Getting ready for two-factor authentication


Soon we'll be introducing two-factor authentication to make your RIW or myRIW account even more secure.  



What's changing?

When you log in to the RIW System or myRIW after the 12 October 2022, we will require you to produce a combination of your username and password, and one of the following authentication methods:

  • Email security code
  • SMS security code
  • Authenticator App security code (only available to RIW System Users, not cardholders)

 

You will need to authenticate your profile every day you log in, or more frequently if using in-private or incognito browsing.


What do you need to do?

To best protect your account, make sure your personal contact information is up to date. We'll use these details to verify you so it's important that it is accurate when two-factor authentication is switched on.


Cardholders can update their mobile phone number and email address now in myRIW.  They can also request their employer to update their contact details in the RIW System.


RIW System users can update their email address now.  After release on 12 October 2022, you will also be able to add your mobile number to your RIW profile and install the Authenticator App. We will provide you with instructions on how to do this once functionality is available.


Why are we doing this?

Adding an additional layer of security protects your account. By sending a security code to a mobile number, email address or your Authenticator App, ensures that the person accessing the account has more than just a username and password, meaning it is far less likely that your account can be compromised.


What if I am managing an account on someone else's behalf?

No one should be managing your account but you. Our System Access Rules clearly state that you must keep your credentials secure and not share those credentials with any other person.  As a company, if you need to create additional logins for system users, please follow our instructions on creating colleague logins


Rail Industry Workers should never share their credentials, even with their employer.


What do I do if my account has been compromised?

Please contact us as soon as possible so we can assist in securing your account.



Article link:

https://support.riw.net.au/support/solutions/articles/51000309195



Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.