Multi-factor authentication (MFA) is a process that requires users to submit at least two pieces of identification to the system to gain access.
Or learn more about the security enhancements available from 11.36 onward.
MFA will be enforced on users when logging in to FastTrack360, depending on system or agency security configurations.
⚠️ Important: You may need Administrator permissions to configure MFA settings or view other users’ MFA records.
MFA Application Rules
MFA is applied in two ways:
MFA Mandatory Items – Enforced by the Australian Tax Office (or other government authorities requiring MFA for sensitive information). These are managed automatically by FastTrack to ensure compliance.
Example: Users with access to candidate payroll or payment data.MFA Security Roles – Enforced by your agency when specific security roles require MFA.
If MFA applies to your user profile, you will log in using your Username and Password (first factor), followed by a code (second factor), retrieved from your assigned MFA method.
MFA Methods
MFA TOTP (Time-based One-Time Password)
The code is generated by a TOTP Authenticator app on your mobile device or PC browser extension.
MFA SMS
A verification code is sent to your registered mobile phone number.
If a number isn’t stored in your profile, you’ll be prompted to enter one during setup.
Set Up MFA
Your MFA method is assigned and managed by your System Administrator.
When you log in for the first time, the system will guide you through setup according to your assigned method.
Set Up TOTP Authenticator
Download a TOTP Authenticator app to your preferred device (mobile, tablet, or browser).
On first login, scan the QR code displayed in FastTrack360.
Enter the 6-digit code from your app to complete login.
💡 Tip: Set up both a PC browser plug-in and a mobile app as backup options.
Set Up a TOTP Authenticator in a PC Browser
Open the Chrome Authenticator plug-in (right-click to open in a new tab).
Click Add to Chrome, then follow the installation prompts.
Once installed, open the plug-in and click Scan QR Code.
When MFA setup is prompted in FastTrack360, scan the displayed QR code.
The plug-in will generate a 6-digit verification code. Enter this code to complete login.
Set Up a Mobile Authenticator App
Open your device’s app store (e.g. Google Play or Apple App Store).
Search for and install Google Authenticator or another TOTP app.
Tap the + icon, then scan the QR code displayed during login.
The app will show a 6-digit code that updates every 30 seconds.
Enter this code to complete login.
📌 Store backup codes in a secure location in case you lose your device.
View or Re-Scan Your QR Code (Version 11.36.3+)
Once logged into FastTrack360, click the Profile icon in the top-right corner, then select Profile.
Click View QR.
Enter your password when prompted, then click OK.
The QR code will display briefly - scan it into your Authenticator app or plug-in.
If you have scanned the code, the app will advise where this is successful. The app. will generate passwords/codes which will change approximately every minute.
📌 You can re-scan your QR code if you change your email address or need to add another device.
Use SMS MFA
Ensure your mobile phone number is stored in your User Profile.
Refer to Viewing and Updating Your Profile.
When logging in, after entering your username and password, an MFA code is sent to your phone.
Enter the code on the SMS Authentication Screen, then click Submit.
📌 Update your User Profile if your phone number changes.
MFA Authentication Screen Options
Option | Description |
Remember Me | Saves your authentication for the current device/browser for a set period. |
I Don’t Have My Device | Prompts your Security Question for access (not available for Mandatory MFA users). |
Send New Code | Resends an SMS code if you didn’t receive the original. |
⚠️ Users with Mandatory MFA items (e.g., access to Australian payroll data) cannot use Security Question authentication.
Mandatory MFA Permission Items
If you have any of the following permission items and access to Australia in your data group, MFA is required at login.
Data Group Country | User Type | Permission Item |
Australia | Agency User | Gross Wage – Payee Data |
Australia | Agency User | Gross Wage – Pay Batch |
Australia | Agency User | Gross Wage – Pay Enquiry |
Australia | Agency User | Gross Wage – Reporting |
Australia | Agency User | Gross Wage – EFT Pay |
Australia | Agency User | Gross Wage – Pay Slip Delivery |
N/A | Agency User | Statutory Reporting (AU) – Payment Summary |
N/A | Agency User | Statutory Reporting (AU) – TFN Declaration |
N/A | Agency User | Statutory Reporting (AU) – STP Submission |
N/A | Agency User | Statutory Reporting (AU) – STP EOFY |
Australia | Agency User | Interpreter Results – Interpreter Review |
Australia | Agency User | Interpreter Results – Timesheet Transaction Reporting |
Australia | Agency User | Report – Report Designer |
Australia | Agency User | Candidate – View Payslip Details |
Australia | Agency User | Candidate – View Payment Summary Details |
💡 Best Practices
Set up both mobile and desktop authenticators for flexibility.
Keep your mobile number updated in your User Profile.
Store backup codes securely in case you lose device access.
Re-scan your QR code if you change your email address.
Verify your system clock is correct—time differences may invalidate TOTP codes.
🤔 FAQs
Q1: I can’t scan my QR code during TOTP setup.
Answer: Adjust your browser zoom settings and try again. If you have the I Don’t Have My Device option, answer your Security Question to log in. Otherwise, contact your System Administrator for assistance.
Q2: I lost my smartphone with the TOTP Authenticator app.
Answer: Contact your System Administrator to generate a temporary access code. Once logged in, install a new TOTP app and re-scan your QR code from your User Profile.
Q3: My TOTP codes are not being accepted.
Answer: Delete the FastTrack item from your Authenticator and re-scan your QR code. If your email address recently changed, re-scanning is required. Ensure your device clock is accurate.
Q4: My SMS code isn’t being sent.
Answer: Your SMS service may be temporarily unavailable. Try selecting Send New Code. If the issue continues, confirm your mobile number in your User Profile or contact your System Administrator.