This article covers a basic overview of two-factor authentication:
Two factor authentication (or 2FA) is a method of confirming a user's identity utilising a combination of two different factors.
It creates an extra layer of security by requiring more than one form of identification.
To verify access to your online information, 2FA uses various forms of identification. In iPayroll, this is:
- Your username and password, and
- A one-time password displayed by an authenticator app.
iPayroll uses the Time-based One-time Password (TOTP) algorithm to calculate the one-time password.
It is calculated using a unique time-based key, provided to you in the 2FA setup stage in iPayroll, and the current time. A 6-digit code (one-time password) is produced using the algorithm. The 6-digit code is regenerated using the new time every 30 seconds.
iPayroll 2FA can be used with most Time-based One-time Password applications (authenticator apps). It is the authenticator app that displays the 6-digit codes.
Authenticator apps can be downloaded to smartphones, tablets and desktop computers.
For instructions on how to use some of the more common authenticator apps that support TOTP, see Third-Party Authenticator Apps.
Any user can optionally set up 2FA in iPayroll as an added level of security.
In some cases, a user may be required to set up 2FA.
Employers can make it compulsory for all users of their iPayroll account, including Kiosk users, to be required to sign in with 2FA.
Primary Partner, Group and Affiliate users can also enforce compulsory 2FA for their users.
See Make two-factor authentication compulsory, for instructions on making 2FA compulsory for users.
Enable two-factor authentication
Setup 2FA in iPayroll by scanning a QR Code or manually entering a time-based key into an authenticator app.
See Set up two-factor authentication and Set up two-factor authentication to access the Kiosk on a smartphone for instructions on how to enable 2FA.
Log in with two-factor authentication
Once 2FA is enabled, when you log into iPayroll, after you have successfully entered your username and password, you will be required to enter a 6-digit verification code from your authenticator app.