Robot accounts (accounts that are not tied to a Googler account) that perform administrative functions within an organization also need to have 2FA enabled. Setting up 2FA on a robot account uses the same process as a user account, but you will need to store the credentials for the second factor in a secure location to prevent loss of access to the account.
When logged into the robot account, visit the 2FA setup page. Select the option to set up 2FA using an app:
It will then display the recovery codes for future access. Save these in a secure location.
Next it will display a barcode and instruct you to scan it with the authentication app. Select the option to enter a text code instead:
Save the text code to a secure location. Then, use this text code to set up the authentication app (such as Google Authenticator on a mobile phone) using the "enter a provided key" option:
Multiple people can configure Authenticator for your robot account using the same text code.
You can also register individual team members' security keys as a second factor at the 2FA configuration page. Click "Register new security key" and enter a nickname like "emailremoved@ workstation".