Answer:

Multi Factor Authentication (MFA) refers to an additional layer of security that's added to the login process.

MFA relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you can be a mobile device. This means that even if your password is hacked, your account will remain secure. 

Answer:

Cybercrime continues to rise and as a result it's increasingly important that your personal information and data is protected. MFA is being implemented to do exactly this, using a widely utilised security tool, to keep personal data secure.
Teachers' Pensions MFA adds an extra validation step after a username and password has been entered, making it significantly more difficult for hackers to access our tools and systems. This extra protection is needed because of the increasingly sophisticated levels of attacks used by hackers to gain access to online services.

Answer:

We started using MFA on 10 May 2022.

Answer:

All new employer accounts will require MFA to be enabled. Accounts created before 10 May 2022 aren't required to use MFA but it's highly recommended.

Answer:

MFA offers the following benefits:

• Enhanced security
• Better user experience
• Extended Employer Portal session time

Answer:

We'd recommend using a mobile device with Authenticator App but you only need access to an email address to use MFA.

Answer:

No. But we do recommend the installation of an Authenticator App as it offers the highest levels of account protection.

Answer:

Yes. MFA offers additional levels of security over a static PIN and enhances the safety of your account. We recommend the installation of an Authenticator App as it offers the highest levels of account protection.

Answer:

Yes. You can log in with MFA on desktop, tablet or mobile.

Answer:

The Authenticator App is the most secure method. One-time passcodes delivered via email or SMS text messages are less secure. This is because email credentials can be compromised and text messages can be intercepted. Gaining control of a mobile device with an Authenticator App is more difficult.

Answer:

You can use any Authenticator App that generates temporary codes based on time-based one-time passwords (TOTP). There are many free and paid Authenticator Apps to choose from. Widely-used options include Google Authenticator, Microsoft Authenticator, and Authy.

We’ve been made aware of an issue which is affecting some Apple users when using Google Authenticator. If this is the case, please try an alternative App or MFA method.

We highly recommend that users set up a PIN or biometric requirement on their mobile device.

Answer:

To be able to log in to the Employer Portal you need an email address. We  recommend selecting email address as the MFA method if you don't have access to a mobile device. 

Answer:

Time-based one-time passcode (TOTP) Authenticator Apps, like Google Authenticator™, Microsoft Authenticator™, or Authy™

Answer:

Once MFA has been activated it can't be removed from your account.

Answer:

MFA codes are valid for 15 minutes.

Answer:

You can remain logged in for 40 minutes when you're inactive. After this time you'll be logged out for account security.

Answer:

Log in to your Employer Portal account and click 'Change Mobile Number' under 'Useful Links' on the Dashboard.

Answer:

This is usually caused by your email service marking the authentication code emails as spam. Please check your junk folder and make sure it's the correct email address. 

You should also go into settings and add our name ‘Teachers’ Pensions’ at noreply@mail.teacherspensions.co.uk to your trusted domain list

If you still can't access your account, contact our Employer Support Team. Visit our contact options for further details.

Answer:

If you didn't receive your six-digit code via SMS, check that the phone number you provided is correct. If it is, make sure you've got a phone signal. If you still aren't receiving the messages, check with your service provider to confirm that messages aren't getting blocked. If you still can't access your account, please contact our Employer Support Team. Visit our contact options for further details.

Answer:

First check to see if you can restore settings if you install the App again. Some Authenticator Apps will allow you to restore from the cloud. If you're unable to restore, contact our Employer Support Team. Visit our contact options for further details.

Answer:

You can change your Multi Factor Authentication method from within the Employer Portal. If you're unable to access your MFA details, contact our Employer Support Team. Visit our contact options for further details.

Answer:

If you’ve lost or damaged the phone you used to set up MFA, you can still log in to your account, contact our Employer Support Team. Visit our contact options for further details.

Answer:

If you’ve replaced the phone you used to set up MFA, you can still log in to your account. If you have the same phone number and are using SMS nothing will change. If you're using an Authenticator App please follow the migration instructions from the old device to the new device.

Still having trouble? Contact our Employer Support Team. Visit our contact options for further details.

Answer:

Once you’ve logged in your code will last for four hours. After this time, you'll need to generate a new code. Please tick the remember me box to enable this feature.

Answer:

No. However you can change your MFA method if you want.

Answer:

Yes. All members will be required to use MFA. Please see member FAQs for more information.

Answer:

If you're unable to log in due to the issues please contact our Employer Support Team. Visit our contact options for further details.

Answer:

No. You'll be asked every time you log in.

Answer:

• Authenticator App
• SMS
• Email

Answer:

A Passcode is randomly generated every time you log in. A PIN is used if Multi Factor Authentication isn't active on your account and remains the same each time.

Answer:

No. Once MFA has been activated, it can’t be removed from your account.