Certain VIP administrators are able to login to the VIP Manager via the Manager IdP or other single sign-on without being prompted to register a credential or enter a security code.
By design, certain VIP administrator permissions do not require 2FA under these 2 conditions :
The following are considered non-sensitive permissions:
Adding any sensitive permission to the administrator (or administrator group) will require 2FA. Changing the SSO settings in VIP or logging directly to the VIP Manager will also prompt the admin user for a security code.