People Manager supports multi-factor authentication (MFA), this is applied to your system and all users will be required to use MFA. Please speak to support if you wish to enable this, and make sure that all users have a mobile application authenticator ready for when they next login. Once applied to your system, users will not be able to log in to People Manager without using MFA and an authenticator.
What is MFA?
Can it be used with single sign on?
How to enable MFA
How do users log in for the first time?
How new users register once MFA is enabled?
What happens if a user loses or changes their device?
What is MFA?
MFA is a two-step process. You will log into People Manager as usual, and then required to enter a one-time password. This password is generated by a mobile application authenticator. These can be downloaded via app stores, the most common authenticators are Google authenticator and Microsoft authenticator, but others are available.
When you use the authenticator, you will be given a one-time password (which is time sensitive) to enter in the login screen. This adds an additional layer of security to your data and login details, based on a password that only you know, and a one-time password on a device that only you have.
Can it be used with single sign on?
If you are using your own single sign on provider to log in to our systems, and/or have your own MFA set up, you may not require RSM's multi-factor to be set up.
MFA can be used alongside single sign on if you wish to add another level of security. When a user clicks on the single sign on button, they will be presented with the verification box to enter a code.
How to enable MFA
Firstly, make sure you have an authenticator app already downloaded on to your mobile device. Each individual user will need to have this on their own device. Please send an email request to the support team who will enable MFA for you. Your app will display some text for each authentication that you have set up. We will use RSM People Manager by default, but if you want to use a different phrase, please let the support team know what you'd like to use in your request.
How do users log in for the first time?
You will log into People Manager as normal with your username and password. You will then be presented with a QR code, and a verification code box. Scan the QR code using the authenticator app you have downloaded. The app will then provide you with a time sensitive one-time 6-digit verification code, enter the code in the box provided and click verify. You will be successfully logged in.
After the initial login, you will no longer see the QR code. Simply enter your username and password you will then be prompted to enter your 6-digit verification code from your authenticator app, click next and you will be logged into People Manager.
How do new users register when MFA is enabled?
Firstly, make sure you have an authenticator app already downloaded on to your mobile device. Follow the login process, using the registration link which was sent to you by email and enter the required information.
Scan the QR code using the authenticator app you have downloaded. The app will then provide you with a time sensitive one-time 6-digit verification code, enter the code in the box provided and click verify. Once you have entered and verified the code, you will be asked to choose your password
After you have chosen your password, you will be redirected to the login page. After the initial login, you will no longer see the QR code. Simply enter your username and password you will then be prompted to enter your 6-digit verification code from your authenticator app, click next and you will be logged into People Manager.
What happens if a user loses or changes their device?
If you lose or change your mobile device, or have had to reinstall the authenticator application, you may need to have your MFA reset for the client portal. Please speak to your HR admin contact to reset this for you. Once reset, you will follow the steps as above as a first-time user.