Retirement plans Get the most out of your employer-sponsored retirement plans, including a 401(k).
Annuities Use a guaranteed income stream to help diversify your retirement options.
Individual retirement accounts (IRAs) Set up (and save in) a tax-advantaged account that’s just right for you.
Enroll today, save for tomorrow.
Sign up for your workplace retirement plan.

Enroll now
Looking for a dentist in your network?
Search our directory or browse a list of providers in your area.

Find a dentist
Create an account
Set up your online access and update your information.

Get started
Benefits and insurance Find out how to protect what matters most and support your well-being.
Estate planning Learn how to build a foundation to help your loved ones and leave a legacy.
Financial planning Discover tools, tips, and insights to help reach your short- and long-term goals.
Investing Create a plan and boost your knowledge so you know how to make financial progress.
Retirement Strategies to save for (and enjoy) your retirement.
View all articles
Featured Article

Your life changes. Your benefits should, too.

Use open enrollment time at your workplace to evaluate (and update) your voluntary and traditional benefits to help with financial wants, needs, and curveballs.
How can we help you? Close
Log in

For individuals
Help topics Help for businesses Help with online access to your employer account
Help with online access to your employer account

From setting up additional administrators to changing your employer password, these tips and how-tos can help.
How do I create an online account?

When you open or transition to a new Principal® retirement plan or group insurance policy, we automatically create an employer account for you.

We will send you, the primary administrator, an email. (Don’t see it in your inbox? Check your junk or spam folder.) You must click the email activation link within 7 days of receiving it. Then, follow these steps:

  1. Verify your identity by providing a few personal details.
  2. Confirm that you agree to do business electronically.
  3. Create your username and password.
  4. Choose your security questions and answers. (These help verify your identity when you call customer service.)
Why does my username still display on the password screen?

For your convenience, your username continues to display on the password screen so you can confirm it’s been entered correctly. If you enter the correct password but receive an error message, please check that your username is entered correctly. If not, click the “cancel” button to return to the username entry screen.
What if I didn’t receive an activation email, or the link isn’t working?

We can help.
How do I log in?
  • Click “Log in” at the top right corner of any Principal.com page.
  • Enter your username and click “Next.”
  • Enter your password and click “Verify.”
  • Follow the instructions provided.
What if I forgot my username or password?
  • Click “Log in” at the top right corner of any Principal.com page.
  • Click the “Forgot username or password” link under the “Log in” button.
  • Choose “Business & auditors” as your role.
  • Provide the requested information to confirm your identity. Click “Continue.”
  • You’ll receive a verification code by text, voice call, email, or an authenticator app.
  • After you’ve correctly entered your code, you’ll see your username and can reset your password, or login with your existing password.
I got an alert asking me if I wanted to set up a passkey. What’s a passkey and why would I want it?

A passkey is a simple, effective way to securely access your account using information that’s unique to you—think of a fingerprint, facial recognition, or PIN. A passkey is an alternative to a password.

Passkeys help improve the speed, security, and convenience of logging in to your account. Passkeys offer strong protection against phishing, and are better than passwords at protecting your phone, apps, and online access from others.
How does a passkey work?

A passkey works like a pair of digital “keys”—one public and one private—that must match to let you into your account. When you log in, your device uses biometrics (like your fingerprint or face) or a PIN to verify it's really you. The private “key” stored on your device connects with the public “key” stored on the website or app. If they match, youre automatically logged in. Unlike passwords, you never have to enter anything, and the private “key” never leaves your device, and is stored in the password manager. This makes passkeys both more convenient and more secure than traditional passwords; they can't be stolen in data breaches or discovered during phishing attempts.
Is a passkey just a password?

No, a passkey is not a password. While passwords are typed-in characters that you need to remember, a passkey is a secure technology that uses your devices built-in security to log you in quickly. Unlike passwords, passkeys cant be stolen or copied, and you never need to memorize anything.
How do I set up my passkey for my Principal account?

To enable passkey for your Principal account, log in and navigate to “My profile.” Click on “Manage 2-factor authentication preferences.” Follow the on-screen instructions. Once you set up your passkey, it is then saved to your password manager on your device. Subsequently, when you sign in to your Principal account that has a passkey enabled, you’ll be prompted to provide the key you’ve chosen, and verify with the device’s unlock method such as a fingerprint.

Passkeys are unique to you and your account, and fingerprint, facial recognition, or PIN are always stored on your device.
How long does it take to set up my passkey?

Typically just a few minutes. You’ll register your passkey with Principal by signing in with your current username and password. Then, on-screen instructions walk you through the process of adding a passkey.
Are you storing my biometric or PIN information?

No. Your biometric data never leaves your device.
Will I still need to use my password to access my Principal account?

No. If you have a passkey set up and use it to log in, you no longer have to enter your password to access your account. You can choose to use your password, if you like. For example, if you are logging onto an account at a computer that isn’t yours, you may have to use your password.
Can I use a passkey even if I log in on multiple devices?

Yes, you can use passkeys across multiple devices. If you use cloud services like iCloud or Google Password Manager, your passkeys will automatically sync across your phones, tablets, and computers. For devices you don’t own (like a friend’s computer or public device), you can quickly gain temporary access by scanning a QR code with your phone. When you scan the code, your phone verifies, through Bluetooth, that you’re physically nearby, and then grants access without saving your passkey on that temporary device. This gives you the flexibility to securely access your accounts anywhere while keeping your passkeys protected.
Why is Principal using passkeys?

