Multi-factor authentication

When you log into your Smartly site for the first time with your username and password, the MFA setup wizard will appear.

You can choose between:

• Authenticator app – Use an app such as Google Authenticator or Microsoft Authenticator to generate your MFA code each time you log in.
• Email – Receive your MFA code in your inbox each time you log in.

If you choose the Authenticator app option, follow these steps to complete your setup:

1. Download an authenticator app on your phone. We recommend Google Authenticator, but you can use any authenticator app you prefer.

2. The MFA setup wizard will automatically appear the first time a new business user logs in.

If you’re updating your MFA method:

• Click the circle with your initials in the top right corner of your site and select Account.
• Go to the Login settings tab.
• Change your MFA option to Authenticator app. This will generate the setup wizard for the authenticator app.

3. A QR code will appear on your screen. Open your authenticator app and follow the prompts to add a new account using the QR code.

Note: If you can’t scan your QR code, click ‘Can’t scan the QR code? Click here’. A setup key will be generated for you to enter into your authenticator app.

4. Your app will generate a 6-digit code. Enter this code into Smartly to confirm setup.

Once set up, you’ll open your authenticator app each time you log in and use the latest 6-digit code shown.

Note: If you currently use SMS and switch to another MFA option, SMS will no longer be available. We recommend switching to email or an authenticator app.

If you choose the Email option, follow these steps to complete your setup:

1. Enter your email address and choose email as your default MFA method.

2. Click Send access code.

Once you have completed the MFA setup wizard, the next time you log in, you’ll need to verify using your default MFA option. 

• If your default is Email, you’ll receive an access code to enter.
• If your default is the Authenticator App, simply open the app on your phone and enter the 6-digit code displayed in Smartly.

You can click Remember this device for 14 days. If you do so, you won't be asked to enter an access code for 14 days. Please note if you clear your cache or cookies, or use a different internet browser, you will be asked to enter an access code again. 

If you have multiple companies and are using different usernames to log into different companies, the Remember this device for 14 days feature won't work. Please contact our Customer Support team and we can help you organise a multi-site view login.  

If you would also like to receive an access code before a user's permissions are changed, or before a payroll is processed, you can click on:

1. Click Settings, then Users.

2. Under General Details, Multi-factor Authentication, you can change it to Login/User Change/Process Payroll. 

3. Enter your password at the bottom and click save. 

Please note: Only the main administrators have access to the Users tab under Settings. 

If you are running several pays at once, the system will only ask you to enter an access code for the first pay run. 

Even if you have chosen to Remember this device for 14 days, the system would still ask you to complete MFA for the first pay run/user change that you do in that session. Remember this device for 14 days is only applicable for login purposes. 

To change your default MFA option, click the circle with your initials in the top right corner of your site and select Account. Go to the Login settings tab, update your MFA method, and click Save.

If you select the Authenticator app and haven’t set one up yet, the MFA setup wizard will appear. You can also reset your Authenticator app from this area if needed.

Can I skip setting up MFA and complete it later? 

No, the MFA set-up wizard cannot be skipped. The wizard will only need to be completed once before you can proceed to your payroll processing functions.

Why is MFA being mandated? 

MFA adds an extra layer of safety against security breaches and account compromises.  

How long will the MFA wizard take for me to complete?  

Set up will take less than two minutes! How good?

How can I change my MFA contact information? 

If you need to update your contact information later, you can do this in the user profile menu found in the top right hand corner. Simply click on the circle with your initials, click Edit profile, fill out the relevant information, and save. 

Do I need to enter a code every time I log in? 

No – next time you log in simply select the checkbox allowing Smartly to “remember this device” for 14 days, and as long as you are logging in on the same device and browser you will only have to enter a code once every 14 days.

If you do clear your cache or cookies, or use a new browser, you will be asked to enter an access code again. 

Can Accountants and Umbrella users change their contact information via the product?

Yes - Accountants and Umbrella users can now access and change their contact information without calling the Helpdesk. You can do this in the user profile menu found in the top right hand corner. Simply click on the circle with your initials, click Edit profile, fill out the relevant information, and save. 

What happens if I enter the wrong code?

• Email codes: After 5 failed attempts, you’ll need to resend a new code to your device.
• Authentication app codes: You won’t be able to retry immediately. There is a 30-second timeout before you can enter a new code, because the app generates a fresh code every 30 seconds.

What if I don't want to use my personal phone?

MFA doesn't require a phone number. You'll have the option to choose your email address or an authenticator app.

Is MFA required for app users or the managers portal?

No, MFA is only required for payroll admin users using the website. 

Our department shares a user login and now we can't get into the site as only one person's detail is registered for MFA. 

You may have as many logins as is required for a site, there is no additional charge. Simply ask the main contact of the site to add you as an individual user by following the steps in our Payroll users article.