Multi-factor authentication FAQs

Over 4 weeks, starting from 19th April 2023 you be asked to set up MFA. You don’t need to do anything before this. The system will tell you to set it up and give you instructions on how to do it.

We’re rolling out MFA gradually to ensure there is minimal disruption to your services. This enables plenty of capacity our systems and support team to make your transition as smooth as possible.

No, you need to wait for the system to prompt you.

No, not yet. We will only require MFA on https://ailo.pm. We may introduce security changes to the apps later in 2023.

No, this update only applies to agency users. However, we may review and update consumer security in the future.

MFA is a secure authentication method that requires people to prove their identity by supplying two or more pieces of evidence (or “factors”) when they log in. One factor is something you would be very familiar with a username and password. Other factors are verification methods that you have in your possession, such as an authenticator app on your mobile phone. You’ll need to use it to access https://ailo.pm, alongside your normal password, to access your account. “MFA offers significantly more powerful security and protection against criminals.” ACSC (Australia Cyber Security Centre, part of the Australian Government). You can learn more about MFA using the official ACSC guidelines: https://www.cyber.gov.au/mfa.

We’ll still require a normal password to access https://ailo.pm, but you’ll also need MFA to access your account. Passwords by themselves can be guessed, written down and otherwise compromised, leaving you and your customers vulnerable.

Google Research found using authentication apps blocks 100% of password attacks by automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks. We understand that it’s more convenient to use a password without MFA, but passwords alone are simply not secure enough in 2023 and represent an unacceptable risk to you and your customers.

       v.2023.04.03