ESR Multi Factor Authentication

Following development nationally of ESR new functionality has been introduced in July 2024 to enable access using MFA (Multi Factor Authentication).

Setting MFA for ESR access adds an additional layer of security to the existing ESR login process. Set up takes minutes and safeguards against unauthorised access from malicious parties and helps to further protect from cyber security threats and scams.Users will also be able to reset their own password using Multi Factor Authentication.

ESR MFA

All staff are encouraged to set up MFA for ESR at their earliest convenience to increase their login security. Guidance on how to set up MFA is available and in the downloads section of this page here. A short video has also been developed by the national team which can be viewed below.

 

Benefits of Setting ESR MFA?

Setting up MFA for ESR access not only makes access more secure, but it also enables access to the new ESR Leavers Dashboard. Introduction of this dashboard allows staff to access their P45, payslips and P60’s for 90 days after leaving Trust employment.

All staff should note that printed hardcopy P45’s will no longer be generated in ESR from 1st September 2024, therefore staff must set up MFA in advance of their leaving date to obtain their electronic P45. This will be the only way leavers can access their P45.

Setting MFA in advance of a leaving date will automatically allow access to the Leaver’s Dashboard after leaving Trust employment. This will give access to the following key information:

  • Allows access to P45 after leaving Trust employment,
  • Allows access to the last 4 Payslips after leaving Trust employment,
  • Allows access to the latest P60 after leaving Trust employment,

 

 

Multi Factor Authentication - Key Points

  • Once MFA is enabled, it is not possible to revert to another method.
  • Option to remember device, allowing users to access the Employee Dashboard only with username and password. This lasts for 60 days.
  • Users can use multiple devices to access ESR but only one mobile device can be set up as the authentication source at a time.
  • Registering a new device as the authentication source replaces the previous one. Devices can also be reregistered as the authentication source.
  • If the wrong code is entered more than 5 times, then user must wait one minute for attempting to enter again.

Related downloads

pdfMFA in ESR User Guide v1.0 (0.69 MB)