Introducing Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) adds an extra layer of security by requiring more than just a password to log in. This helps protect your data, reduce fraud risk, and aligns with industry best practices.

MFA will apply to all members and non-members accessing CPA Australia portals, apps and services.

MFA will be rolled out commencing mid-December.

You’ll enter your username and password. Then you’ll be prompted to verify using your chosen MFA method – e.g. Email (default), SMS, or Authenticator app.

Yes. You can enrol in one or more authentication methods. On selection of a method, the browser remembers your choice. However, you have the option to verify using another method.

You can use backup codes or a secondary method if you set one up. If all options fail, contact the CPA Australia Contact Centre for support.

Yes, you can update your MFA settings in your Security Settings (e.g. switch from SMS to Authenticator app).

No. Communication preferences are managed separately. Disabling SMS for MFA does not affect SMS communications for marketing or notifications.

First, check your username and password, then try your MFA method again. If problems persist, use an alternate method. Else, contact the CPA Australia Contact Centre for support.

Password resets can take up to 15 minutes to sync across systems. Try again after waiting. If it still doesn’t work, call the CPA Australia Contact Centre for support.

If you’re not receiving SMS codes, you need to:

1. Check mobile network coverage and roaming settings.
2. Try switching to Wi-Fi and re-request the code.
3. Use the Authenticator app or email MFA as an alternative.

If the issue persists, contact the CPA Australia Contact Centre for support.

Yes. MFA codes via SMS, email, and Authenticator apps work internationally. However, SMS delivery may vary by local telecom providers. If SMS is not preferred, you can set up the Authenticator app as an MFA method.