One more way to keep you safe
To help protect our clients’ financial and personal information, we’re implementing multi-factor authentication (MFA) for My Client Space.
About multi-factor authentication (MFA)
MFA is a 2-step validation process requiring you to provide 2 types of information to confirm your identity. It provides an additional layer of security to the sign-in process to ensure that:
- You are the person trying to access your accounts.
- You are better protected from the risk of identity theft, online fraud and account hacking.
IMPORTANT: You must have your own login to be able to log into My Client Space with multi-factor authentication.
If you have been using someone else’s login or have shared access with colleagues, please contact your Client Relationship Manager.
Frequently asked questions
Why has iA implemented multi-factor authentication (MFA)?
iA has implemented multi-factor authentication (MFA) for My Client Space to add an extra layer of security and ensure that financial and personal information continues to be protected. MFA ensures that only you can access your accounts and reduces the risk of identity theft, online fraud and account hacking.
Is MFA mandatory?
Yes, all iA Financial Group companies are implementing MFA as an added security measure, and MFA is increasingly used by all major companies.
Do I have to complete MFA every time I login?
You have the option to pause multi-factor authentication for 30 consecutive days. In this case, you won't have to enter a second factor each time you log in, unless our security systems detect an intrusion risk.
Do I need a smartphone to use multi-factor authentication?
A smartphone or tablet is necessary to use the SMS, Google Authenticator and Okta Verify apps authentication options. If you do not have a smartphone or tablet, you must install the Authenticator extension on your computer’s browser. For instructions on how to configure the extension, please refer to the configuration manual.
How many phone numbers can I add for multi-factor authentication?
You can only use one phone number per authentication method.
Why can't I have my one-time multi-factor authentication verification codes sent to my email?
Sending one-time verification codes using the three available methods ensures a superior level of security for protecting the information in your account. The email authentication method does not meet the security level established by iA for the role of plan administrators and sponsors. As plan administrators and sponsors, we recommend using the Google Authenticator and Okta Verify methods to authenticate yourself.
How long is my one-time verification code valide?
For all methods, codes are valid for five minutes.
Can I authenticate from anywhere in the world?
Yes, you can authenticate from anywhere in the world, as the Google Authenticator and Okta Verify methods function globally.
How can I reset my authentication methods?
You can reset your authentication methods in My Client Space.
- Once authenticated, click on your profile and select the Multi-factor tab.
- Click on Reset to reset your configured methods.
- The next time you log in, you will need to configure at least one method.
How does it work?
Authentication methods
There are three authentication methods. One method is sufficient, but you can choose to set up more than one.
We recommend that plan administrators and sponsors use the Google Authenticator and OKTA Verify methods for authentication purposes. Note that the text message authentication method is temporary.
Google Authenticator
Download the Google Authenticator app on your smartphone or install the Authenticator Extension in your browser to generate verification codes.
Set-up guide with Google Authenticator (pdf)open_in_new
Okta Verify
Download Okta Verify app on your smartphone to generate verification codes.
Set-up guide with Okta Verify (pdf)open_in_new
Text message authentication (temporary method)
Get verification codes sent to your mobile phone via text message (SMS).
Set-up guide with Text message authentication (pdf)open_in_new
MFA for plan members
All plan members must use multi-factor authentication to access My Client Space. There are various authentication methods (SMS, phone call and email) they can use. For more details, please see the information page about this.
Plan administrators and sponsors who also have a member account will have to set up MFA for both accounts.
My Client Space login with MFA
Once you’ve set up MFA, you will be prompted to enter your username and password whenever you log into My Client Space. You will then be prompted to complete the multi-factor authentication process using the method you have chosen.
If you have not set up multi-factor authentication, please refer to the section above, which provides configuration guides to help you do so.
Note that a verification code can only be used once. A new code is required every time you log in.