2FA - FAQ for employees
Answers to common questions and queries by employees using two-factor authentication (2FA) for Sage HR.
Oliver Cook avatar
Written by Oliver Cook
Updated over a week ago

What is 2FA?

Two-Factor Authentication, also known as 2FA, is an extra layer of protection for you to use to ensure the security of your Online Services account beyond just your email address and password.


Do I have to use it?

If your employer enables it for you in their settings, you have to use it until they remove it. If this is an issue, you must raise this with your employer. They can remove access for individual people, but that is at their discretion.


How do I set it up?

You're prompted to set up 2FA the first time you log in after your employer enables it.


Can I turn 2FA off?

No, if you want 2FA switched off you have to discuss this with your employer, as it is controlled by them.


What's a recovery code?

When you set up 2FA you're asked to note down a 24 digit code:

EXAMPLE: VNDS - 79KB - 7JAJ - QNKA - F5F7 - YUPX

This code is for you to use if you don't receive a one time passcode. Whether this is because you don't have access to your phone or you don't receive a text. If you lose this recovery code, your employer has to reset your 2FA so you set up 2FA again and not down your new recovery code.


What if I don't have access to my phone?

You need the phone 2FA wasset up on to receive the one-time passcode to log in. You can receive this using an authenticator app installed on your phone or by text or call. If you don't have access to your phone, you can log in using log in using your recovery code that you're asked to note down and keep safe when they first set up your 2FA.

If you lose this recovery code, your employer can reset your 2FA so you set it up again.


What if I have a new phone?

If you need to set up 2FA on their new phone, your employer needs to reset 2FA for you. You can then set up 2FA again the next time you log in to access your payslips.


What if I don't get my 2FA text?

Check their signal and wait at least 10 minutes. If you still don't get a text you can log in using the recovery code that you're asked to note down and keep safe when they first set up your 2FA.

If you lose this recovery code, your employer can reset your 2FA so you set it up again.


Why am I asked to use 2FA when my employer doesn't have it enabled?

One of your employers may not have 2FA enabled, but it is possible that you used the same email address to access another current or ex-employer on Online Services. If that employer has 2FA enabled, you're required to use it to access any company on Online Services until one of your employers removes it.


What's an authenticator app?

Authenticator apps are mobile applications for smartphones to help you securely verify your identity, so only you or the people you trust can access apps and data.

There are different authenticator apps to choose from. Google and Microsoft have their own authenticator apps, but you can go to Google Play or the Apple App Store and find one that works for you.

📌TIP: We recommend using an authenticator app, but you can choose to receive your authentication code via text or voice call instead.

Did this answer your question?