Changes coming to the login experience for individuals

Starting November 16, it will be easier for you to log in to view your account information on principal.com. We’re also updating how we secure your account, so we can continue to keep your information safe and secure.

We’re simplifying how everybody logs in

You’ll no longer need to choose a log in type when logging into principal.com. After the changes take place, you’ll simply click the log in button and enter your username and password.

We’re enhancing how we make sure you are really you

While 2-factor authentication is already available to you, we are making some enhancements on November 16. Personal email will no longer be an option for receiving verification codes, but you will have additional options to choose from, including text, voice call, or an authenticator app.

So, what does it really mean?

If you previously set up 2-factor authentication and registered both a mobile number and personal email, personal email will be removed as an option. Why? It’s not nearly secure as other methods we will be offering. Starting November 16, you will still have your mobile number as an option to receive verification codes by text, and you’ll be able add voice call or an authenticator app.

If you previously set up 2-factor authentication and only registered a personal email, you’ll be able to continue using your personal email for now. However, we strongly recommend replacing that with one of the more secure alternate methods, including text, voice call, or an authenticator app.

If you haven’t set-up 2-factor authentication yet, the first time you login after November 16, you will need to provide a mobile number to receive texts, a phone number to receive a code by voice, or register an authenticator app. We will use that information to send you a verification code in certain situations, such as if suspicious activity has been identified, if you forgot your password, or you are logging in from a computer or device you’ve never used to log in before. The verifications codes will replace the need for security questions and answers.

You can choose to “Remember my device” on up to 5 different device(s). Once you do this, you can go 90 days before being prompted to enter a verification code again, unless, of course, unusual activity is detected.

What the heck is an authenticator app?

An authenticator app is a third-party app that you can download and install on your mobile device or computer. If you register an authenticator app during the set-up process, you can receive verification codes through the app. There are a lot of authenticator apps to choose from, but most of them should be compatible with your Principal account. If you’re not sure, here are a few options to consider:

  • Mobile app: Microsoft Authenticator, Google Authenticator, Authy, or LastPass.
  • Desktop app: Authy

What if I need help?

If you have questions or need help setting-up 2-factor authentication, please call us at 800-986-3343.