People Manager supports multi-factor authentication (MFA), this is applied to your system and all users will be required to use MFA. Please speak to support if you wish to enable this, and make sure that all users have a mobile application authenticator ready for when they next login. Once applied to your system, users will not be able to log in to People Manager without using MFA and an authenticator.
What is MFA?
How to enable MFA
How do users log in for the first time?
How new users register once MFA is enabled
How to log in when MFA is enabled
What is MFA?
MFA is a two-step process. You enter your username and password as usual within your login screen and then you are asked to enter a one-time password. This password is generated by a mobile application authenticator. These can be downloaded via app stores, the most common authenticators are Google authenticator and Microsoft authenticator, but others are available.
When you use the authenticator, you will be given a one-time password (which is time sensitive) to enter in the login screen. This adds an additional layer of security to your data and login details, based on a password that only you know, and a one-time password on a device that only you have.
If you are using your own single sign on provider to log in to our systems, and/or have your own MFA set up, you may not require RSM's multi-factor to be set up.
MFA can be used alongside single sign on if you wish to add another level of security. When a user clicks on the single sign on button, they will be presented with the verification box to enter a code.
How to enable MFA
Please send an email request to the support team who will enable MFA for you. Your app will display some text for each authentication that you have set up. We will use "RSM People Manager" by default, but if you want to use a different phrase, please let the support team know what you'd like to use in your request.
How do users log in for the first time?
After MFA is enabled, your existing users will need to set up 2FA. Firstly, make sure you have an authenticator app already downloaded on to your mobile device. Each individual user will need to have this on their own device.
When you log in for the first time, you will enter your username and password. Then you will then see a QR code, and a verification code box.
Scan the QR code using the authenticator app you have downloaded. The app will then provide you with a one-time 6 digit verification code, (this is time sensitive) enter the code in the box provided and click next, you will be successfully logged in.
How do new users register when MFA is enabled
Setting up 2FA is part of the registration process. Firstly, make sure you have an authenticator app already downloaded on to your mobile device. Follow the registration link which was sent to you by email and enter the required information.
You will then need to scan the QR Code shown on the screen using their authenticator app. Once you have scanned the QR Code, your app will show you a 6 digit code. Enter this code and click Verify. Codes change every 30 seconds.
Once you have entered and verified the code, you will be asked to choose your password
After you have chosen your password, you will be redirected to the login page.
How to login when MFA is enabled
When MFA is enabled, the system displays another page after you have entered your username and password. Use the authenticator app that you used in the registration process to get a code. Enter the code in the box and click the Verify button to log in to the system.