In today's world of increasing digital crime and internet fraud, many people will be highly familiar with the importance of online security, logins, usernames and passwords.
The Australian Taxation Office (ATO) has developed The Operational Framework, which is a program in conjunction with the software industry. This will create a set of security protocols for interactions with ATO systems.
As part of this requirement, the multifactor authentication and identity management must be applied to software programs that contain sensitive information e.g. tax file numbers, bank details etc.
CloudPayroll introduced two factor authentication in 2017. This is an option all CloudPayroll users (including kiosk) can enable. Due to the ATO requirements this may become a compulsory requirement.
What is two factor authentication?
Two Factor Authentication, also known as 2FA, often referred to as two-step verification, is an extra layer of security that is known as “multi factor authentication”. It requires not only a username and password, but also something that only that user has on them, i.e. a piece of information like an authentication code from another device.
How does it work?
Using a username and password, together with a piece of information that only the user knows, makes it harder for potential intruders to gain access and steal that person's personal data or identity.
Using a Two Factor Authentication process can help to lower the number of cases of identity theft on the internet, as well as phishing via email, because the access requires more than just the user’s name and password details.
Enabling two factor authentication in CloudPayroll
Two factor authentication (or 2FA) is a safety measure that protects your data by adding an extra step to the regular log in procedure. With the regular procedure you enter your username and password to gain access to a website. In this scenario, the password is a single element of authentication. With 2FA, there is a second authentication element, which makes your account more secure. There are several Authenticator apps available for use, two commonly used are the Google Authenticator app or the Microsoft Authenticator app.
You can install the Google Authenticator app here:
To enable 2FA for your CloudPayroll account using the Google Authenticator app:
- Log in to CloudPayroll
- Click on your username at the top of the page and then select the Two Factor Authentication menu.
- Install the Google Authenticator app on your smartphone.
- Open the Google Authenticator app and select to scan the barcode displayed on this page.
- The Google Authenticator app will display a 6-digit code. Enter the code in the 'Verification code' field on the screen and click on 'Confirm' - this will pair your phone with CloudPayroll.
From now on, when you log in to the website, you will see an extra step.
After you enter your username and password, the system will show an extra screen asking you for your authentication code. To find the authentication code, open your Google Authenticator app and enter the 6 digit code presented there.
When successful - the system will take you to your dashboard.
The code provided by an Authenticator app usually changes every 30 seconds.
As an employer or payroll administrator, if you lose your phone and need to unlink the Authenticator app to gain access to CloudPayroll without 2FA you will need to contact our helpdesk.