Resource: Notification to PSL users of MFA activation

This article contains a sample communication that may be employed to notify and instruct PlanSponsorLink users in the use of Multi-Factor Authentication. Use the appropriate sections based on your organization's MFA Type preference, and replace any bracketed text as appropriate. This resource is offered as an example; you are welcome to alter any other part of this communication to suit your practices.

 

For more information on this feature, refer to the article Multi-Factor Authentication For PlanSponsorLink.

 


 

Introduction

 

On [DATE], [COMPANY NAME] will implement Multi-Factor Authentication (MFA) for all PlanSponsorLink users. Multi-Factor Authentication—also known as Two-Factor or Two-Step Authentication—provides an additional layer of security by requiring a user who is attempting to log in to PlanSponsorLink to input a code that is sent to their [PHONE NUMBER / EMAIL ADDRESS / PHONE NUMBER OR EMAIL ADDRESS]. This extra step helps ensure that an unauthorized party is unable to access an account in the event that a user's login information is compromised in any way.

 


 

Instructions (based on MFA Type preference)

 

[MFA Type set to Email and Text]

Upon logging in to [PLANSPONSORLINK URL] for the first time after [DATE], you will be asked whether you would like to receive your security code via text message or email address. This choice can only be made once; the selected authentication method will be used for all subsequent logins.

 

If you select Text, you will be asked to provide the phone number of a mobile device that is able to receive text messages. This device should not be shared with any person(s) besides yourself. The supplied phone number will be saved for future MFA requests.

 

If you select Email, the email address associated with your PlanSponsorLink account will be used for MFA; no additional input is needed.

 

Upon selecting your desired MFA option, you will receive an email or text message containing a 6-digit numerical code. This code expires after 10 minutes. Input this code exactly as shown, then select Verify. If successful, you will be logged in to PlanSponsorLink as normal. You will receive an email notifying you that MFA was used to access your account; this is an additional security precaution to assist in identifying any malicious activity.

 

 

[MFA Type set to Email]

Upon logging in to [PLANSPONSORLINK URL] for the first time after [DATE], a 6-digit security code will be sent to the email address associated with your PlanSponsorLink account. This code expires after 10 minutes. Input this code exactly as shown, then select Verify. If successful, you will be logged in to PlanSponsorLink as normal. You will receive a second email notifying you that MFA was used to access your account; this is an additional security precaution to assist in identifying any malicious activity.

 

 

[MFA Type set to Text]

Upon logging in to [PLANSPONSORLINK URL] for the first time after [DATE], you will be asked to provide the phone number of a mobile device that is able to receive text messages. This device should not be shared with any person(s) besides yourself. The supplied phone number will be saved for future MFA requests.

 

A 6-digit security code will be sent via text message to the phone number that was entered. Input this code exactly as shown, then select Verify. If successful, you will be logged in to PlanSponsorLink as normal. An email will be sent to the address associated with your PlanSponsorLink account notifying you that MFA was used to access your account; this is an additional security precaution to assist in identifying any malicious activity.

 


 

Conclusion

 

Once you successfully use MFA to log in to PlanSponsorLink, you will not be required to use MFA again for 60 days unless you attempt to log in to PlanSponsorLink from a different device or location.

 

Thank you for your cooperation and assistance in helping keep your data secure. If you have any questions or concerns regarding Multi-Factor Authentication, please reach out to us at [CONTACT INFO].