Xoxoday Empuls supports two-factor authentication (2FA) for all secured login methods, including OTP via SMS or email, Google Authenticator, Microsoft Authenticator, and Single Sign-On (SSO) with enforced MFA.
Two-Factor Authentication on Xoxoday Empuls
Xoxoday Empuls supports two-factor authentication (2FA) as a standard security control across all login methods. When 2FA is enabled, users must verify their identity through a second factor after entering their username and password, significantly reducing the risk of unauthorized access even if credentials are compromised. This applies to all users on Xoxoday Empuls — employees, managers, and administrators — ensuring consistent security coverage across your organisation.Supported Authentication Methods
Xoxoday Empuls offers flexibility in how the second factor is delivered. OTP via SMS or Email: A one-time passcode is sent to the user’s registered mobile number or email address. This is the simplest method to deploy and requires no additional app installation on the employee’s device. Authenticator Apps: Users can link their Xoxoday Empuls account with Google Authenticator or Microsoft Authenticator to generate time-based one-time passwords (TOTP). This method works offline and is the preferred choice for IT teams with stricter security postures. SSO with Enforced MFA: Organisations using Single Sign-On through identity providers such as Okta, Azure Active Directory, or Google Workspace can enforce MFA at the provider level. Xoxoday Empuls honours the MFA status passed through from these providers, so IT teams manage authentication policy centrally without configuring 2FA separately per application.Enterprise-Grade Security Alignment
For organisations subject to audit or regulatory requirements, Xoxoday Empuls’s 2FA support maps directly to access control requirements expected under frameworks such as ISO 27001 and SOC 2 Type II. Enabling a second authentication factor is one of the most effective controls for satisfying these requirements. As a practical example, an IT team deploying Xoxoday Empuls alongside Workday or SAP SuccessFactors can configure SSO with MFA enforced at the identity provider. Employees then authenticate once with strong verification and gain access to all integrated tools — including Xoxoday Empuls — under a single secure session. This eliminates credential sprawl while meeting enterprise security baselines.Enabling 2FA for Your Organisation
Administrators manage authentication settings directly within Xoxoday Empuls’s security configuration panel. From there, you can select which 2FA method applies to your organisation, enforce it for all users, or allow employees to self-enrol through their account settings. For SSO-based MFA, configuration happens at the identity provider level and Xoxoday Empuls automatically honours those session policies — no duplicate setup required on the Xoxoday Empuls side. Learn more: Empuls Help Centre — GeneralHow does SSO work in Xoxoday Empuls?
Connect your identity provider and configure Single Sign-On for seamless, centralised employee authentication.
What security certifications does Xoxoday Empuls hold?
Learn about Xoxoday Empuls’s compliance with ISO 27001, SOC 2 Type II, and other enterprise security standards.