Updates to the login experience for employers

We updated how we secure account information for you and your employees. And, it's easier for you to log in to principal.com.

We changed how we make sure you are really you

We enabled 2-factor authentication, which is a more secure way to make sure it's really you logging in. You’ve probably seen it before on other sites. When you log in from an unrecognized computer or mobile phone, we’ll send you a verification code to confirm it’s you. You then enter that code, along with your username and password, to access your account.

We simplified how everybody logs in

You no longer need to choose a login type when logging into principal.com. You simply click log in and enter your username and password.

So, what does it really mean to you?

You can now register up to 4 ways to receive verification codes, including text, voice call, business email, or an authenticator app. We will use this information to send you verification codes in certain situations, such as if suspicious activity has been identified, if you forgot your password, or you are logging in from a computer or device you’ve never used to log in before. You choose which method you want to receive a verification code, every time we need to send you one. The best part? The verification codes replaced security questions and answers, as well as the employer access code.

What if you use the same login for personal and employer accounts?

If you log in to your personal account using the same username/password as your employer account and you already set-up 2-factor authentication for your personal account, you can choose to use those same options for your employer account. You will also have 2 new options to register to receive verification codes.

Will I have to set up 2-factor authentication immediately?

Yes. If you haven't set up 2-factor authentication yet, you will need to do so the next time you log in. Once you register for 2-factor authentication, you can choose to “Remember this device” on up to 5 different device(s), so you can go 90 days before being prompted to enter a verification code again, unless, of course, unusual activity is detected.

Do I need to set up more than one method?

It’s a good idea to register more than one method for receiving your verification code as you go through the set-up process. That way you have a back-up way to get a verification code if your primary method is not available (ie. you forgot your phone at home and you’re trying to reset your password at work).

What is an authenticator app?

An authenticator app is a third-party app that you can download and install on your mobile device or computer. There are a lot out there, and most of them should be compatible with your Principal account. If you’re not sure, we provide a few options to consider below.

  • For mobile: Microsoft Authenticator, Google Authenticator, Authy, or LastPass.
  • For desktop: Authy

What can I do to help secure account information?

If your office shares login information to access the secure employer site on principal.com, make sure everyone has their own login. How? The person assigned as the primary administrator for your account will need to assign secondary administrators, so everyone has their own username and password. Here are some steps you can take to get started:

  1. Review existing access for those in your office: Log in to manage security and double check to see if everyone is set up appropriately. If not, go to step 2.   
  2. Set up secondary administrators: If folks in your office need access and you’re not sure how to set them up, view the instructions (PDF).
  3. Verify new secondary administrators can view client information.

What if I have questions?

If you need help setting up 2-factor authentication or getting appropriate security access for benefit administrators in your office, please contact us:

  • Call 877-475-3436 for help with retirement plan accounts
  • Call 800-843-1371 for help with group benefit products