Mandatory Email Authentication for Kiosk Users

Mandatory Email Authentication for Kiosk Users

From May 2026, iPayroll will rollout mandatory email authentication for employees. 

Two factor authentication has been a security requirement for our payrolls for some time now and our kiosk users have had this as an optional feature. 
With recent serious security incidents reported in the news media where other companies’ data has been breached; iPayroll has made the decision to make email authentication mandatory for all of our kiosk users not using an authenticator, to further protect your employee's data.

What will this look like for your employees? 

No setup is required for employees with a valid email address; once we switch it on, it will automatically activate. 
Each time they log in, they will be required to enter the one-time verification code iPayroll has sent to their email. 





They have 15 minutes to enter the code, this then verifies them as the correct user, completes the log in and takes them to their kiosk.
If they do not receive the code or didn't enter the code in time, they click the 'I didn't get a code' link to send a new code.




Protect your employees now 

iPayroll has planned this change for May 2026, but you can enable this for your employees now.
Go to Setup > Organisation > Defaults > Kiosk and select ‘Make two factor authentication compulsory for kiosk users’ > Save 

What can you do to prepare for Mandatory Email Authentication? 

We recommend checking that all employees have valid kiosk email addresses.
Go to People > Tools > Kiosk Management. Check for invalid addresses which will be highlighted with a warning, you can edit them or have your employees update their own email addresses directly in the Kiosk - Go to My Account > Email/Username.

Kiosk Mobile App users

People who use the iPayroll Mobile App to access their kiosk and have set up their PIN, are already protected with authentication and will not require an email code. They continue to use the PIN.

Kiosk users with an authenticator app for 2FA

They will continue to use the code supplied form the authenticator app, but if they lose access to that app (e.g. a damaged phone), they can now request a login code via email instead of a reset to the 2FA. 
    • Related Articles

    • iPayroll Employee Kiosk - Update My Details

        My Account - Update My Details Details  Depending on the settings selected by your employer, you can update information in your Employee Kiosk Edit your Address and Phone Number and save. Your employer will be notified that a change has been made ...
    • iPayroll Employee Kiosk - Activate my kiosk

      iPayroll has created an Employee Kiosk to securely hold your information. To review your payslips you first need to activate your kiosk on the web version then you can download the mobile app. On your first pay day, if your employer has entered your ...
    • iPayroll Employee Kiosk - Leave Request

       Leave Requests  Leave Request - Applying for leave You will be able to request leave  (depending on the settings selected by your employer). If you cannot see the Leave Request menu, you will need to contact your employer. Select > Leave Type from ...
    • iPayroll Employee Kiosk - Reset my password

      Reset your Employee Kiosk Password Your payslip information is protected by a password. If you have forgotten your password or need to change it you can do this from the iPayroll login area. You will be sent an email with instructions and a link to ...
    • Managing kiosk users

      By default, an activation email is sent to a new person after the first payroll, they are paid in, has been closed. In some instances, you may want to send the activation email to a person before the payroll has closed. For example, if you would like ...