When it launches, MFA will replace the current ‘memorable word’ step with a more secure process to add extra layer of protection against phishing and other cyber threats.

There will be 2 steps to follow to log in:

1. Entering your username and password as usual
2. Entering a one-time passcode (OTP) that you can get either:
• through an authenticator app (recommended for best security), or
• sent to your SMS (text message) or email.

How it will work

The first time you log in after MFA launches…

You’ll be asked to set up MFA.

If you choose to use an authenticator app, you’ll need to download an app to your phone (if you don’t already use one), then scan a QR code or enter a setup key.

Alternatively, you can choose to get a one-time passcode (OTP) sent to you via SMS or email. If you select SMS, you’ll need to verify your UK mobile number during setup.

Ongoing logins…
When you log in the next time, you’ll need to enter your username and password as usual, then provide the OTP from your chosen method.

What do you need to do now?

Please make sure anyone on your team who uses the employer portal is aware of the upcoming change.

You’ll need to decide which MFA method you’ll use, and may want to download an authenticator app in advance to make the process even simpler when you come to do it in March.

If you need to add new users or change your own contact/login details, please contact the Employer Support team by emailing employer.support@railpen.com or calling 0800 029 1888.

We’ll provide further guidance closer to the launch date. If you have any questions, please contact Employer Support at employer.support@railpen.com