Enforcing Secure Login
Require 2FA and/or Google account login for your team.
Your team can require its members to use any combination of the following login practices:
Only team Admins can enable or disable login enforcement features.
Two-factor authentication
Enforce two-factor authentication (2FA) from your Team Settings page:
If you enforce 2FA, team members can’t access the team’s resources or settings until they enable 2FA for their Render account.
Team members with SSH or API keys can’t use these keys to access team resources until they enable 2FA.
Google account login
Enforce Google-account-based login from your Team Settings page:
If you enable this feature, team members can’t access the team’s resources or settings if they log in using any method besides their Google account (such as with a username and password). Additionally, team members can’t change their Render account’s associated email address.
As of 2024-05-01, new API keys must be created while signed in via Google account to access resources of a team that enables this feature.
API keys created before this date always have full access to team resources, regardless of the team member’s login method at the time of creation.