People Manager supports multi-factor authentication (MFA), this is applied to your system and all users will be required to use MFA. Please speak to support if you wish to enable this, and make sure that all users have a mobile application authenticator ready for when they next login. Once applied to your system, users will not be able to log in to People Manager without using MFA and an authenticator.
What is MFA?
Can it be used with single sign on?
How to enable MFA
How do users log in for the first time?
How new users register once MFA is enabled
How to log in when MFA is enabled
What is MFA?
MFA is a two-step process. You will log into People Manager as usual ,and then required to enter a one-time password. This password is generated by a mobile application authenticator. These can be downloaded via app stores, the most common authenticators are Google authenticator and Microsoft authenticator, but others are available.
When you use the authenticator, you will be given a one-time password (which is time sensitive) to enter in the login screen. This adds an additional layer of security to your data and login details, based on a password that only you know, and a one-time password on a device that only you have.
Can it be used with single sign on?
If you are using your own single sign on provider to log in to our systems, and/or have your own MFA set up, you may not require RSM's multi-factor to be set up.
MFA can be used alongside single sign on if you wish to add another level of security. When a user clicks on the single sign on button, they will be presented with the verification box to enter a code.
How to enable MFA
Firstly, make sure you have an authenticator app already downloaded on to your mobile device. Each individual user will need to have this on their own device. Please send an email request to the support team who will enable MFA for you. Your app will display some text for each authentication that you have set up. We will use RSM People Manager by default, but if you want to use a different phrase, please let the support team know what you'd like to use in your request.
How do users log in for the first time?
You will log into People Manager as normal with yours username and password. You will then be presented with a QR code, and a verification code box. Scan the QR code using the authenticator app you have downloaded. The app will then provide you with a time sensitive one-time 6-digit verification code, enter the code in the box provided and click verify. You will be successfully logged in.
If you are a new user of People Manager, you will follow the normal registration process for People Manager, following a link on an email and entering your NI number
How do new users register when MFA is enabled
Setting up 2FA is part of the registration process. Firstly, make sure you have an authenticator app already downloaded on to your mobile device. Follow the registration link which was sent to you by email and enter the required information.
You will then need to scan the QR Code shown on the screen using their authenticator app. Once you have scanned the QR Code, your app will show you a 6 digit code. Enter this code and click Verify. Codes change every 30 seconds.
Once you have entered and verified the code, you will be asked to choose your password
After you have chosen your password, you will be redirected to the login page.
How to login when MFA is enabled
When MFA is enabled, the system displays another page after you have entered your username and password. Use the authenticator app that you used in the registration process to get a code. Enter the code in the box and click the Verify button to log in to the system.