This article explains how to enable two-factor authentication (2FA) in Personio for specific employee roles.
If two-factor authentication is enabled for an employee role, all employees assigned to that role must first enter their email address and password (knowledge, first factor), and also enter a token generated on their mobile device (possession, second factor) when they log in. Learn how your employees can set up two-factor authentication.
To better protect the data you have stored in Personio, you can enable two-factor authentication for any employee role in Personio. Follow these steps:
- Go to Settings > People > Employee Roles.
- Select a specific role and go to the Security tab.
- Tick the checkbox next to Enable two-factor authentication.
It is not possible to enable two-factor authentication for the role "All employees".