TABLE OF CONTENTS


Simply Benefits supports MFA. Multi-Factor Authentication (MFA) adds an extra layer of security to your login. Instead of just a password, it requires an additional verification method in the form of a one-time passcode. Think of it like having multiple locks on your door – even if someone knows one key (your password), they still need another (like a code to your email or cell phone) to get in.


Should you use it? Yes! It significantly reduces the risk of unauthorized access to your accounts, even if your password gets compromised. It's a simple step for much stronger security to help ensure nobody but you access your private information. This setting is optional unless your employer has enforced it for your company.


Want to learn more about MFA? Go here.





Instructions on how to enable and disable MFA:

Members


  1. Log in to your Member Portal or App.
  2. On the App - Select "Account Details" from the hamburger menu in the top-left. On Desktop, Select "My Account" then "Account Details".
  3. Enable or Disable MFA at the bottom of the menu.


Advisors


  1. Log in to your Advisor Portal.
  2. Select the gear in the top-right to modify your details.
  3. Enable or Disable MFA at the bottom of the menu.


Admins


  1. Log in to your Admin Portal.
  2. Select the gear in the top-right to modify your details.
  3. Enable or Disable MFA at the bottom of the menu.


Company-wide MFA Enforcement:

If you would like all users (Admins, Members) of your organization to be required to use MFA, contact Simply Benefits or your Advisor to request it.



How it works - Why did I receive a Simply Benefits Login Request?

If you received an email with this Subject from noreply@simplybenefits.ca, it's because your username and password were entered on our login page successfully, triggering the second step in the login process because Multi-factor Authentication (MFA) is enabled on your account. Your one-time passcode will work for 5 minutes, then expire.


What if I wasn't trying to login?

If you didn't trigger the login request yourself, someone else did. Did you share your credentials with anyone? If so, they may have tried to login. 


If you're sure you nor someone you shared your credentials with didn't try to log in, you should change your password immediately to protect your account. In extreme cases your account may be under attack, so always remember to never share your one-time passcode with anyone else.