Skip to content

x Want to ask a question or reply? Click here to join the group.
Options
  • Replies 0 replies
  • Subscribers 49 subscribers
  • Views 135 views
  • Users 0 members are here
Browse Forums
Announcements
188
topics
145
replies
General Discussion
388
topics
828
replies
Sage HRMS Training
140
topics
96
replies

TOTP Authentication for Sage HRMS Web

Elizabeth Snitily
Posted By

Today I'll be sharing a quick start guide for the new layer of security for your Sage HRMS experience: TOTP (Time-based One-Time Password) Authentication is now available on the mobile and web versions of Sage HRMS.

Why TOTP Authentication?

TOTP is a widely adopted method of two-factor authentication (2FA) that significantly enhances the security of your account. Here’s why it matters:

 

 Benefits of TOTP Authentication

  • Stronger Security: TOTP generates a unique, time-sensitive code every 30 seconds, making it nearly impossible for attackers to reuse stolen credentials.
  • Reduced Risk of Phishing: Since TOTP codes are generated on your device and expire quickly, they’re much harder for attackers to intercept or reuse.
  • Cross-Platform Compatibility: TOTP works seamlessly across devices and platforms, giving you flexibility and peace of mind.
  • Compliance Ready: TOTP helps meet security standards and compliance requirements for data protection and user authentication.

 

Popular TOTP Authenticator Apps

You can use any of the following trusted apps to enable TOTP for your Sage HRMS account:

  • Google Authenticator (iOS, Android)
  • Microsoft Authenticator (iOS, Android)
  • Authy by Twilio (iOS, Android, Desktop)
  • LastPass Authenticator (iOS, Android)
  • FreeOTP (Open-source, iOS, Android)

Below is a guide for administrators and users to register, log in, and manage their TOTP authentication.

Enabling Time-based One-Time Password (TOTP) Authentication

Complete these steps to enable Time-based One-Time Password (TOTP) Authentication:

  1. Log on to HRMS Employee Self Service as the Master user.
  2. On the System Administrator menu, select Roles and Logon > Logon Setup.
  3. Under the Logon Properties section, select the Additional Authentication dropdown and select the option - Authenticator App.
  4. Click Save

The Additional Authentication setting will apply the next time an employee logs on to the system. All employees will be required to use an authenticator app to access your Employee Self Service. The Master user; however, is not impacted by any of the Additional Authentication options.

Employee Setup

Your employees should follow the steps below the first time you enable TOTP Authentication. An Authenticator app will be required for all ESS users to access Sage HRMS Employee Self Service any time TOTP Authentication is enabled.

Download and install an Authenticator app on their cell phones.

  1. Go to the Apple App store or the Google Play store.
  2. Search for and install one of the available Authenticator apps.

Tip: If your employee already has an existing Authenticator App on their cell phone, they can use that authenticator with Sage HRMS.

Existing Sage HRMS Users – First Time Login

Existing Sage HRMS Users will be prompted to register an authenticator the first time they log in after an organization enables TOTP Authentication.

To register a new authenticator to an existing login, follow these steps:

  1. Log in to ESS by entering your Username and Password.
  2. Click Sign In.
  3. The Additional Security Verification page opens. Follow the directions on the screen to register a new Authenticator:
    1. Install an authenticator app on your mobile device, or use an existing app.
    2. Scan the QR code displayed on the Additional Security Verification page to register your authenticator.
  4. Enter the Code generated by your app.
  5. Click Submit to log in.

   

Existing Users – TOTP Authentication

Once a user has successfully registered a TOTP Authenticator to their profile, they will be prompted to enter the code from their authenticator each time they log in after entering their username and password.

New Sage HRMS User Logon Creation

Users signing up for the web version of Sage HRMS will be prompted to register an authenticator at the time of their user name and password creation.

To create a new user ID with TOTP Authentication enabled, follow these steps:

  1. On the ESS Logon page, click the First-Time User Register Here link.
  2. On the Create New Logon page:
    1. Enter the requested information.
    2. Select a Security Question, and then type the Security Answer. Click Next.
  3. On the second Create New Logon page:
    1. Enter the Username that you want to use.
    2. Enter the password that you want to use.
    3. Enter your password again to confirm it. Click Save.
  4. The Additional Security Verification page opens. Follow the directions on the screen to continue:
    1. Install an authenticator app on your mobile device, or use an existing app.
    2. Scan the QR code displayed on the Additional Security Verification page to register your authenticator.
  5. Enter the Code generated by your app.
  6. Click Submit to log in.

Existing Sage HRMS User – Forgot Password

The password reset function is the web version of Sage HRMS now requires an authentication code when TOTP Authentication is enabled by an organization.

  1. On the ESS Logon page, click the Username and Password Help
  2. On the Change or Reset Password page, enter the requested information. Click Next.
  3. On the Forgot Your Password page, enter your Security Answer. Click Save.
  4. On the Change or Reset Password page, enter your new password.
  5. Enter your new password again to confirm it. Click Save.
  6. The Additional Security Verification page opens. Follow the directions on the screen to continue.

Register a New Authenticator – User Has Access to Currently Registered Device

If a user needs to register a new authenticator and has access to their currently registered device, the Change Logon screen now has a scannable QR code that will allow users to add a new authenticator to their profile.

To add a new authenticator, follow these steps:

  1. Log in using your existing username, password and authentication information.
  2. Select the Change Logon option from the User Profile menu in the header bar.
  3. Scan the QR presented on the screen to register a new authenticator.

   

Register a New Authenticator – User Does Not Have Access to Currently Registered Device

If a user needs to register a new authenticator but does not have access to the currently registered device, an Authenticator Help option has been added to the Sage HRMS login screen.

To add a new authenticator, follow these steps:

  1. On the ESS Logon page, click the Authenticator Help link.
  2. Enter your First Name and Last Name, and any other required information on the Authenticator Help page to verify your Logon. Click Next.
  3. Enter your Security Answer. Click Save
  4. Enter your Username and Password on the Additional Security Verification page. Click Submit.
  5. The Additional Security Verification page opens. Follow the directions on the screen to continue:
    1. Install an authenticator app on your mobile device, or use an existing app.
    2. Scan the QR code displayed on the Additional Security Verification page to register your authenticator.
  6. Enter the Code generated by your app.
  7. Click Submit to log in.

*Community Hub is the new name for Sage City