Multi-Factor Authentication (MFA)
The way you will sign in to the EmployerOnline and SCH Online platform has changed. This process will protect your data from getting into the wrong hands, and comply with the ATO's Operational Framework.
What is Multi-Factor Authentication?
Previously you could log in to EmployerOnline or SCH Online with just your password. Multi-Factor Authentication (MFA) adds a second form of verification in addition to your password to confirm your identity. In this case, it will be the addition of an authenticator app you can download to your phone.
Why use MFA?
Using multiple factors of authentication is much more effective than using just one, because an attacker would need both your password, and access to your device containing the authenticator app to gain access to your data. It's important to protect your employees' superannuation, as it contains sensitive personal data and involves accounts with large sums of money.
When will you need to start using MFA?
As of the 16th of August 2021, you need to start using MFA to log into your account. You can sign in using your current email address or username and password, but you will need to provide an additional security check when you sign in by providing either a code or actioning a push notification sent to your nominated device. You will need to do this each time you make a payment.
How can you set up MFA?
Start by updating your information on EmployerOnline and/or SCH Online. Review your existing contact list and ensure it's up to date, with each user having one unique login to the platform. You can add multiple contacts to your account.
Set up MFA by choosing either Okta Verify or Google Authenticator.
Okta Verify allows you to choose either a push notification or a manual code that will appear on the device the application is downloaded to.
Google Authenticator will provide a single-use code on the device the application is downloaded to.
To see detailed instructions of how to set up MFA, click the link below