Two-factor authentication (2FA) in Happy HR

Two-factor authentication (2FA) provides an additional layer of security that makes it harder for hackers to gain access to your account. 2FA is designed to ensure that you are the only person who can access your account, even if there is someone else knows your password.

What is Two-Factor Authentication?

Put simply, Two-Factor Authentication is an extra layer of security that is known as “multi factor authentication”. It requires not only a username and password but also something that only that user has on them, i.e. a piece of information only they should know or have immediately to hand – such as a mobile device and in the case of Happy HR a 2FA code is sent to a user’s primary email, alternative email, primary phone or alternative phone (whatever is selected by you when logging in).

ATO requirements around 2FA.

The Australian Tax Office (ATO) has provided the following requirements for any end user accessing a software product or service that provides any of the following functionalities have 2FA.
  • Business, tax accounting services. An example is business activity statements and income tax returns
  • Superannuation services. An example is fund member reporting
  • Payroll and employer services. An example is single touch payroll

Company admin and user access.

Any end user that can access taxation, banking, superannuation or other sensitive information of other individuals or employees 2FA is compulsory. In short when using Happy HR anyone who is a company admin and or any user that has user access rights must have 2FA.

Employees that do not have user access.

With regards to any end user that only has access to their own information and does not have access to taxation or superannuation related information of other entities or individuals (for example, employees accessing their employee portal), 2FA is optional, but is strongly recommended.

How does Two-factor authentication (2FA) work?

Currently, when logging into Happy HR you are asked to enter your email address and password. Once 2FA is enabled and you log in for the first time, you will be asked to enter a verification code. This temporary code will be sent to you either via a user’s primary email, alternative email, primary phone or alternative phone. You will only be able to continue into Happy HR once you have entered the correct verification code. You will need to undertake the 2FA process for each log in if you have not selected “trust this device for 30 days” if you do select “trust this device for 30 days” you don’t have to re authenticate for 30 days for that device. The emails and SMS are instant so the process is very quick and pain free. Remember by having 2FA your making it much harder for hackers.