To strengthen account security and align with the Australian Cyber Security Centre (ACSC) cyber security strategies, the ARC is introducing Multi-factor Authentication (MFA) for all users of the:Research Management System (RMS)System to Evaluate the Excellence of Research (SEER)MFA will be mandatory from 16 August 2025.This means that in addition to your password, you’ll need to verify your identity using a second method, such as a code from an app or browser extension, when logging in.What You Need to DoIf you’ve already set up MFA:No further action is required.If you haven’t set up MFA:You have two options:Set up MFA before 16 August 2025 (Recommended)Avoid access issues and delays by setting up early.Follow the setup instructions below.Contact the RMS Support team for assistance via email RMSSupport@arc.gov.au or by phone 02 6287 6789.Set up MFA on or after 16 August 2025You will be redirected to the MFA setup screen at login.You will not be able to access RMS or SEER until setup is complete.If you experience difficulties, contact the RMS Support team. Please note: There may be delays due to high support volume.Setting Up MFA for RMS and SEERSetting Up MFA Prior to 16 August 2025 (Recommended)We strongly encourage users to set up MFA before 16 August 2025 to avoid access issues and ensure support is available if needed.To get started:Log in to RMS or SEER using your usual credentials.Go to ‘Personal Details’ in the Action Centre.Click on ‘MFA Settings’.Follow the instructions below to complete setup using:Mobile authenticator app (recommended), orDesktop browser extensionSetting Up MFA On or After 16 August 2025From 16 August 2025, MFA is mandatory. When you log in:You will be redirected to the MFA setup screen.You will not be able to access RMS or SEER until MFA is configured.Follow the instructions below to complete setup using:Mobile authenticator app (recommended), orDesktop browser extensionMFA Setup Using Mobile (Recommended)Setting up MFA using a mobile authenticator app is the easiest and most secure method.How to Set Up MFA Using a Mobile Authenticator AppDownload a recommended authenticator app such as Microsoft Authenticator or Google Authenticator.Log in to RMS or SEER using your usual credentials.Navigate to ‘Personal Details’ in the Action Centre.Click on ‘MFA Settings’.Follow the on-screen instructions to scan the QR code using your authenticator app.Enter the 6-digit code generated by the app to complete setup.Security FeaturesAuthenticator apps generate a new code every 30 seconds.If you enter an expired or incorrect code, you’ll receive an error message.Once setup is complete, you’ll see a confirmation message on screen.Logging In After SetupFor all future logins, you’ll be prompted to enter your MFA security code after your password. This ensures your account remains protected.MFA Setup Using a Desktop ExtensionWhile setting up MFA using a mobile authenticator app is the recommended method, you can also use a desktop browser extension for Microsoft Edge or Google Chrome.Note: Some organisations may restrict the installation of browser extensions due to IT security policies. If this applies to you, please use the mobile setup option.Recommended Extensions:Microsoft EdgeGoogle ChromeOnce installed, the extension will appear in your browser toolbar.How to Set Up MFA Using a Desktop Extension Open the extension by clicking on the icon in the toolbar. Select the pencil icon in the top right corner, and then select the + symbol to add a new account.Choose to either scan a QR code or enter details manually.If the RMS page displays a QR code, select Scan QR code.Tip: Scanning is simpler and automatically sets the issuer name. If scanning fails, use manual entry.Manual Entry: From the RMS MFA setup page, copy the string of numbers and letters shown below the QR code.In the extension, under Manual entry, set the issuer to RMS MFA and paste the copied string into the Secret key field.Select OK to generate a 6-digit code.Enter the code into RMS to complete the MFA setup.Once setup is complete, use the generated code each time you log in to RMS or SEER.Frequently Asked Questions (FAQs)Will MFA apply across all RMS platforms?Yes. MFA will be required for all RMS instances, including the National Competitive Grants Scheme (NCGP), Research Grants Services (RGS), and System to Evaluate the Excellence of Research (SEER).Do I need to set up MFA separately for each RMS platform?No. Once MFA is enabled on your user profile, it will automatically apply across all RMS platforms.Do I need to reset my RMS password to set up MFA?No. MFA setup does not require a password reset. If you’ve forgotten your password, use the ‘Reset password’ link on the RMS login page.Will the session timeout period change under MFA?No. The timeout period remains unchanged and is governed by the Australian Cyber Security Centre (ACSC). Session and screen locking help prevent unauthorised access to authenticated systems.Can I switch to a different authenticator after setup?Yes. You can change your authenticator method at any time. Once you switch, the previous authenticator will no longer work. We recommend removing the old authenticator after setting up the new one.Can I use both mobile and desktop MFA methods?We recommend using a single method. If you switch between mobile and desktop authenticators, the previous setup will be invalidated and must be reconfigured the next time you use it.Further assistanceNeed more help? Contact the RMS Support team at 02 6287 6789 or email RMSSupport@arc.gov.au.