Skip to main content

How to set up multi-factor authentication (MFA) in PASS

Written by Richard Morris

Multi-factor authentication (MFA) keeps your PASS account safe by checking it's really you when you log in.

Once your administrator turns it on, PASS will guide you through a short, one-time setup the next time you log in. This guide shows you what to expect at each step.

You can choose how you'd like to verify:

  • By email - we send a one-time code to your registered email address

  • With an authenticator app on your phone, such as Microsoft Authenticator or Google Authenticator

⚠️ Please note: From 27 July 2026, MFA will be turned on automatically for all GP Connect users. If you use GP Connect, you'll be guided through this setup the next time you log in after that date — it only takes a couple of minutes.


Step 1: Log in to PASS

The next time you log in, you will see the Additional Security Verification screen. It shows the verification status of your email address and your authenticator app.

From this screen you can:

  • Click Verify now next to your email address to verify by email code

  • Click Configure now next to Authenticator to set up an authenticator app


Step 2: Choose how you'd like to verify

Both options work equally well, so pick whichever suits you.

Option A – Use an authenticator app

Click Configure now on the Authenticator row, then follow the steps on screen:

  1. Install an authenticator app on your phone, such as Microsoft Authenticator or Google Authenticator.

  2. In the app, select Set up account, then Scan a code.

  3. Scan the QR code shown on your screen.

  4. Click Next once you've scanned the code.

  5. Enter the code your app generates when PASS asks for it.

💡 Tip: If you can't scan the QR code, click the "Can't scan QR code?" link to set it up manually instead.

Option B – Verify by email

If you'd rather use email, click Verify now next to your email address, then carry on to Step 3.


Step 3: Check your email for your code

PASS will send a one-time password (OTP) to your registered email address. The email will look like this:

⚠️ Important: Your code expires after 3 minutes, so have your inbox ready. Keep the code to yourself — no one from PASS or your office will ever ask you for it. If a code arrives that you didn't request, contact your office straight away.


Step 4: Enter Your Code

Go back to PASS, type your code into the "Enter code here" field, then click Verify.

💡 Tip: If your code hasn't arrived, click Resend and we'll send you a fresh one.


Step 5: You're all set

Once your code is accepted, you will see the Verification Successful screen, and your email address will show as Verified.

Click Proceed to PASS to carry on into the application.

💡 Tip: You can change your verification settings at any time from the Employee Details screen.


When will I be asked to verify again?

Once you're set up, you won't need to verify on every login. PASS will only ask you again in these situations:

Trigger

Detail

Every 7 days

A regular check that keeps your account secure.

Browser cache cleared

This removes your stored session, so PASS will ask you to verify on your next login.

App uninstalled or cache cleared

This also removes your stored session, so you'll verify again on your next login.

💡 Tip: If you find you're being asked to verify often, avoid clearing your browser or app cache unless you need to.


Having trouble?

If you get stuck at any point, your office is the best first port of call. You can also reach our Customer Support team — we're always happy to help.

Tel: 0330 094 0122

For anything urgent, please give us a call. For everything else, email works well.

Got a new phone since setting up MFA? Click here for help moving your authenticator across.

Did this answer your question?