Description: Ensures every administrator must use MFA before accessing wp-admin (Pro).
How it works: If an admin account is not enrolled, AegisShield can force enrollment and restrict access until complete.
How to access / configure:
- WP Admin → AegisShield → Login Guard → MFA (Pro).
- Enable “Mandatory for administrators”.
- Ensure all admin accounts can receive MFA codes and have backup codes.
Recommended setting: Turn this on for production sites; remove unused admin accounts first.