diff --git a/pandora_console/general/register.php b/pandora_console/general/register.php
index 8c10adc32b..6d15c7ab2f 100644
--- a/pandora_console/general/register.php
+++ b/pandora_console/general/register.php
@@ -186,6 +186,88 @@ try {
     $welcome = false;
 }
 
+$double_auth_enabled = (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $config['id_user']);
+
+if (!$double_auth_enabled && $config['2FA_all_users'] != ''
+    && $config['2Fa_auth'] != '1'
+    && $config['double_auth_enabled']
+) {
+    echo '<div id="doble_auth_window" style="display: none"; >';
+    ?>
+    <script type="text/javascript">
+  var userID = "<?php echo $config['id_user']; ?>";
+
+  var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
+  var $dialogContainer = $("div#doble_auth_window");
+
+  $dialogContainer.html($loadingSpinner);
+
+  // Load the info page
+  var request = $.ajax({
+    url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
+    type: 'POST',
+    dataType: 'html',
+    data: {
+      page: 'include/ajax/double_auth.ajax',
+      id_user: userID,
+      get_double_auth_info_page: 1,
+      containerID: $dialogContainer.prop('id')
+    },
+    complete: function (xhr, textStatus) {
+
+    },
+    success: function (data, textStatus, xhr) {
+      // isNaN = is not a number
+      if (isNaN(data)) {
+        $dialogContainer.html(data);
+      }
+      // data is a number, convert it to integer to do the compare
+      else if (Number(data) === -1) {
+        $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
+      }
+      else {
+        $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Error').'</div></b>'; ?>");
+      }
+    },
+    error: function (xhr, textStatus, errorThrown) {
+      $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error loading the data').'</div></b>'; ?>");
+    }
+  });
+
+  $("div#doble_auth_window").dialog({
+    <?php config_update_value('2Fa_auth', ''); ?>
+    resizable: true,
+    draggable: true,
+    modal: true,
+    title: "<?php echo __('Double autentication activation'); ?>",
+    overlay: {
+      opacity: 0.5,
+      background: "black"
+    },
+    width: 500,
+    height: 400,
+    close: function (event, ui) {
+        
+    <?php
+    if (!$double_auth_enabled) {
+        config_update_value('2Fa_auth', '1');
+    }
+    ?>
+      // Abort the ajax request
+      if (typeof request != 'undefined'){
+        request.abort();
+      }
+      // Remove the contained html
+      $dialogContainer.empty();
+
+      //document.location.reload();
+    }
+  })
+    .show();    </script>
+    <?php
+    echo '</div>';
+}
+
 $newsletter = null;
 
 ?>
diff --git a/pandora_console/godmode/setup/setup_auth.php b/pandora_console/godmode/setup/setup_auth.php
index eba3b44e0d..282d391bc4 100644
--- a/pandora_console/godmode/setup/setup_auth.php
+++ b/pandora_console/godmode/setup/setup_auth.php
@@ -221,10 +221,33 @@ if (is_ajax()) {
             'double_auth_enabled',
             1,
             $config['double_auth_enabled'],
-            true
+            true,
+            false,
+            'showAndHide()'
         );
         $table->data['double_auth_enabled'] = $row;
 
+        // Enable 2FA for all users.
+        // Set default value.
+        set_unless_defined($config['2FA_all_users'], false);
+        $row = [];
+        $row['name'] = __('Force 2FA for all users is enabled');
+        $row['control'] .= html_print_checkbox_switch(
+            '2FA_all_users',
+            1,
+            $config['2FA_all_users'],
+            true
+        );
+
+        if (!$config['double_auth_enabled']) {
+            $table->rowclass['2FA_all_users'] = 'invisible';
+        } else {
+            $table->rowclass['2FA_all_users'] = '';
+        }
+
+            $table->data['2FA_all_users'] = $row;
+
+
         // Session timeout.
         // Default session timeout.
         set_when_empty($config['session_timeout'], 90);
@@ -317,6 +340,22 @@ echo '</form>';
 ?>
 
 <script type="text/javascript">
+
+    function showAndHide() {
+        if ($('input[type=checkbox][name=double_auth_enabled]:checked').val() == 1) {
+                $('#table1-2FA_all_users').removeClass('invisible');
+                $('#table1-2FA_all_users-name').removeClass('invisible');
+                $('#table1-2FA_all_users-control').removeClass('invisible');
+                $('#table1-2FA_all_users').show();
+            } else {
+                $('#table1-2FA_all_users').hide();
+        }
+    }
+    $( document ).ready(function() {   
+
+    });
+    //For change autocreate remote users
+
     $('#auth').on('change', function(){
         type_auth = $('#auth').val();
         $.ajax({
diff --git a/pandora_console/godmode/users/configure_user.php b/pandora_console/godmode/users/configure_user.php
index acf412b345..d13e9bc227 100644
--- a/pandora_console/godmode/users/configure_user.php
+++ b/pandora_console/godmode/users/configure_user.php
@@ -1128,6 +1128,28 @@ if ($config['ehorus_user_level_conf']) {
     $ehorus .= '</div>';
 }
 
