diff --git a/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/RequireTwoFactorPolicyRequirement.cs b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/RequireTwoFactorPolicyRequirement.cs
new file mode 100644
index 0000000000..2ce81ed9d7
--- /dev/null
+++ b/src/Core/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/RequireTwoFactorPolicyRequirement.cs
@@ -0,0 +1,29 @@
+using Bit.Core.AdminConsole.Enums;
+using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
+using Bit.Core.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
+using Bit.Core.Enums;
+
+///
+/// Policy requirements for the Require Two-Factor Authentication policy.
+///
+public class RequireTwoFactorPolicyRequirement : IPolicyRequirement
+{
+ ///
+ /// Indicates whether two-factor authentication is required for the user.
+ ///
+ public bool RequireTwoFactor { get; init; }
+}
+
+public class RequireTwoFactorPolicyRequirementFactory : BasePolicyRequirementFactory
+{
+ public override PolicyType PolicyType => PolicyType.TwoFactorAuthentication;
+ protected override IEnumerable ExemptStatuses => [OrganizationUserStatusType.Revoked];
+
+ public override RequireTwoFactorPolicyRequirement Create(IEnumerable policyDetails)
+ {
+ return new RequireTwoFactorPolicyRequirement
+ {
+ RequireTwoFactor = policyDetails.Any(p => p.PolicyType == PolicyType.TwoFactorAuthentication)
+ };
+ }
+}
diff --git a/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/RequireTwoFactorPolicyRequirementFactoryTests.cs b/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/RequireTwoFactorPolicyRequirementFactoryTests.cs
new file mode 100644
index 0000000000..2b65ad5157
--- /dev/null
+++ b/test/Core.Test/AdminConsole/OrganizationFeatures/Policies/PolicyRequirements/RequireTwoFactorPolicyRequirementFactoryTests.cs
@@ -0,0 +1,59 @@
+using Bit.Core.AdminConsole.Enums;
+using Bit.Core.AdminConsole.Models.Data.Organizations.Policies;
+using Bit.Core.Enums;
+using Bit.Test.Common.AutoFixture;
+using Bit.Test.Common.AutoFixture.Attributes;
+using Xunit;
+
+namespace Bit.Core.Test.AdminConsole.OrganizationFeatures.Policies.PolicyRequirements;
+
+[SutProviderCustomize]
+public class RequireTwoFactorPolicyRequirementFactoryTests
+{
+ [Theory]
+ [BitAutoData]
+ public void RequireTwoFactor_WithNoPolicies_ReturnsFalse(SutProvider sutProvider)
+ {
+ var actual = sutProvider.Sut.Create([]);
+
+ Assert.False(actual.RequireTwoFactor);
+ }
+
+ [Theory]
+ [BitAutoData(OrganizationUserStatusType.Invited)]
+ [BitAutoData(OrganizationUserStatusType.Accepted)]
+ [BitAutoData(OrganizationUserStatusType.Confirmed)]
+ public void RequireTwoFactor_WithNonExemptStatus_ReturnsTrue(
+ OrganizationUserStatusType userStatus,
+ SutProvider sutProvider)
+ {
+ var actual = sutProvider.Sut.Create(
+ [
+ new PolicyDetails
+ {
+ PolicyType = PolicyType.TwoFactorAuthentication,
+ OrganizationUserStatus = userStatus
+ }
+ ]);
+
+ Assert.True(actual.RequireTwoFactor);
+ }
+
+ [Theory]
+ [BitAutoData(OrganizationUserStatusType.Revoked)]
+ public void RequireTwoFactor_WithExemptStatus_ReturnsFalse(
+ OrganizationUserStatusType userStatus,
+ SutProvider sutProvider)
+ {
+ var actual = sutProvider.Sut.Create(
+ [
+ new PolicyDetails
+ {
+ PolicyType = PolicyType.TwoFactorAuthentication,
+ OrganizationUserStatus = userStatus
+ }
+ ]);
+
+ Assert.False(actual.RequireTwoFactor);
+ }
+}