We are pleased to confirm the upcoming release for RSM's Client Portal. This will be available to you on Monday 6th February 2023.
...
We always value feedback, so please let your RSM contact know if you wish to discuss anything further.
All previous release notes can be found here: Client Portal release notes.
Key highlight: Multi-factor authentication
...
We have introduced multi-factor authentication for the client portal which will be available for all users. Using MFA , users' accounts will have enhanced securitygives enhanced security for a users' account. Clients can chose to set this up for all users within their company or only for individuals users. Speak to your payroll executive about activating this for you.
New features:
Multi-factor authentication & administration - all users
Multi-factor administration - RSM admin only
Improvements:
New features
Multi-factor authentication & administration - all users Anchor Multi-factor authentication
| Multi-factor authentication |
...
Multi-factor authentication
| Multi-factor authentication |
...
What is MFA?
MFA is a two step process. You will login to the client portal as normal, and then be required to enter a one time password. This password is generated by a mobile application authenticator. These can be downloaded via app stores, the most common ones are google authenticator and microsoft authenticator. When you go into your app, you will be given a one time password to enter into the client portal login screen. This adds an additional layer of security to your data and login details, based on a password that only you know, and a one time password on a device that only you have. If you are a client user, please speak to your payroll representative about setting this up.
How is it set up?
Firstly, make sure you have an authenticator already downloaded on to your mobile device. Only users with admin rights will be able to set this up for other users, this can be set at user level or at client level, if all users at a client wish to use it.
In the top menu bar, go to admin - users. Search for the user you want to apply this to and go into their record. You will see a section called authentication. Using the dropdown for authentication type, select time-based one-time password. To set up a new user go to. LINK
IT SUGGESTS THAT RSM ADMIN USERS NEED TO IMPERSONATE THE USER? DO THEY? IF SO SURELY ALL USERS NEED TO SPEAK TO THEIR RSM REPRESENTATIVE ABOUT THIS?
Please note: You will need to make sure the active box is ticked within the details section as well.
...
, before speaking to RSM. Each individual user will need to have this on their own device. Once you have confirmation that this has been applied to your login to the client portal you will be able to follow the details below.
How do users login for the first time?
When the user logs in for the first time with their You will login to the client portal with your username and password as normal. They You will then be presented with a QR code, this needs to be scanned and a verification code box. Scan the QR code using the authenticator app the user has you have downloaded. The app will then provide you with a one-time 6 digit verification code, enter that the code in the client portal login page box provided and click next. You will then be logged into to client portal. After the initial login, you will no longer need to use the QR code. Simply enter your username and password and then enter your 6 digit verification code from your MFA authenticator app.
What happens if
...
I have changed/lost my device?
If you lose or change your mobile device
...
Admin users can reset.
Overriding the authentic - RSM ADMIN USERS ONLY - What does this do at client level? , or have had to reinstall the authenticator application, you may need to have your MFA reset for the client portal. Please speak to your payroll representative. Once reset, you will follow the steps as above as a first time user.
How to set up & reset MFA - RSM admin users only Anchor Multifactor admin only Multifactor admin only
| Multifactor admin only | |
| Multifactor admin only |
Only users with admin rights will be able to set up MFA. This can be set at individual user level or can be set at client level if all users associated with a client wish to use it.
Individual user set up
In the top menu bar, go to admin - users. Search for the user you want to apply this to and go into their record. You will see a section called authentication. Using the dropdown for authentication type, select time-based one-time password.
Setting MFA against a client for all associated users -
If you wish to set this at client level, so all users associated with the client will use MFA. In the top menu bar, go to admin - clients. Search for the client you require and go into their record.
In the settings section you will have the dropdown option override authentication type. Select time-based one-time password.
Resetting MFA user login
This can only be done by RSM admin users. To reset a user's authentication, go to users from the admin menu. Within the user's profile in the authentication section you will see reset totp authentication. Click this to reset. You will be asked if you are sure use wish to reset, click ok. The user will then follow -How does the user login for the first time - steps as above.
