diff --git a/readme.md b/readme.md
index 4ad21bbb..8ce4ceeb 100644
--- a/readme.md
+++ b/readme.md
@@ -61,6 +61,7 @@ $ np --help
     --no-yarn           Don't use Yarn
     --contents          Subdirectory to publish
     --no-release-draft  Skips opening a GitHub release draft
+    --no-2fa            Don't enable 2FA on new packages (not recommended)
 
   Examples
     $ np
@@ -93,6 +94,7 @@ Currently, these are the flags you can configure:
 - `yarn` - Use yarn if possible (`true` by default).
 - `contents` - Subdirectory to publish (`.` by default).
 - `releaseDraft` - Open a GitHub release draft after releasing (`true` by default).
+- `2fa` - Enable 2FA on new packages (`true` by default) (it's not recommended to set this to `false`).
 
 For example, this configures `np` to never use Yarn and to use `dist` as the subdirectory to publish:
 
diff --git a/source/cli.js b/source/cli.js
index 99000ead..92b09c15 100755
--- a/source/cli.js
+++ b/source/cli.js
@@ -32,6 +32,7 @@ const cli = meow(`
 	  --no-yarn           Don't use Yarn
 	  --contents          Subdirectory to publish
 	  --no-release-draft  Skips opening a GitHub release draft
+	  --no-2fa            Don't enable 2FA on new packages (not recommended)
 
 	Examples
 	  $ np
@@ -74,6 +75,9 @@ const cli = meow(`
 		},
 		preview: {
 			type: 'boolean'
+		},
+		'2fa': {
+			type: 'boolean'
 		}
 	}
 });
@@ -88,7 +92,8 @@ updateNotifier({pkg: cli.pkg}).notify();
 		tests: true,
 		publish: true,
 		releaseDraft: true,
-		yarn: hasYarn()
+		yarn: hasYarn(),
+		'2fa': true
 	};
 
 	const localConfig = await config();
@@ -99,6 +104,11 @@ updateNotifier({pkg: cli.pkg}).notify();
 		...cli.flags
 	};
 
+	// Workaround for unintended auto-casing behavior from `meow`.
+	if ('2Fa' in flags) {
+		flags['2fa'] = flags['2Fa'];
+	}
+
 	const runPublish = flags.publish && !pkg.private;
 
 	const availability = flags.publish ? await isPackageNameAvailable(pkg) : {
diff --git a/source/index.js b/source/index.js
index 3d5be812..e70c9983 100644
--- a/source/index.js
+++ b/source/index.js
@@ -215,7 +215,7 @@ module.exports = async (input = 'patch', options) => {
 		]);
 
 		const isExternalRegistry = npm.isExternalRegistry(pkg);
-		if (options.availability.isAvailable && !options.availability.isUnknown && !pkg.private && !isExternalRegistry) {
+		if (options['2fa'] && options.availability.isAvailable && !options.availability.isUnknown && !pkg.private && !isExternalRegistry) {
 			tasks.add([
 				{
 					title: 'Enabling two-factor authentication',
diff --git a/test/index.js b/test/index.js
index 54c3ecc3..1c90aa46 100644
--- a/test/index.js
+++ b/test/index.js
@@ -61,3 +61,31 @@ test('skip enabling 2FA if the package exists', async t => {
 
 	t.true(enable2faStub.notCalled);
 });
+
+test('skip enabling 2FA if the `2fa` option is false', async t => {
+	const enable2faStub = sinon.stub();
+
+	const np = proxyquire('../source', {
+		del: sinon.stub(),
+		execa: sinon.stub().returns({pipe: sinon.stub()}),
+		'./prerequisite-tasks': sinon.stub(),
+		'./git-tasks': sinon.stub(),
+		'./git-util': {
+			hasUpstream: sinon.stub().returns(true),
+			push: sinon.stub()
+		},
+		'./npm/enable-2fa': enable2faStub,
+		'./npm/publish': sinon.stub().returns({pipe: sinon.stub()})
+	});
+
+	await t.notThrowsAsync(np('1.0.0', {
+		...defaultOptions,
+		availability: {
+			isAvailable: true,
+			isUnknown: false
+		},
+		'2fa': false
+	}));
+
+	t.true(enable2faStub.notCalled);
+});