How to set up Two-Factor Authentication (2FA) via the HR platform

Available for the following HR plans: Free, Standard, Premium, Platinum
Available for the following user access levels: Employee    , Manager    , Admin    

Employment Hero offers two-factor authentication to protect your account. This requires a verification code sent by text message or an authentication app. Your account will generate a unique code for any new sign-in attempts from an unrecognised device. To log in, you​ will need your password and the authentication code. You can enable mandatory two-factor authentication from your employment settings page. To read further details on how to access this, refer to this article

Important

If you are an account owner, administrator, or user with access to other employees' superannuation/tax information, we require you to enable two-factor authentication to access this information. The reason for this is because of the Australian Tax Office (ATO) updated digital service provider operational framework. You can find more information here.

  Interactive learning

Click here for an interactive demo

Getting started

Enable two-factor authentication: Authenticator app

Important

Users on a standard, premium and/or platinum plan can use two-factor authentication via an authenticator app or SMS. Employment Hero users on a Free plan will only be able to use two-factor authentication via an authentication app.

  1. Click the User drop-down.
  2. Click on the Account Settings button.
  3. Click the Setup button.
    appsetup2fa01.jpg
  4. Scan the QR code using your preferred authenticator app.
  5. Click the Continue button.
    appsetup2fa02.jpg
  6. Type the code number from your authentication app into the Text field.
  7. Click the Continue button.
    appsetup2fa03.jpg
  8. Select from the following recovery code options:
    • Download.
    • Print.
    • Copy.
  9. Click the Done button. This will be available to click once you have downloaded, printed, or copied the one-time recovery code.
    setup2fa04.jpg
  10. Click the Yes button.
    setup2fa05.jpg

    Important

    If you no longer have access to your phone and can not access an authenticator service via text and/or an app, you can use the recovery code to sign in. Please store this code in a safe place.

Enable two-factor authentication: Text message

Important

Employment Hero users on a Standard or Premium plan can use two-factor authentication via an authenticator app or SMS. Employment Hero users on a Free plan will only be able to use Two-Factor Authentication via an authentication app.

  1. Click the User drop-down.
  2. Click on the Account Settings button.
  3. Click the Setup button.
    smssetup2fa01.jpg
  4. Select your phone region via the Country drop-down.
  5. Type your phone number into the Phone Number field.
  6. Click the Continue button.
    smssetup2fa02.jpg
  7. Type the verification code sent via text message into the Verification Code field.
  8. Click the Continue button.
    smssetup2fa03.jpg
  9. Select from the following recovery code options:
    • Download.
    • Print.
    • Copy.
  10. Click the Done button.
    setup2fa04.jpg
  11. Click the Yes button.
    setup2fa05.jpg

    Important

    If you no longer have access to your phone and can not access an authenticator service via text and/or an app, you can use the recovery code to sign in. Please store this code in a safe place.

Disabling Authentication

Disabling two-factor authentication
  1. Click the User drop-down.
  2. Click on the Account Settings button.
  3. Click the Disable button, based on the two-factor authentication method you want to remove.
    disable2fa01.jpg
  4. Select the toggle to disable your two-factor authentication method.
    disable2fa02.jpg
  5. Enter your password to confirm the removal of the two-factor authentication method, then select Continue.
    disable2fa03.jpg

Further information

What happens if I lose my phone?

If you lose access to your two-factor authentication device, e.g. you lose your phone, you can still log in to your account. When prompted for your authentication code, enter your recovery code shown during the two-factor authentication setup.

Once you have logged in to your account, update your two-factor authentication information.

What happens if I change my phone number?

If you change to a new phone number, you will need to disable two-factor authentication and then re-enable two-factor authentication using your new number.

What is an authenticator app?

Rather than having a code sent to you via SMS when you sign in, an authenticator app on your phone can generate a code. You can enter this into Employment Hero the same way as with text codes. Authenticator apps do not have access to your Employment Hero account or your personal/sensitive information.

What authenticator app should I use?

There are several authenticator apps available for your devices. We generally recommend the following:

What countries support sending an authentication code via text message?

The below-listed countries support the ability to receive a two-factor authentication code via a text message:

  • Australia.
  • Aland islands.
  • Cocos islands.
  • Christmas island.
  • Finland.
  • Malaysia.
  • New Zealand.
  • Philippines.
  • Singapore.
  • Vietnam.
  • United Kingdom.
The risks and importance of two-factor authentication

2FA adds a strong layer of account security because it neutralises the risks associated with compromised passwords. By involving you in the login process, attackers will not be able to access your account, even if they have compromised your email and password credentials. Employment Hero platforms contain sensitive personal information such as contact, banking, and superannuation details. By securing your account with 2FA, you are reducing the likelihood of attackers gaining access to this information.

Explore related content

Was this article helpful?
153 out of 373 found this helpful

Comments

2 comments
Date Votes
  • May I have a non public space for my questions ?

    0
  • Hi Heike Kelly - yes you can. I have raised a ticket for our support team on your behalf. They will get in contact shortly and can answer any questions privately. Thanks

    0

Article is closed for comments.