Why is two-factor authentication (2FA) required?
To strengthen cyber and information security, 2FA is required for all plan sponsor accounts. This extra layer of protection helps the Plan protect from unauthorized users accessing sensitive information.
How do I set up 2FA?
When you log in, you’ll be prompted to enroll in 2FA. You can choose to verify using either:
- A phone number (via text message or phone call)
- A time-based one-time password (TOTP) authenticator
You can also choose “Remember me on this device” so you won’t need to complete 2FA each time you log in from that device.
What if I don’t have a US phone number?
If you’re located outside the US or prefer not to use a phone number, you can select the time-based one-time password (“TOTP”) authenticator option during setup. This method does not require a phone number.
Do I have to use my work phone number?
No. While your work number will appear as an option, you can enroll in 2FA using any phone number of your choice, including a personal one, for 2FA enrollment.
Can I receive my 2FA code by phone call instead of text?
Yes. If you enroll using a phone number, you’ll be able to choose whether you receive your code via text message or phone call.
What is a TOTP authenticator?
A time-based one-time password (“TOTP”) authenticator generates a temporary code that changes every 30 seconds. When logging in, you enter this code along with your password to verify your identity. A TOTP does not rely on text messages or email and provides a more secure way to log in.
Can I use more than one phone number for 2FA?
No. You can only enroll one phone number at a time. If you use a TOTP authenticator, you can scan the setup QR code with multiple devices during enrollment so more than one app can generate your login codes.
How do I update my 2FA settings?
You can update your phone number or switch between verification methods anytime by going to Settings > Security > Two-Factor Authentication within your plan sponsor dashboard.
Related Articles