With the growing online threat of credentials theft, simple password protection is not enough. We now allow administrators to enable two factor authentication by permission group. Once toggled on, any users within that group will be required to configure two factor on next login.
We highly encourage all users to enable two-factor now. OptiPub will soon force two-factor on any users with write permissions globally to protect our clients data. SMS isn't perfect as it is susceptible to SIM hijacking, but it's a huge step forward and adds a lot of protection with minimal inconvenience. Soon we will add support for more advanced two factor methods like hardware keys.