We recently emailed you to let you know about the introduction of two-factor authentication (2FA) to your Astute portal.
We’ll let you know when these changes will be rolled out and will provide user guides to take you through the new processes.
In the meantime, please read below for more details on how the new 2FA and password management functionality will work.
When 2FA has been released into portals, you’ll be able to enable this functionality for your administrators and employees on a portal-wide basis.
Once you’ve enabled 2FA in your portal, your users will be prompted to set up 2FA on their next login. They can choose to set up 2FA on the spot, or set it up later.
There are a few things to note about how 2FA will work in Astute, once it is enabled:
- All users in all portals can set up 2FA using an authenticator app (eg Authy or Google Authenticator).
- An authenticator app generates a unique, once-off code that you’ll be asked to input when logging into your portal as an administrator, or when accessing your Profile tab as an employee.
- Users in portals where SMS communications are enabled will have the option to use SMS authentication for 2FA.
- With SMS authentication, a unique, once-off code is sent to a registered Australian mobile number. You’ll be asked to input this code when logging into your portal as an administrator, or when accessing your Profile tab as an employee.
If your portal doesn’t currently use SMS, but you would like to as part of 2FA, you may consider adding the functionality into your contract. For more information regarding this, please contact our Support team.
In addition to the introduction of 2FA, we’re making some changes to how passwords are managed in Astute. These changes will apply to all users including administrators, approvers, and employees.
When system passwords are set for new users or updated for existing users, they will need to include a combination of upper and lower case letters, special characters and numbers to ensure a stronger, more secure password.
If you are an existing user, your password will remain the same, but we suggest updating it to comply with the new password requirements.