+$double_auth_enabled = (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $id);
+
+if ($config['double_auth_enabled'] && check_acl($config['id_user'], 0, 'PM')) {
+    $double_authentication = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Double authentication').'</p>';
+    if (($config['2FA_all_users'] == '' && !$double_auth_enabled)
+        || ($config['double_auth_enabled'] == '' && $double_auth_enabled)
+        || check_acl($config['id_user'], 0, 'PM')
+    ) {
+        $double_authentication .= html_print_checkbox_switch('double_auth', 1, $double_auth_enabled, true);
+    }
+
+    // Dialog.
+    $double_authentication .= '<div id="dialog-double_auth" style="display:none"><div id="dialog-double_auth-container"></div></div>';
+}
+
+if ($double_auth_enabled && $config['double_auth_enabled'] && $config['2FA_all_users'] != '') {
+    $double_authentication .= html_print_button(__('Show information'), 'show_info', false, 'javascript:show_double_auth_info();', '', true);
+}
+
+if (isset($double_authentication)) {
+    $double_authentication .= '</div>';
+}
 
 if ($meta) {
     enterprise_include_once('include/functions_metaconsole.php');
@@ -1179,7 +1201,7 @@ echo '<div id="user_form">
     <div class="edit_user_autorefresh white_box"><p style="font-weight:bold;">Extra info</p>'.$email.$phone.$not_login.$session_time.'</div>
 </div> 
 <div class="user_edit_second_row white_box">
-    <div class="edit_user_options">'.$language.$access_or_pagination.$skin.$home_screen.$default_event_filter.$newsletter.'</div>
+    <div class="edit_user_options">'.$language.$access_or_pagination.$skin.$home_screen.$default_event_filter.$newsletter.$double_authentication.'</div>
 
     <div class="edit_user_timezone">'.$timezone;
 if (!is_metaconsole()) {
@@ -1278,6 +1300,15 @@ if (!is_metaconsole()) {
 var json_profile = $('#hidden-json_profile');
 /* <![CDATA[ */
 $(document).ready (function () {
+    $("input#checkbox-double_auth").change(function (e) {
+        e.preventDefault();
+            if (this.checked) {
+                show_double_auth_activation();
+            } else {
+                show_double_auth_deactivation();
+            }
+    }); 
+
     $('input:radio[name="is_admin"]').change(function() {
         if($('#radiobtn0002').prop('checked')) {     
             $('#metaconsole_agents_manager_div').show();
@@ -1495,5 +1526,216 @@ function switch_ehorus_conf()
 
