This article covers a basic overview of two-factor authentication:
Two-factor authentication (or 2FA) is a method of confirming a user's identity utilising a combination of two different factors.
It creates an extra layer of security by requiring more than one form of identification.
To verify access to your online information, 2FA uses various forms of identification. In iPayroll, this is:
- Your username and password, and
- A one-time password displayed by an authenticator app.
iPayroll uses the Time-based One-time Password (TOTP) algorithm to calculate the one-time password.
It is calculated using a unique time-based key, provided to you in the 2FA setup stage in iPayroll, and the current time. A 6-digit code (one-time password) is produced using the algorithm. The 6-digit code is regenerated using the new time every 30 seconds.
iPayroll 2FA can be used with most Time-based One-time Password applications (authenticator apps). It is the authenticator app that displays the 6-digit codes.
Authenticator apps can be downloaded to smartphones, tablets and desktop computers.
For instructions on how to use some of the more common authenticator apps that support TOTP, see Third-Party Authenticator Apps.
Any user can optionally set up 2FA in iPayroll as an added level of security.
In some cases, a user may be required to set up 2FA.
Note: iPayroll is in the process of rolling out mandatory two-factor authentication for all iPayroll organisations.
Two-factor authentication will be required for all iPayroll organisations by December 2020.
Employers can make it compulsory for all users of their iPayroll account, including Kiosk users, to be required to sign in with 2FA.
Primary Partner, Group and Affiliate users can also enforce compulsory 2FA for their users.
See Make two-factor authentication compulsory for instructions on making 2FA compulsory for users.
Enable Two-Factor Authentication
iPayroll has a 2FA set up page that will either appear after login, if 2FA is compulsory, or you can browse to the 2FA set up page in your user profile. This page allows you to set up 2FA in iPayroll by scanning the QR Code from this page, or by manually entering a time-based key, into an authenticator app.
See Set up two-factor authentication and Set up two-factor authentication to access the Kiosk on a smartphone for instructions on how to enable 2FA.
Log in With Two-Factor Authentication
Once 2FA is enabled, when you log into iPayroll, after you have successfully entered your username and password, you will be required to enter a 6-digit verification code from your authenticator app.
- More Information on Two-Factor Authentication
- Detailed Set up of Two-Factor Authentication
- Detailed Set up of Two-Factor Authentication to Access the Kiosk on a Smartphone
- Third-Party Authenticator Apps
- Disclaimer Notice: Use of Third-Party Software or Websites
- Make Two-Factor Authentication Compulsory