World class security measures for your employee information
2-Step Authentication, also referred to as Two Factor Authentication or Multi Factor Authentication, provides an extra layer of security when logging into your Ento account. Rather than relying on just a password for access, it also requires a code to login, sent via an Authentication app on the user's smart phone. These two steps combined mean tighter control around who's accessing accounts. This is available as an option for manager accounts—neither the employee area or time clock require 2-Step Authentication to login.
For users of electronic tax file declaration
In line with the ATO’s requirements, all users of the electronic tax file submission add-on need to have 2-Step Authentication switched on. (To check if you have this add-on installed, look for ‘TFNDeclaration’ under the Add-Ons page of your account.)
For all other accounts
All accounts not using the TFNDeclaration add-on will not have 2-Step Authentication turned on by default, but can enable it in Settings > Company Settings. You’re also able to switch on/off 2-Step Authentication as desired.
How managers will set up 2-Step Authentication
When 2-Step Authentication is first activated, managers will see a message advising them to set up 2-Step Authentication for their account:
If your company has set up a grace period, during that period there will be a 'Skip for now' button to log straight in. Choosing to 'Set up 2SA' will lead to a page advising to download an authenticator app such as Google Authenticator (Android, iOS) or Authy (Android, iOS) for a phone or tablet. If you don't have a smart device, Authy is also available for your Windows or MacOS computer. To set up Ento in their authentication app, managers will need to scan the presented QR code in the app (usually under the 'Add Account' function of the app):
Please note: the QR code is unique to your specific session. The above QR code will not work with your account, and if you scan the QR code and then don't complete the link and refresh the page, you will need to remove the previous account from your Authenticator app and will need to scan the new QR code. Once set up, the authentication app will provide a 6-digit code to enter into Ento to finalise setup & activate 2-Step Authentication. Make sure to enter this six digit number without a space, and if you have any trouble scanning the code (or are linking a device with no camera), click 'enter your key manually' instead and use that.
Logging in with 2-Step Authentication
After entering a username & password as normal, managers will be asked to enter a time sensitive 6-digit authentication code which they can find in their Authenticator app:
Enter this in the authentication code field to be taken into Ento.
What if a manager loses their device?
In the instance that the linked device is lost, the Authenticator app linked on a manager’s account can be removed via their Manager profile (Core HR > People > Managers) by another manager with sufficient access. The manager will then need to link a new device during their next login.
What if the code isn't working?
If you're having trouble setting up 2SA, make sure to try the following steps:
- Refresh your specific QR code page and scan the QR code that appears again to ensure you have the new version of your QR code.
- Make sure your phone is set to the correct time. As 2SA uses time-based codes, it needs to be aligned perfectly. Go to Settings, Time & Date setting on your phone and choose 'Use network provided time' and 'Use network provided timezone'. Now try refreshing the page, scanning a new QR code and entering the new authentication number.
- If you're connected to a work WiFi network, try disconnecting from that and making sure your time is set correctly as above.
If there are any questions or concerns at any point, please get in touch with our Support team & we're happy to discuss & advise further.