Can an individual user disable two-factor authentication (2FA) on their own account?
An individual user cannot disable two-factor authentication (2FA) on their own account if 2FA is enforced through system role settings (e.g., the default role).
Even if your user profile appears to show a "Disable" button or icon for 2FA, it does not override role-based enforcement. When 2FA is tied to a role, the setting comes from the role rather than the user’s personal settings.
If 2FA is not enabled through the default role and you want to disable it, do the following:
- Click your name in the top-right corner and select your user account.
- Go to Security and then click the Disable button.
- 2FA will now be disabled for your account.
If, for example, you have changed your phone and need to reset your 2FA code, please contact support at tuki@granite.fi.
Updated on: 16/06/2026
Thank you!