How is 2FA configured if SMS isn't suitable - Authenticator App?

The platform supports any standard TOTP-compatible authenticator including Google Authenticator, Authy, Microsoft Authenticator, 1Password, Duo Mobile and similar.

Setup steps:

1. Open the platform and navigate to Settings (cog icon) → Security → Two-Factor Authentication.
2. Select "Authenticator App" as the preferred 2FA method.
3. Scan the displayed QR code with your chosen authenticator app on your phone.
4. Enter the 6-digit code the authenticator displays back to the platform to confirm pairing.
5. Save backup codes if offered - printed somewhere safe in case the phone is lost or replaced.

Available alongside SMS and passkey - a user can have multiple 2FA methods configured and use whichever is most convenient at the time. For travel scenarios where SMS reception may be unreliable, having an authenticator app pre-configured is a useful backup.

When the authenticator app is preferred over SMS:

• International users - SMS routing to non-Australian numbers is less reliable than authenticator-app TOTP.
• Travelling staff - authenticator works offline; SMS requires telco coverage.
• Security-conscious users - TOTP isn't vulnerable to SIM-swap attacks the way SMS is.
• Users on shared phones - the authenticator app is locked to the user's phone account, not the SIM.

Related articles

• What MFA options does easyAML support?
• Can virtual assistants (e.g. Philippines-based) be set up with restricted access?
• Do clients need to download an app to complete KYC/VOI?
• Why is passkey the recommended MFA?
• Why might a 2FA SMS code be rejected as 'invalid'?