Two-Factor Authentication, also known as 2FA, is an extra layer of protection for you to use to ensure the security of your Sage HR account beyond just your email address and password. Every time you log in, you’ll be given a 6-digit code to verify that it’s you. This could be entering a code sent to you by text, or on an authenticator app.

Phishing attempts, use of personal devices, and weak passwords can put your data at risk. 2FA adds an extra layer of authorisation when users log in to prevent third parties accessing data, even if a username or password has accidentally been shared.

When you have an employer that enables 2FA for Sage HR, you use 2FA after you enter your login details for your Sage HR company. You'll be prompted to enter a code to verify it's you.

You can choose from 3 different methods. This verifies that users are who they say they are when logging into Sage products, helping to prevent fraudulent sign-in attempts.

The most secure option, and recommended by Sage this is a time-based code is generated by an authenticator app (such as Microsoft Authenticator, Twilio Authy, and Google Authenticator) downloaded to the user’s mobile device, tablet, or desktop.

The code is sent to your mobile device.

The code is sent via voice to your mobile device or landline (depending on the number you have provided).

Sage supports most third-party authenticator apps, including Microsoft Authenticator, Twilio Authy, and Google Authenticator.

You can download any of these apps from the App Store on iPhone or Google Play on Android devices. Or you can use the authenticator app from your desktop/tablet with browser plugin.

If your employer enables 2FA for you in their settings, you have to use it until they remove it. If this is an issue, you must raise this with your employer.

They may be able to remove access for individual people, but that is at their discretion, and also may depend on their Sage HR setup.

You're prompted to set up 2FA the first time you log in after your employer enables it for their company.

Authenticator apps are mobile applications for smartphones to help you securely verify your identity, so only you or the people you trust can access apps and data.

There are different authenticator apps to choose from. Google and Microsoft have their own authenticator apps, but you can go to Google Play or the Apple App Store and find one that works for you.

No, once you're prompted to us 2FA you must use this when you log in to Sage HR.

If you don't have the option to use a recovery method, contact your employer.

They can confirm whether they can reset it for you using their Sage HR admin settings. If your employer can reset it, you'll be prompted to set up 2FA again the next time you log in to Sage HR.

If they can't reset it, they can confirm whether you need to into account.sso.sage.com, click 2-Factor Authentication, then remove your device for 2FA so you can set it up again.

When you set up 2FA you're asked to note down a 24-digit code:

It’s really important that you save this recovery code somewhere safe and accessible. This code will be required if you ever need to log in but don’t have your devices with you to retrieve the code.

If you lose this recovery code, and you don't have a recovery method to generate a new one, your employer has to reset your 2FA. When you set up 2FA again make sure to note down your new recovery code.

You need the phone 2FA was set up on to receive the one-time passcode to log in. You can receive this using an authenticator app installed on your phone or by text or call.

If you don't have access to your phone, you can log in using the recovery code that you're asked to note down and keep safe when you first set up your 2FA.

If you lose this recovery code, use your recovery method. If you don't have one or don't have access to the recovery method, your employer can check with Sage support on how to reset 2FA for you.

If you need to set up 2FA on your new phone, use your recovery method to remove your device and set it up again. If you don't have a recovery method, your employer can look into resetting 2FA for you. You can then set up 2FA again the next time you log in to access your payslips.

If your code isn't working use your recovery code. Alternatively, reset 2FA.

Check their signal and wait at least 10 minutes. If you still don't get a text you can log in using the recovery code that you're asked to note down and keep safe when they first set up your 2FA.

If you lose this recovery code, you need to have your 2FA reset.

One of your employers may not have 2FA enabled, but it is possible that you used the same email address to access another current or ex-employer on Online Services. If that employer has 2FA enabled, you're required to use it to access any company on Online Services until one of your employers removes it.

It may also be because you use your Sage account for another Sage product which requires 2FA, which then applies to all other places you log in with that Sage account.