At times, it may be necessary for a user administrator to suspend or remove 2-factor authentication for a managed user.   For example, it may be necessary to clear the 2-factor authentication configuration the user's registered device is missing.   2-factor authentication can be suspended or cleared if necessary.  

 

User Managers can see which users have 2-factor authentication enabled by showing the 2FA Status column on the users list.   This column is hidden by default.

Right click on a user that has 2-Factor Authentication enabled to either suspend or remove 2-factor authentication. 

Clicking on "Remove 2-factor authentication" will clear ALL 2 factor authentication devices from the users account.

If you choose to suspend 2-factor authentication then a new window will be shown to state when 2-factor authentication should be enabled again.    2-factor authentication will automatically resume when the time is passed.

If the account 2-factor is suspended it can be resumed early by right clicking on the user and selecting "Resume 2-factor authentication"