Arrow Icon

Client Portal 2-Factor Authentication Optional Enrollment Released for Mass Mutual

Visit Heart of Advice

for expert insights on the most pressing topics financial professionals are facing today.

Learn More

Webinar: 2020 Trends & Strategies for Smarter Giving (1 CFP® CE Credit) Dec 3, 2020 2:00 PM ET

Register Now

Online security is a top concern for clients. And with comprehensive security measures on their Client Website, like password protection, secure socket layer encryption, firewalls, intrusion detection, audits, inspections, and more, you can be sure their needs are met.

Starting today, you can offer clients an additional layer of security to calm their concerns. When your clients log into their Client Website, they’ll be prompted to enroll in 2-Factor Authentication (2FA). See below for more information on what your clients can expect, and Frequently Asked Questions.

Here’s how it works: 


The first time your client logs in, they’ll be prompted to enroll in 2FA or skip enrollment for now. If they choose to enroll, they’ll receive a 6-digit PIN to their mobile phone, which must be entered in the login screen when prompted.

Enter your mobile phone number to enroll in 2FA.

They’ll also have the option to set up a second phone number to receive a text message or voice call-back. This is a fallback number that can be used when they do not have access to their primary phone during sign-in.

Set up a Recovery Phone for emergencies.

The PIN is delivered primarily via text message, but if users do not have access to their primary phone or are having trouble receiving texts, they can choose the More Options link on the Sign In page.

Choose more options if you are not able to receive a text message on your Primary Phone number.

This will allow you to select a Call Me option to receive a voice call-back, or they can request one-time access from their advisor.

Select your Primary or Recovery Phone and whether to receive a voice call-back or text message.

Still have questions about client website 2FA? Check out our FAQ below.

Client Website 2FA FAQ


What is Client Site 2-Factor Authentication?

2-Factor Authentication (2FA) is a complete fraud detection platform that uses a dynamic risk and rules-based approach to identify high-risk behaviors and initiate an additional layer of security. With 2FA, clients are required to log into their Client Website by not only entering their username and password, but also a verification code that’s sent to their mobile phone.

What will my clients need to do?

Enrolling in 2FA is simple. Here are the steps they’ll need to follow:

  1. Clients will simply log in to their personal financial management site.
  2. They’ll then be prompted to enter their mobile phone number to receive a PIN code.
  3. Finally, they’ll need to enter the PIN code to be securely signed into the Client Website.

Will my clients be required to enable 2-Factor Authentication?

No – your clients can skip the enrollment process. Adaptive technology will intelligently monitor log in activity and will only prompt for 2FA when it identifies at-risk behavior. Advisors and clients have the option to choose between Standard (adaptive) and High (every login) 2FA settings.

If my clients enroll in 2FA, are they required to enter their mobile PIN every time they log in?

Clients have a choice between mandatory log-in 2FA (High Security) and an intelligent adaptive system that will only require clients to enter their verification code if it recognizes “high-risk behavior” (Standard Security). For example, if a client has logged in at their home location, and across the country shortly thereafter, clients will be required to enter a verification code.

How do clients enroll in 2-Factor Authentication?

Clients will automatically be prompted to enroll in 2-Factor Authentication upon logging in for the first time after today.  At any time, they can adjust their primary and recovery phone in their Client Website settings.

What if my client loses their phone?

Clients can set up a recovery phone if their primary phone is lost, stolen, or broken. This recovery phone is not required to be a mobile device. In addition, advisors have the ability provide them with a temporary access code from their Client Website settings.

What if my client has an international phone number?

International phone numbers are not supported in 2FA.

What if my client does not have a mobile phone?

Clients without a mobile phone can request a phone call to a landline.

How should I position this change to my clients?

Use this sample client email as a basic template and customize for your clients.


Related Posts