Enabling `All users in this group must set up two-factor authentication` on a subgroup should only apply to direct members in that subgroup
Proposal
GitLab allows the enforcement of 2FA on subgroup levels.
Enabling this on a sub-group forces all user who are members at any parent group to enable 2FA on their accounts even if they do not attempt to access the subgroup.
This feature proposal suggests to only enforce 2FA on direct members of that subgroup.
Edited by Armin Hergenhan