 }
 
+function show_double_auth_info () {
+    var userID = '<?php echo io_safe_output($id); ?>';
+
+    var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
+    var $dialogContainer = $("div#dialog-double_auth-container");
+
+    $dialogContainer.html($loadingSpinner);
+console.log(userID);
+    // Load the info page
+    var request = $.ajax({
+        url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
+        type: 'POST',
+        dataType: 'html',
+        data: {
+            page: 'include/ajax/double_auth.ajax',
+            id_user: userID,
+            get_double_auth_data_page: 1,
+            FA_forced: 1,
+            containerID: $dialogContainer.prop('id')
+        },
+        complete: function(xhr, textStatus) {
+            
+        },
+        success: function(data, textStatus, xhr) {
+            // isNaN = is not a number
+            if (isNaN(data)) {
+                $dialogContainer.html(data);
+            }
+            // data is a number, convert it to integer to do the compare
+            else if (Number(data) === -1) {
+                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
+            }
+            else {
+                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Error').'</div></b>'; ?>");
+            }
+        },
+        error: function(xhr, textStatus, errorThrown) {
+            $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error loading the data').'</div></b>'; ?>");
+        }
+    });
+
+    $("div#dialog-double_auth")
+        .css('display','block')
+        .append($dialogContainer)
+        .dialog({
+            resizable: true,
+            draggable: true,
+            modal: true,
+            title: "<?php echo __('Double autentication information'); ?>",
+            overlay: {
+                opacity: 0.5,
+                background: "black"
+            },
+            width: 400,
+            height: 375,
+            close: function(event, ui) {
+                // Abort the ajax request
+                if (typeof request != 'undefined')
+                    request.abort();
+                // Remove the contained html
+                $dialogContainer.empty();
+            }
+        })
+        .show();
+
+}
+
+function show_double_auth_activation () {
+    var userID = '<?php echo io_safe_output($id); ?>';
+
+    var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
+    var $dialogContainer = $("div#dialog-double_auth-container");
+
+    $dialogContainer.html($loadingSpinner);
+
+    // Load the info page
+    var request = $.ajax({
+        url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
+        type: 'POST',
+        dataType: 'html',
+        data: {
+            page: 'include/ajax/double_auth.ajax',
+            id_user: userID,
+            FA_forced: 1,
+            get_double_auth_info_page: 1,
+            containerID: $dialogContainer.prop('id')
+        },
+        complete: function(xhr, textStatus) {
+            
+        },
+        success: function(data, textStatus, xhr) {
+            // isNaN = is not a number
+            if (isNaN(data)) {
+                $dialogContainer.html(data);
+            }
+            // data is a number, convert it to integer to do the compare
+            else if (Number(data) === -1) {
+                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
+            }
+            else {
+                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Error').'</div></b>'; ?>");
+            }
+        },
+        error: function(xhr, textStatus, errorThrown) {
+            $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error loading the data').'</div></b>'; ?>");
+        }
+    });
+
+    $("div#dialog-double_auth").dialog({
+            resizable: true,
+            draggable: true,
+            modal: true,
+            title: "<?php echo __('Double autentication activation'); ?>",
+            overlay: {
+                opacity: 0.5,
+                background: "black"
+            },
+            width: 500,
+            height: 400,
+            close: function(event, ui) {
+                // Abort the ajax request
+                if (typeof request != 'undefined')
+                    request.abort();
+                // Remove the contained html
+                $dialogContainer.empty();
+
+                document.location.reload();
+            }
+        })
+        .show();
+}
+
+function show_double_auth_deactivation () {
+    var userID = '<?php echo io_safe_output($id); ?>';
+    console.log(userID);
+    var $loadingSpinner = $("<img src=\"<?php echo $config['homeurl']; ?>/images/spinner.gif\" />");
+    var $dialogContainer = $("div#dialog-double_auth-container");
+
+    var message = "<p><?php echo __('Are you sure?').'<br>'.__('The double authentication will be deactivated'); ?></p>";
+    var $button = $("<input type=\"button\" value=\"<?php echo __('Deactivate'); ?>\" />");
+
+    $dialogContainer
+        .empty()
+        .append(message)
+        .append($button);
+
+    var request;
+
+    $button.click(function(e) {
+        e.preventDefault();
+
+        $dialogContainer.html($loadingSpinner);
+
+        // Deactivate the double auth
+        request = $.ajax({
+            url: "<?php echo ui_get_full_url('ajax.php', false, false, false); ?>",
+            type: 'POST',
+            dataType: 'json',
+            data: {
+                page: 'include/ajax/double_auth.ajax',
+                id_user: userID,
+                FA_forced: 1,
+                deactivate_double_auth: 1
+            },
+            complete: function(xhr, textStatus) {
+                
+            },
+            success: function(data, textStatus, xhr) {
+                console.log(data);
+                if (data === -1) {
+                    $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('Authentication error').'</div></b>'; ?>");
+                }
+                else if (data) {
+                    $dialogContainer.html("<?php echo '<b><div class=\"green\">'.__('The double autentication was deactivated successfully').'</div></b>'; ?>");
+                }
+                else {
+                    $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error deactivating the double autentication').'</div></b>'; ?>");
+                }
+            },
+            error: function(xhr, textStatus, errorThrown) {
+                $dialogContainer.html("<?php echo '<b><div class=\"red\">'.__('There was an error deactivating the double autentication').'</div></b>'; ?>");
+            }
+        });
+    });
+    
+
+    $("div#dialog-double_auth").dialog({
+            resizable: true,
+            draggable: true,
+            modal: true,
+            title: "<?php echo __('Double autentication activation'); ?>",
+            overlay: {
+                opacity: 0.5,
+                background: "black"
+            },
+            width: 300,
+            height: 150,
+            close: function(event, ui) {
+                // Abort the ajax request
+                if (typeof request != 'undefined')
+                    request.abort();
+                // Remove the contained html
+                $dialogContainer.empty();
+
+                document.location.reload();
+            }
+        })
+        .show();
+}
+
+
 /* ]]> */
 </script>
diff --git a/pandora_console/include/ajax/double_auth.ajax.php b/pandora_console/include/ajax/double_auth.ajax.php
index 7633a28979..2f2970ee23 100644
--- a/pandora_console/include/ajax/double_auth.ajax.php
+++ b/pandora_console/include/ajax/double_auth.ajax.php
@@ -17,7 +17,9 @@ check_login();
 
