When a Passly tenant is created we build your Default Policy to allow for devices to be trusted. Trusted devices can cause a concern for many admins as users do not get prompted to use 2FA all the time.
To resolve this all you need to do is modify the Default Policy in the Policy Manager.
For example when your Passly tenant is created you will see a policy like this.
Now as you can see in the original Default Policy that only the first login is required to use 2FA once every 30 days.
If an Administrator changes your policy to reflect as below displays all users will be required to use 2FA.