Workforce One: Security Update

As our next step to enhance security, Kronos will be implementing changes for all users logging into the Workforce Ready platform.  These changes will apply to Workforce users. To help you prepare we will be holding a webinar to fully explain and demonstrate the new functionality.  The changes planned are as follows:

  1. Enhanced password standards – Beginning Thursday, July 9th the system will require all users to create a new password.  The password must contain a minimum of 8 characters and include at least one uppercase letter, one lowercase letter, one number and one symbol. Users will also be prompted to change their password every 90 days.  On the next login, the system will prompt the user for a new password, requiring that they enter passwords that meet the new standards.
  2. Multi-factor Authentication – Beginning Thursday, July 9th the system will also require Multi-factor authentication.  Currently the system requires a user name and password to access the system. Multi-factor authentication adds an additional level of security, by requiring the user to also enter a randomly generated 6 digit code.  This 6 digit code can be sent to the user via email, mobile text message, or a phone call.

Beginning Thursday, July 9th, the following will occur during your user’s login:

  1. The user will be prompted to register for Kronos Multi-Factor Authentication
  2. The system will access the phone number and email address on file, and ask the user to select which phone number or email address should be used for communication
  3. The next time the user logs in, they will select the method for delivery (email, text message, or phone call) and the system will generate a random 6 digit code and send it to them
  4. After entering the code, the system will validate the number, and grant access to the application
  5. The user will have the option to “remember” the computer they are using and forgo the verification process in the future

Important notes regarding Multi-factor Authentication

  • A company email address will be required for sending authentication codes.  This can be entered on the Company Set Up Page.  The email is stored on the Company Info tab under Company Addresses.
  • If the user does not have an email address or phone number stored in the system, they will be prompted to provide them when they login.  To minimize disruption, we recommend you run an Employee Roster report to validate every employee has at least one phone number or email address stored in their profile.
  • Multi-factor authentication is not required when using Web Clock and/or any time clock device
  • User guides explaining this new functionality can be found here www.atrsystems.com/docs/WorkforceOne_Security_Update.pdf.  We also have a webinar that is now available on YouTube for review here: https://youtu.be/72exyuBvK9o.

If you have any questions regarding these changes, please contact your Application Specialist for assistance.  We recognize this is a change to your current business process, but we believe that this is the best way to ensure you and your customers achieve an added level of security.

Written by