Two-factor Authentication

Two-factor authentication (2FA) is a specific type of multi-factor authentication that strengthens security by requiring two methods of identification (also referred to as authentication factors) to verify your identity.

Jobman uses time-based one-time passwords (TOTP), a 6-digit confirmation code that changes every 30 seconds, which needs to be entered from a third-party Authenticator application in combination with your email and password in order to login.

Some common Authenticator apps include:

Most Authenticator apps are are installed and set up on your phone or tablet. Some are available to be used on a computer, for example: 1Password is a mobile app and is also available as a browser extension on Mac and Windows.

Jump to how to setup two-factor authentication in Jobman

Making Two-Factor Authentication Compulsory for your Organisation

Jobman gives you the ability to make it compulsory for your Office Users to have two-factor authentication enabled in order to access your organisation's dashboard.

Important Information:

Before making Two-factor authentication compulsory for your organisation, it is important to understand the implications that this can have for your staff.

Before enabling this, we suggest discussing this feature with your IT consultant and implementing a policy for how staff members will manage their two-factor authentication codes. For example, if the company requires a certain app to be used and where recovery codes are to be stored.

Please note: if a staff member loses access to their Authenticator app and recovery code, they will not be able to access their Jobman account and will permanently logged out.

Two-factor authentication is setup by individual users, this cannot be managed at an organisational level. If a staff member loses access, the organisation does not have the ability to reset or recover the account.

To make two-factor authentication compulsory for your staff, please follow the steps below:

  1. Go to the 'Settings' tab from your User Menu Panel.
  2. Click into 'Security' settings.
  3. Click 'Update'.
  4. Click the checkbox for 'Two-factor Authentication'.
  5. Click 'Save Changes' to finalise.

Note: when your staff next login in, they will need to set up 2FA before they can access the app.

Provide the link to this document to your staff and direct them to the next step: 'How to set up Two-factor Authentication - Staff'. There is a 'How To' for both mobile and browser.

If you have set two-factor authentication to be compulsory for your organisation, this will not apply to users who have a Kiosk-only licence. Two-factor authentication is intended to keep your organisation's confidential data safe which the kiosk does not allow access to.

How to set up Two-factor Authentication (mobile/tablet)

What you will need: a smartphone with an Authenticator app installed (see a list of common apps at the start of this article).

If you do not already have an Authenticator app:

  1. Open your app store & search for your preferred app (or the app required by your organisation).
  2. Download & install the app, then complete the setup required by the application.

Enabling two-factor authentication:

  1. From the Jobman application, click the dropdown with your organisations name and select 'My Jobman' then navigate to "Security", or visit https://identity.jobmanapp.com/security

  2. Click the 'Enable' button and enter your password when prompted.

  3. Open your Authenticator app and click to add a new entry.
  4. Scan the code in from your Authenticator app. If you are unable to scan the QR code, you can manually enter the provided setup key instead.
  5. You will now see a new entry within your Authenticator app with the name 'Jobman', and a 6-digit confirmation code. This code will change every 30 seconds.

  6. Enter the 6 digit code provided into the 'Enter confirmation code' field.

  7. Click 'Enable 2FA'.
  8. If you do not enter your code within the 30 second window, you will receive an error saying "The Confirmation code entered was incorrect". Simply copy the new confirmation code and try again.
  9. Once your confirmation code has been verified, a pop up will appear with your one time recovery code. It is important that you keep this code somewhere safe. Please refer to your companies policy on how and where to store this. Once saved, click 'I have saved my recovery code' to proceed.
  10. Two-factor Authentication is now enabled on your account! Next time you log in, you will be prompted to enter the 6-digit confirmation code provided by your Authenticator app.

What is a Recovery Code? a single use recovery code will be generated for you upon enabling 2FA, this recovery code can be used to bypass two-factor authentication in the instance that you don't have access to your Authenticator app. ie; lost phone, battery dead etc.

Please note: once you have used your recovery code, it will no longer work and a new code will be generated for you. Please make sure to save this new recovery code, or disable two-factor authentication if you no longer have access to your Authenticator app.

How to set up Two-factor Authentication using 1Password on a computer

Before starting, you will need to sign up for and download the 1Password application as well as their browser extension.

Once 1Password has been installed and set up:

  1. From the Jobman application, click the dropdown with your organisations name and select 'My Jobman' then navigate to "Security", or visit https://identity.jobmanapp.com/security
  2. Click the 'Enable' button and enter your password when prompted.

  4. Once you can see the QR code, open your 1Password browser extension.

  5. Find (or create) the matching Jobman entry with your login credentials.
  6. Use the three-dot menu at the top right and click 'Scan QR Code'. You will see a small message that says 'copied one-time password'.

  8. Paste the 6 digit code provided into the 'Enter confirmation code' field.

  10. Click 'Enable 2FA'.
  11. If you do not enter your code within the 30 second window, you will receive an error saying "The Confirmation code entered was incorrect". Simply copy the new confirmation code and try again.
  12. Once your confirmation code has been verified, a pop up will appear with your one time recovery code. It is important that you keep this code somewhere safe. Please refer to your companies policy on how and where to store this. Once saved, click 'I have saved my recovery code' to proceed.
  13. Two-factor Authentication is now enabled on your account! Next time you log in, you will be prompted to enter the 6-digit confirmation code, which you can retrieve by opening the 1Password browser extension and copying it from the Jobman entry mentioned above.

What is a Recovery Code? a single use recovery code will be generated for you upon enabling 2FA, this recovery code can be used to bypass two-factor authentication in the instance that you don't have access to your Authenticator app. ie; lost phone, battery dead etc.

Please note: once you have used your recovery code, it will no longer work and a new code will be generated for you. Please make sure to save this new recovery code, or disable two-factor authentication if you no longer have access to your Authenticator app.

Lost or forgotten to put your recovery code somewhere safe?

You can regenerate a recovery code at anytime as long as you are logged in to Jobman. Go to your Jobman security settings and click 'Regenerate Recovery Code'. You will be prompted to enter your password before a new recovery code is generated.


Lost or Stolen Phone?

If you have lost your phone, it is important at to disable Two-factor Authentication for your account. Use your recovery code to login and Disable 2FA in your security settings.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us