Passkeys offer you even more security to protect your account information, as well as convenience and ease of access.
I have two Principal usernames. Can I use the same passkey on both?

No. You need a separate passkey for each username. That’s because each passkey is uniquely tied to a specific username and account. This feature helps to increase security; it ensures each of your accounts remains separate, much as you have different passwords for other things in your life.
Can I use the same passkey if I have different roles for my Principal account?

Yes, just as your password and one-time passcode options work for both roles. You may set up more than one passkey so that passkey authentication can be used across your devices.
What if I get a new device? Do I have to set up passkeys again?

If passkey information on your device is synced to a cloud password manager, when you upgrade a device and transfer data, your passkey data should transfer, too. You can also set up additional passkeys for devices that do not synchronize passkey data.
What if I don’t want to have a passkey right now?

That’s fine. You can use your password and an authenticator app instead.
Can I share a passkey?

Passkeys are intended for account owners only, and should not be shared.
Do passkeys expire?

No. The only way to disable a passkey is by removing it from your password manager and security settings.
Can I change a passkey?

Technically, no, because information like facial and fingerprint recognition doesn’t change. You can change your device unlock method without impacting your passkeys. Instead, you can disable passkeys if you no longer wish to use them.

Yes, you can manage your passkeys as needed. Start by logging in to your account; navigate to “My profile,” then “Manage two-factor authentication preferences.” There, you can remove an old passkey and add a new one for a different device. In addition, if you update your device’s unlock method—such as switching from a fingerprint to facial recognition—your Principal account passkey will continue to work. You'll just use the new unlock method to access it.
I tried to use my passkey but got an error message. What do I do?

There are a few reasons you may receive a message telling you your account verification was unsuccessful:

  • Is your username entered correctly?

  • Did you use a device that isn’t yours? If so, you may have to use your password and one-time passcode.

  • Did you, at some point, disable your passkey? If you removed the passkey on your Principal account, you’ll have to set up passkey again.

  • Did you complete the passkey challenge in a timely manner? The attempt may have timed out, please try again.

  • Is your device unlocked and are your biometrics (fingerprint, facial recognition) or PIN working properly?

  • Is your browser up to date and supported? Some older or less common browsers may not work with passkeys.

If, for some reason, a passkey isn’t working, you may enter your password and an authenticator code for access.
I don’t want to use a passkey anymore. How do I disable it?

Start by logging in and disabling the passkey in your Principal account settings. Navigate to “Manage two-factor preferences” and follow the prompts to remove passkey from the device. Remember: multi-factor authentication (MFA) is required to log in to your Principal account, so ensure you have an alternate method set up. Then, to disable passkey access for your Principal account on an Apple device, go to your Settings, then Passkeys. Click on “Principal,” then “Edit.” Follow the prompts to delete the passkey. On an Android device, settings may vary based on manufacturer. Navigate to Settings, then your password or passkey manager. Select “Principal,” then “Remove.”
I set up a passkey on my desktop computer. Can I use it on the Principal Mobile App?

Unless your desktop’s passkey manager is synced with your mobile device, you will not be able to use the passkey configured for your desktop on the Principal app. However, there's a simple solution: Set up an additional passkey specifically for the Principal app. Log in to the app using your password and one-time passcode, then set up a new passkey for your mobile device. This will let you use passkey authentication on both your desktop and mobile app.

Note: For Android devices, you may need to ensure the Google Credential Manager is being used. Third-party or other device specific credential managers may not work with the Principal Mobile App.
How do I change my login information?

Log in and view “My profile” to change your password or security settings.
What’s the difference between primary and secondary administrators?

The primary administrator has full access to your employer account on Principal.com. This person can grant full or limited access to other individuals as secondary administrators. The secondary administrator can perform transactions or tasks on the employer website.

If you don’t know who your primary administrator is, please call us.
How do I add someone as a secondary administrator?

Secondary administrators may be granted full or limited account permissions by the primary administrator. For details, see instructions for managing security access (PDF).
What can I do with an online account?

Your Principal online employer account lets you:

  • Administer benefits
    • Add or remove employees and coverages.
    • View and update employee information and changes.
    • Update salaries, one at a time or all at once.
    • View and order ID cards.
    • Track online transactions.
  • Review benefit information
    • View plan information.
    • Electronically sign eService agreements.
    • Search, print, and order group insurance booklets and policies.
    • Access and complete disability and life claim forms.
    • View, download, print, or order forms and documents.
    • Access reports for life and disability claims and dental maximum accumulation.
  • Manage account billing and payment information
    • Download or view billing statements.
    • Set up and pay premiums electronically.
How does Principal ensure our information is safe?

Principal uses multiple security features and procedures to keep your account information secure and confidential. Contact us immediately to change your password if you suspect it has been discovered.

  • Your company and employee account information can only be accessed with a combination of your unique username, password, and verification code.
  • Your account information is not permanently stored on our web server. It is only permanently stored on our highly secure corporate network systems.
  • The sole responsibility of our data security staff is to ensure the security of the information we process and store.
  • Our policies and procedures limit access to your information to only those who have a business need to view it.
Reach out
Need more help?

Call us with questions about retirement plans: 877-475-3436
Call us with questions about group insurance products: 800-843-1371

Or send us an email.