Two-factor authentication (2FA) is a second level authentication, used in addition to a password when a user accesses some areas of their Astute portal.
It is required for all Admin users when they log into their portal, as well as for employees when they are accessing their payroll information (eg bank details, tax details, superannuation).
There are three ways to authenticate:
- Using a third-party authentication app (Twilio Authy or Google Authenticator are currently supported).
- Receiving an SMS code to a registered mobile number. This option will only appear in portals where SMS communications have been enabled.
- Using the Twilio Authy Desktop Authenticator, for users who do not have access to a smartphone.
Configure your 2FA Settings
2FA settings are managed from Config > System Setup > Security Settings. Administrators will need to have ‘Show Security Settings’ included in their Account Permissions in order to access the Security Settings screen.
To enable this permission for a user, go to Users > Staff/Admins > select the user > System Access and tick the ‘Show Security Settings’ checkbox, then click Save.
The Config > System Setup > Security Settings screen allows you to:
- Enable 2FA for all Staff/Admins
- Enable 2FA for all employees
- Enforce 2FA for all employees
Portals with SMS communications enabled will also include a checkbox to ‘Enable SMS for 2FA’. Ticking this checkbox will allow users to choose between using an authentication app or receiving an SMS when they set up 2FA.
If the ‘Enable SMS for 2FA’ doesn’t appear or is left unticked, users will only be able to authenticate using an app.