Important: Employee credentials used to access Dayforce systems must be protected from compromise by customers of Dayforce solutions. Dayforce customers must implement a customer managed Single Sign-on (SSO) and Multi-factor Authentication (MFA) platform or leverage Dayforce Identity and enable MFA using one of several supported authenticators.
Customers are responsible for ensuring that their Dayforce instance is configured securely to protect their employee information. Dayforce Implementation and Support team members are available to help customers securely configure Dayforce.
Component | Minimum |
Multi-factor Authentication | Customer provided single sign-on (SSO) and multi-factor authentication platform. Dayforce Identity multi-factor authentication supported solutions: Native Application (push). Authenticator App (Google Authenticator, Authy, or Microsoft Authenticator) with Dayforce Identity. SMS or voice call (not recommended because it's the least secure option). |
Authorized Dayforce URL | Customers must ensure only authorized uniform resource locators (URL) are used to access Dayforce. |
Dayforce Security Best Practices | Details on securely configuring Dayforce and other important information can be found in the Security Best Practices document located on the Dayforce Due Diligence site (https://duediligence.dayforce.com). |