bid_main/templates/bid_main/index.html

@@ -139,9 +139,11 @@ Profile
     <a class="btn" href="{% url 'bid_main:active_sessions' %}">
       <span>Active Sessions</span>
     </a>
+    {% if show_mfa %}
     <a class="btn" href="{% url 'bid_main:mfa' %}">
       <span>Multi-factor Authentication</span>
     </a>
+    {% endif %}
   </div>
   <div class="btn-row-fluid mt-3">
     <a class="btn" href="{% url 'bid_main:password_change' %}">

bid_main/views/normal_pages.py

@@ -67,14 +67,20 @@ class IndexView(mixins.MfaRequiredIfConfiguredMixin, mixins.PageIdMixin, Templat
             name for name, roles in self.BID_APP_TO_ROLES.items() if roles.intersection(role_names)
         }
 
+        show_mfa = (
+            user.mfa_devices_per_type
+            or (user.email.endswith('@blender.org') and user.confirmed_email_at)
+        )
+
         return {
             **super().get_context_data(**kwargs),
             "apps": apps,
             "cloud_needs_renewal": (
                 "cloud_has_subscription" in role_names and "cloud_subscriber" not in role_names
             ),
-            "show_confirm_address": not user.has_confirmed_email,
             "private_badge_ids": {role.id for role in user.private_badges.all()},
+            "show_confirm_address": not user.has_confirmed_email,
+            "show_mfa": show_mfa,
         }