# Organization-Wide Policies A root user has a few more MFA options under the **Organization-wide policies**. You will see a list of sub-users linked to your main account and you will be able to manage their MFA settings. One important feature is the **Enforce MFA policy to all users in your organization** checkbox. If you enable this checkbox and confirm the change, the MFA becomes mandatory for all users, including you. Essentially, it locks in the MFA policy across your organization, making it impossible for any sub-user to disable MFA. As for individual sub-users, while they cannot disable MFA once the organization-wide policy is in effect, they can still reset their own MFA. Please note that this process is only possible while you are logged into your Impossible Cloud Storage account and your session is active. There is also a **Reset MFA** button for each sub-user in the **Organization-Wide Policies** list. **Organization-Wide Policies** are exclusively available for root users. Sub-users do not have access to these functions. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.impossiblecloud.com/impossible-cloud-help/impossible-cloud-storage-guide/profile-settings/multi-factor-authentication-mfa/organization-wide-policies.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.