What’s New in BambooHR: 2-Step Login

March 22, 2021

HR handles sensitive employee and business information—the kind you want to keep safe and secure—every single day. And it pays to be proactive about data protection: a whopping 43 percent of cyberattacks are aimed at small businesses, and a digital breach costs businesses an average of 200,000 dollars. That’s enough to put some small businesses out of business. And with remote work on the rise, your employees might not always be logging in with a safe wi-fi connection, meaning you are even more vulnerable to cyber attacks.

Short of hiring a security team or adopting a trained cyber-guard dog (which, unfortunately, isn’t a thing) there is something you can do to help secure your employees’ sensitive information:  you can activate 2-Step Login, the newest security feature in BambooHR® available for all BambooHR users.

What Is 2-Step Login?

2-Step Login is the BambooHR version of multi-factor authentication. When you log in to your account using 2-Step Login, you’ll first input your username and password as normal, and then enter a unique six-digit code generated on your phone by an authenticator app, like Google Authenticator. This additional step uses the code generated on your authorized device as a digital key, ensuring that it’s really you trying to access your account. That way, even if cybercriminals get a hold of your username and password, they can’t get into your account and steal your data unless they’re also in possession of your phone and can open it (because you keep it locked, right? Of course you do. Just checking).

Adding another step to log in might sound annoying. Luckily, after you enter your code, you’ll only need to re-enter it every 30 days on the same device, so it shouldn’t cause a big disruption in day-to-day work.

If you’d rather see how all of this works instead of taking our word for it, here’s a short demo video we made to walk you through 2-Step Login.

Why Should You Use 2-Step Login?

2-Step Login is an easy way to keep unauthorized users out of your data. Simple as that. It only adds a couple of seconds to your login process, but it gives you and your employees peace of mind that their data is secure.

While no system is impenetrable, data from Google shows that using multi-factor authentication blocks 100 percent of automated attacks, 96 percent of bulk phishing attacks, and 76 percent of direct, targeted attacks, meaning your chances of a digital breach are significantly reduced. Plus, protecting your employee and organization data also helps protect your company brand and reputation.

How to Set Up 2-Step Login in BambooHR

One of the account administrators will need to enable 2-Step Login in BambooHR. Once enabled, 2-Step Login will apply to all your users’ accounts. To enable 2-Step Login:

  1. Visit Settings > Account > 2-Step Login.
  2. Click on “Get Started.”
  3. Select a start date for when you’ll begin requiring 2-Step Login, and click “Save Changes.”

Keeping your data secure matters to us, which is why we’ve made 2-Step Login available to all BambooHR users at no additional cost. We know you’ve heard this saying one too many times, but in this case, you truly are better safe than sorry.

HR insights delivered to your inbox.

Get caught up every month on all things HR. Don't worry, we promise we won't spam you.

Daniel Dean
Sr. Product Marketing Manager