Changes coming to the login experience for advisors

Starting November 16, we’re updating how we secure account information and we’re making it easier for you to log in to principal.com.

We’re changing how we make sure you are really you

This security enhancement is called lots of different things, but in general, 2-factor authentication is probably the most common name. You’ve probably seen it before on other sites. When you log in from an unrecognized computer or mobile phone, we’ll send you a verification code to confirm it’s you. You then enter that code, along with your username and password, to access your account. 

We’re simplifying how everybody logs in

You will no longer need to choose a login type when logging into principal.com. After the changes take place, you’ll simply click the login button and enter your username and password.

So, what does it really mean to you?

The first time you login after November 16, you will be able to register up to 4 ways to receive verification codes, including text, voice call, business email, or an authenticator app. We will use this information to send you verification codes in certain situations. And, you choose which method you want to receive a verification code, every time we need to send you one. The best part? The verification codes will replace security questions and answers.

Will you have to set up 2-factor authentication immediately?

Once the changes take place on November 16, it would be ideal to set up your 2-factor authentication with your first log in, but we understand that you may need time to adjust your business practices. That’s why we’re giving you until the end of the year to get it done.

The first time you login after registering for 2-factor authentication, you can choose to “Remember this device” on up to 5 different device(s). Once you do this, you can go 90 days before being prompted to enter a verification code again, unless, of course, unusual activity is detected.

Do you need to set up more than one method?

It’s a good idea to register more than one method for receiving your verification code as you go through the set-up process. That way you have a back-up way to get a verification code if your primary method is not available (ie. you forgot your phone at home and you’re trying to reset your password at work). 

What is an authenticator app?

An authenticator app is a third-party app that you can download and install on your mobile device or computer. There are a lot out there, and most of them should be compatible with your Principal account. If you’re not sure, we provide a few options to consider below. 

  • For mobile: Microsoft Authenticator, Google Authenticator, Authy, or LastPass.
  • For desktop: Authy

What can you do to get ready?

If your office shares login information to conduct routine servicing tasks, you'll need to make sure everyone has their own login. How? The person assigned as the primary for logging in will need to assign delegates, each with their own account. Here are some steps you can take to get started:

  1. Review existing access for those in your office or firm. Go to Manage My Delegates application and double-check to see if everyone is set up appropriately.
  2. Set up new delegates. If folks need access and you're not sure how to set them up, view the instructions for setting up delegates
  3. Verify new delegates can view client information. If a new delegate has issues accessing information, the primary advisor needs to fill out the Delegate Authorization Request Form. Once the form is submitted, the Advisor Web Support Team will make the necessary changes within 2 business days.

Who to contact if you have questions?

Please direct any questions to the Advisor Web Support Team or 800-554-3395.