How to enable MFA for your account

For more information on why MFA is important for data security and how it works on myhrtoolkit, watch this video:

 

How to enable MFA

MFA needs to be enabled by each individual user. It cannot be enabled on their behalf by a Controller or Manager because enabling MFA requires access to the user’s authentication device.

All users have a “Multi-factor authentication” option in the Account dropdown. 

MFA option on myhrtoolkit Account menu

Clicking the “Multi-factor authentication” option brings you to the following page where you can start the setup process.

MFA disabled on myhrtoolkit

Enabling and disabling MFA is a high security action and so when you click the "Enable multi-factor authentication" button, you will be asked to re-authenticate by typing in your myhrtoolkit password again.

Once you have entered your password, you can start the process of enabling MFA on your account.

 

Step 1 – Scan the QR code

Open your authenticator app and start the process to add a new account. This process will be different for each authenticator app so refer to the documentation for your app if you need help with this.

The quickest and simplest way to add your myhrtoolkit account to your authenticator app is to scan the QR code that we generate. If you are unable to do this, you can manually type in the secret key that is given to you.

Scan the QR code on your authenticator app

 

Step 2 – Securely store your recovery codes

When you setup your MFA account we give you eight recovery codes. Each of these can be used once instead of the code generated by your authenticator app. These are to be used in an emergency when your device is unavailable, and they should be stored securely. Storing these in your password manager application is a good option for this. Please note that each of these codes can only be used once. When used, you should delete the code from your store so as not to try and use it in the future.

Securely store your recovery codes MFA

 

Step 3 – Confirm your device is setup correctly

The final stage of the process is to confirm that your authenticator app is setup correctly. To do this, open your authenticator app and enter the current code for your myhrtoolkit account.

Confirm your device is setup correctly MFA

Once these steps are completed, returning to the Multi-factor authentication page will show that MFA is enabled for you account. All future logins to your myhrtoolkit account will require the code from your MFA device or a recovery code.

Multi-factor authentication enabled on myhrtoolkit

Related guides

How to disable MFA on your account

Controllers: How to configure MFA