workspace Settings page:
If you enable this feature, your team members can’t access the workspace’s resources or settings if they log in using any method besides their Google account (such as with a username and password). Additionally, your team members can’t change their Render account’s associated email address.
As of 2024-05-01, new API keys must be created while signed in via Google account to access resources of a workspace that enables this feature.
API keys created before this date always have full access to workspace resources, regardless of the team member’s login method at the time of creation.