Recently, isolved made a big shift: SMS and email-based MFA are no longer supported for service bureau and partner users. Why? Because those old methods are far too easy to exploit.
At Lift HCM, we know changes like this can feel like “just one more thing” on your plate. That’s why we’ve simplified everything you need to know—what’s changing, why it matters, and how to switch to a secure authenticator app in under 10 minutes.
Let’s walk through it together!
Table of Contents
- What Is MFA and Why Is It Required?
- What’s Changing in isolved MFA Requirements?
- Step-by-Step: How to Set Up an Authenticator App with isolved
- How to Manage Your MFA Settings in isolved
- Additional Security Features to Know
- Best Practices for Staying Secure
- Next Steps: Stay Protected with Advanced MFA
What Is MFA and Why Is It Required?
Multi-factor authentication (MFA) is a method of verifying your identity using more than one form of credential. Typically, this means combining:
-
Something you know: like your password
-
Something you have: like a smartphone or an app-generated code
This two-step process significantly boosts the security of your account. Even if your password is compromised, a malicious actor would still need access to your second authentication method to gain entry.
For payroll and HR professionals who manage sensitive employee data like social security numbers, banking details, and healthcare info, MFA is an essential barrier against breaches. In short, it’s no longer a nice-to-have—it’s a must.
Please note: sharing your credentials is no longer an option.
What’s Changing in isolved MFA Requirements?
Historically, isolved allowed users to receive one-time verification codes via email or SMS. However, these methods are no longer considered secure due to their vulnerability to phishing, SIM swapping, and email account compromise.
Effective immediately, isolved requires service bureau and partner users to switch to one of the following MFA methods:
-
Passkey authentication: Uses device biometrics (like fingerprint or facial recognition) or a local PIN
-
Authenticator apps: Apps that generate time-based one-time passcodes (TOTP) every 30 seconds
These changes are in line with industry best practices for reducing identity theft, especially in systems with access to personal and financial data.
Step-by-Step: How to Set Up an Authenticator App with isolved
You can complete this setup in under 10 minutes. Here’s how to move from legacy MFA methods to a secure, app-based approach.
Step 1: Log In Using Your Current MFA Method
-
Visit the isolved login page
-
Enter your email address and password as usual
-
If prompted, choose your current MFA option (email or SMS)
-
Enter the code you receive to proceed
💡 Pro Tip: If you see a “Remember Me” checkbox during login, selecting it will keep your session active for 12 hours unless you’re inactive. This reduces the number of times you need to re-authenticate.
Step 2: Choose Your MFA Method
Once logged in, isolved will prompt you to enhance your security setup. You’ll be asked to set up a passkey, but you can opt for an authenticator app instead:
-
Click “Maybe Later” to skip passkey setup
-
Choose Authenticator App from the alternative options
You can use any standard authenticator app that supports TOTP.
Step 3: Download an Authenticator App
If you don’t already use one, download a free app from the options below:
| App Name | IOS | Android |
| Microsoft Authenticator | Microsoft Authenticator | Microsoft Authenticator |
| Google Authenticator | Google Authenticator | Google Authenticator |
| Duo Mobile | Duo Mobile | Duo Mobile |
| Authy | Authy | Authy |
Each app will generate a unique 6-digit code that refreshes every 30 seconds.
Step 4: Link Your Authenticator App
-
isolved will display a QR code on-screen
-
Open your chosen authenticator app and scan the QR code
-
Your app will begin generating a code for isolved
-
Enter the current 6-digit code into isolved and click “Submit”
Congratulations! 🎉 You’ve now completed the MFA setup with your authenticator app. Your isolved account is secured with industry-grade protection.
How to Manage Your MFA Settings in isolved
Security needs evolve, and isolved gives you the flexibility to adjust your MFA preferences as needed.
To access your settings:
-
Log into your isolved account
-
Click the profile icon in the top-right corner
-
Select “Manage Account”
-
Scroll to the Security section
Here, you can:
-
Add or remove passkeys
-
Reconfigure your authenticator app
-
Enable or disable passwordless login options
Any changes you make will take effect immediately and can be updated at your discretion.
Additional Security Features to Know
In addition to MFA, isolved includes multiple features to enhance your organization’s overall digital safety:
Breached Password Alerts
If your password appears in a known data breach, isolved will notify you immediately and require a reset.
Unrecognized Device Detection
When a login occurs from a new or suspicious device, isolved will send an alert email to verify the activity.
These automated safeguards provide an extra layer of monitoring—especially helpful for distributed or hybrid workforces.
Best Practices for Staying Secure
MFA is just one part of a complete security strategy. To keep your systems protected:
-
Educate your team on why MFA is important and how to use it correctly
-
Never share login credentials, even temporarily
-
Use unique passwords for each platform and consider a password manager
-
Change authenticator app settings if you change or lose your device
-
Regularly audit login activity within isolved and flag anything unusual
Staying proactive helps protect your organization from preventable security breaches.
Frequently Asked Questions
Q: What if I don’t remember my password? A: Use the “Forgot Password” link on the login screen to reset securely.
📌 Pro Tip: Click on the "Need Help" under the "Continue" button on the login screen
Q: Can I use MFA on multiple devices? A: Yes, passkeys work across devices, but authenticator apps must be linked individually.
Q: Will I need to log in with MFA every time? A: Not necessarily. Checking “Remember Me” will bypass MFA for 12 hours unless there’s inactivity or a security alert.
Q: Can I opt out of MFA? A: No, MFA is mandatory to ensure your account’s security.
Q: What if I don’t have a valid MFA method set up? A: You may be allowed one-time email authentication to set up a passkey or authenticator for future access.
Q: Is passwordless login the same as skipping MFA? A: No, passwordless options like passkeys still verify your identity securely.
Q: Does isolved support SAML or Single Sign-On (SSO)? A: Yes, isolved integrates with SSO tools like OneLogin or Microsoft Authenticator via SAML.
Next Steps: Stay Protected with Advanced MFA
Multi-factor authentication is no longer optional—it’s a critical part of securing your business. With isolved eliminating outdated MFA options, now is the time to adopt a more secure solution. Authenticator apps offer strong, flexible protection and only take a few minutes to set up.
If you haven’t already made the switch, don’t wait until access becomes a problem. Follow this guide to get started, and reach out to Lift HCM for additional support. Our mission is to simplify the complex and help your business operate with confidence.
Setting up MFA in isolved is a straightforward process that significantly enhances your account’s security. By following this guide, you can ensure your account is protected against unauthorized access. Remember, MFA is mandatory, and sharing credentials is strictly prohibited.
For additional support, contact Lift HCM Support. Stay secure and take control of your online safety today!
Topics:
