policy name: two_factor_authentication_is_disabled_for_a_collaborator
severity: HIGH
A collaborator’s two factor authentication is disabled. Turn it on in the collaborator setting, or globally in the account, to prevent any access without MFA.
Collaborators without two-factor authentication are prime targets for phising and social engineering attacks, as compromise only requires acquiring the collaborator’s password.