 // Security check
 $id_user = (string) get_parameter('id_user');
-if ($id_user !== $config['id_user']) {
+$FA_forced = (int) get_parameter('FA_forced');
+
+if ($id_user !== $config['id_user'] && $FA_forced != 1) {
     db_pandora_audit(
         'ACL Violation',
         'Trying to access Double Authentication'
diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php
index eda0e37770..3edda7e357 100644
--- a/pandora_console/include/functions_config.php
+++ b/pandora_console/include/functions_config.php
@@ -721,6 +721,10 @@ function config_update_config()
                         $error_update[] = __('Double authentication');
                     }
 
+                    if (!config_update_value('2FA_all_users', get_parameter('2FA_all_users'))) {
+                        $error_update[] = __('2FA all users');
+                    }
+
                     if (!config_update_value('session_timeout', get_parameter('session_timeout'))) {
                         $error_update[] = __('Session timeout');
                     }
@@ -2008,6 +2012,10 @@ function config_process_config()
         config_update_value('welcome_state', WELCOME_STARTED);
     }
 
+    if (!isset($config['2Fa_auth'])) {
+        config_update_value('2Fa_auth', '');
+    }
+
      /*
       * Parse the ACL IP list for access API
       */
diff --git a/pandora_console/include/styles/pandora.css b/pandora_console/include/styles/pandora.css
index 24ea783b34..d8b4777fbb 100644
--- a/pandora_console/include/styles/pandora.css
+++ b/pandora_console/include/styles/pandora.css
@@ -691,6 +691,10 @@ select:-internal-list-box {
   display: none !important;
 }
 
+.visible {
+  display: block;
+}
+
 div#page {
   background: #fbfbfb;
   background-image: none;
diff --git a/pandora_console/index.php b/pandora_console/index.php
index 1d72a5a5af..233f554749 100755
--- a/pandora_console/index.php
+++ b/pandora_console/index.php
@@ -390,6 +390,7 @@ if (! isset($config['id_user'])) {
         }
 
         $login_button_saml = get_parameter('login_button_saml', false);
+        config_update_value('2Fa_auth', '');
         if (isset($double_auth_success) && $double_auth_success) {
             // This values are true cause there are checked before complete
             // the 2nd auth step.
@@ -719,6 +720,8 @@ if (! isset($config['id_user'])) {
             $redirect_url .= '&'.safe_url_extraclean($key).'='.safe_url_extraclean($value);
         }
 
+        $double_auth_enabled = (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $config['id_user']);
+
         header('Location: '.ui_get_full_url('index.php'.$redirect_url));
         exit;
         // Always exit after sending location headers.
diff --git a/pandora_console/operation/users/user_edit.php b/pandora_console/operation/users/user_edit.php
index 23b797a8f2..b55a0952e4 100644
--- a/pandora_console/operation/users/user_edit.php
+++ b/pandora_console/operation/users/user_edit.php
@@ -393,14 +393,21 @@ $timezone .= html_print_timezone_select('timezone', $user_info['timezone']).'</d
 // Double auth.
 $double_auth_enabled = (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $config['id_user']);
 
-if ($config['double_auth_enabled']) {
+if ($config['double_auth_enabled'] || ($config['double_auth_enabled'] == '' && $double_auth_enabled)) {
     $double_authentication = '<div class="label_select_simple"><p class="edit_user_labels">'.__('Double authentication').'</p>';
-    $double_authentication .= html_print_checkbox_switch('double_auth', 1, $double_auth_enabled, true);
+    if (($config['2FA_all_users'] == '' && !$double_auth_enabled)
+        || ($config['2FA_all_users'] != '' && !$double_auth_enabled)
+        || ($config['double_auth_enabled'] == '' && $double_auth_enabled)
+        || check_acl($config['id_user'], 0, 'PM')
+    ) {
+        $double_authentication .= html_print_checkbox_switch('double_auth', 1, $double_auth_enabled, true);
+    }
+
     // Dialog.
     $double_authentication .= '<div id="dialog-double_auth" style="display:none"><div id="dialog-double_auth-container"></div></div>';
 }
 
-if ($double_auth_enabled) {
+if ($double_auth_enabled && $config['double_auth_enabled'] && $config['2FA_all_users'] != '') {
     $double_authentication .= html_print_button(__('Show information'), 'show_info', false, 'javascript:show_double_auth_info();', '', true);
 }
 
@@ -881,14 +888,13 @@ $(document).ready (function () {
 
     $("input#checkbox-double_auth").change(function (e) {
         e.preventDefault();
+            if (this.checked) {
+                show_double_auth_activation();
+            } else {
+                show_double_auth_deactivation();
+            }
+    }); 
 
-        if (this.checked) {
-            show_double_auth_activation();
-        }
-        else {
-            show_double_auth_deactivation();
-        }
-    });
     
     show_data_section();
 });