Contents
- Login details
- Authentication
- What is MFA? Why is it important?
- How often will I have to enter multi-factor authentication?
- How do authenticator apps work?
- What authenticator app should I use?
- What happens if I change or lose my phone?
- What happens if the code from the app doesn't work?
- I don't have a work mobile device and don't want to use my personal device - what should I do?
- Security
Advanced SSO and MFA FAQs
Updated
by Katy Harrison
- Login details
- Authentication
- What is MFA? Why is it important?
- How often will I have to enter multi-factor authentication?
- How do authenticator apps work?
- What authenticator app should I use?
- What happens if I change or lose my phone?
- What happens if the code from the app doesn't work?
- I don't have a work mobile device and don't want to use my personal device - what should I do?
- Security
What is SSO?
Single Sign-on (SSO) is a user authentication method that makes it easy to centrally manage application access and enables users to securely authenticate with multiple applications by using just one set of credentials. SSO not only makes it easy to centrally manage access to multiple applications or user accounts, but it also enables users to sign into a user portal with their existing corporate credentials and access all their assigned accounts and applications from one place.
Some of our products (like Care Cloud, Advanced Financials and Advanced HR) have SSO already. You may hear this referred to as Advanced SSO or ASSO. We are introducing multi-factor authentication via our MyWorkplace platform.
You can read more about SSO, MFA and why it's important in our short explainer.
Login details
I've forgotten my username
Most of the time, your username will be your email address. If it's not your email address, you can contact your system admin and they can look up your username.
I've forgotten my password
No worries! Go to the login page as normal and enter your username or email address. Then you will see an option for 'Forgot password'. Click this button and you will be sent an email with a link to set a new password.
If you have any problems with this, your system admin can also set a password for you or set your account to require a new password when you next log in.
I want to change my password
You can change your password by opening your profile from your name at the top right of the screen, then opening Account Settings, or going directly to https://myworkplace.oneadvanced.com/account-settings. Then select Change password.
Authentication
What is MFA? Why is it important?
You can read about MFA and why it's important in our short explainer.
How often will I have to enter multi-factor authentication?
If you're using the MFA functionality provided by Advanced SSO, you will have to enter an MFA code each time you log into an Advanced application. This applies to all logins, including those due to inactivity and expired sessions.
Your organisation may have setup SSO between your Advanced account and another identity provider, such as Microsoft Azure Active Directory, Google Identity, or Okta. This means you can use those existing login details to access your Advanced account, and it means the settings for multi-factor authentication are controlled by your organisation separately from Advanced SSO.
How do authenticator apps work?
Authenticator apps are applications that generate time-based, one-time passcodes (TOTP or OTP) that can be used for multi-factor authentication. They work by storing a secret key provided by the service they are trying to access, and using it to create a six- to eight-digit code that changes every 30-60 seconds.
Advanced SSO uses the same algorithm to generate a code based on the current time and the secret key, and compares it to the code from your app. If the codes match, you are granted access.
Because the code is generated based on the current time and a shared secret key, it is unique and can only be used once, making it more secure than traditional static passwords. This enhances the security and convenience of logging in to apps and platforms.
What authenticator app should I use?
You can use any authenticator app you choose. Your organisation might have a preferred one so check with them first. These are some popular options.
Encryption | Platforms | Cloud backup | Offline support | Benefits | |
All your data is safely stored offline on your device. If you're using cloud sync, the communication between your phone and your cloud backup or browser is end-to-end encrypted by default. | Android, iOS, and browser extension | Yes | Yes | + Simple and easy to use + Encrypted cloud backups to iCloud or Google drive | |
Stores an encrypted copy of your accounts in the cloud. The account is encrypted/decrypted inside your phone so neither Authy or anyone affiliated with Authy have access to your accounts. | Android, iOS, Windows, macOS, Linux | Yes | Yes | + The encrypted cloud backup means only you can ever access your information - Requires you to enter your phone number so it's not as independent as the other app options | |
Not end-to-end encrypted when connected to your Google account. You can use offline for more secure encryption. | Android, iOS, Chrome | Yes | Yes | + Connects to your existing Google account + Can use alongside Google Password Manager | |
Passwords in the cloud are encrypted and decrypted only when they reach your device. | Android, iOS | Yes | Yes | + Connects to your Microsoft account + Includes a lot of extras, including password management, verified IDs, addresses and payment card information + Backs up in the cloud if you turn on account recovery |
What happens if I change or lose my phone?
This depends on which authenticator app you're using. Some apps have cloud backups allowing you to recover your MFA accounts. Some will only let you transfer MFA accounts if you have access to your old phone and new phone together.
To change your MFA settings to use a new device or authenticator app, you can do this yourself if you can still log in. Open your profile from your name at the top right of the screen, then open Account Settings, or go directly to https://myworkplace.oneadvanced.com/account-settings. Then select Remove MFA. Confirm that you want to remove MFA. Then select Set up MFA to set up a new device or app.
If you cannot login, contact your system admin who can reset your MFA setup for you. The next time you log in, you will be taken through the steps for setting up MFA again.
By the way, if you use an authenticator app with cloud backup on an iPhone, you won't be able to transfer your MFA accounts to an Android phone.
What happens if the code from the app doesn't work?
If you're setting up MFA for the first time, you might have accidentally entered an incorrect code. Delete the account in your authenticator app, re-scan the QR code to create a new account in the app, then enter the new code.
If you have used MFA to login before, wait for a new code to be generated and try again. Authenticator apps create a new code every 30 or 60 seconds.
If you still can't get access to your account, contact your organisation's system admin to reset your MFA settings. You will then be able to set up the authenticator app again and this should resolve the issue.
If the code still doesn't work, you can contact the app provider for support or your system admin can contact Advanced Support for assistance.
I don't have a work mobile device and don't want to use my personal device - what should I do?
Your organisation's system admin has the option to allow you to use email for multi-factor authentication. This means a code would be sent to your email address connected to your Advanced account.
Your system admin may not allow this option because it is not as secure as using an authenticator app.
Security
Is my data safe?
We're asking everyone to use multi-factor authentication to access their Advanced software so that we can ensure your data is safe from malicious attacks. Using two forms of authentication increases security and can help prevent unauthorized account access, especially in the situation that your password has been compromised. You will most likely have experience of MFA in your personal life when accessing online banking, transacting online or accessing other apps.
I access Advanced applications from shared devices, how does Advanced SSO work then?
You can still use your Advanced applications as normal from shared devices once you're using Advanced SSO. Just make sure to log out when you're done and close your browser windows as you normally would. This will end your session and the next person to use the device will be directed to log in with their own details.
If you forget to log out and don't have access to the shared device, you can contact your system admin who can log you out remotely.
Who do I contact for support?
Contact your system admin if you need help logging in or using multi-factor authentication. They can contact Advanced Support if they need further help to solve your problem.
Never share a verification code with anyone else.
