To best protect the data you have stored in Personio from unauthorized access, you can enable 2-factor authentication for any employee role via Settings > People > Employee Roles by choosing a specific role and clicking on Security.
Note If 2-factor authentication is enabled for an employee role, all employees assigned to that role must, in addition to their email address and password (knowledge, 1st factor), enter a token generated on their mobile device (possession, 2nd factor) when they log in.
Your employees need to follow these steps to successfully enable 2-factor authentication:
- Download the Google Authenticator app to your cellphone.
- Open the app.
- Go to Personio at domainname.personio.com/login and log in with your email address and password.
A barcode will then be generated. In the app, select Scan barcode and point your camera at the barcode on the computer screen.
- Then enter the token that was generated in the Google Authenticator app.
This activates your device and enables 2-factor authentication.
Tip If you want to move the Google Authenticator app to a new device, you will find all of the necessary information here.