The Submission page enables you to set specific requirements for hackers to submit reports to your program. You can require hackers to meet certain signal requirements and set up two-factor authentication.
Requiring Two-Factor Authentication
To require hackers to have two-factor authentication enabled before submitting reports to your program:
Go to Settings > Program > Submission.
Go to the section on requiring hackers to have 2FA.
Click the button so that it's set to Yes.
Hackers that have already submitted past reports before 2FA was required will still be able to access and comment on those reports. They, however, won't be able to submit any new reports to your program without enabling 2FA.