New security requirements for your Member Online account
From 16 February 2026, you’ll need to set up enhanced multi-factor authentication (MFA) options in Member Online to access your account.
Last year, we introduced changes to the two-step identity check known as multi-factor authentication (MFA) to further improve your Member Online account security.
This year, in a phased approach between 16 February and 6 March, we’ll be making these updates compulsory so that all members benefit from enhanced security.
This means if you’re an existing Member Online user, you’ll be required to use a passkey and/or authenticator to verify your identity when logging in and making changes in Member Online.
If you haven’t already set up one of these options, you will be prompted to once these changes come in. You won’t receive a verification code via SMS or email anymore.
Why did we make these changes?
The benefits of these new security features are stronger account security and easier log in.
Once you set up one or more of these options, logging in will be as easy as unlocking your phone or typing in a verification code that appears instantly on your device.
Most importantly, you have an added layer of protection when transacting online – changing your account details, switching your investment plan, or requesting payments from your Retirement Income Pension account, which will be an enhancement introduced later this year.
This is because passkeys and authenticators dramatically reduce the risk of account takeover and payment fraud.
We know these additional options may be unfamiliar for some – especially if you’re used to email and SMS verification codes – so we understand that these changes could feel overwhelming or confusing. We’ve created resources to make setting them up as simple as possible.
Simple set up
Watch our set up videos for a step-by-step guide to setting up a passkey or authenticator in Member Online.
We recommend setting up a passkey and/or authenticator on an Apple or Android device such as a phone or tablet – and one that you keep with you. We also suggest you set up more than one method, such as a passkey and authenticator, so you have a backup.
About passkeys
Passkeys are like digital keys that are linked to your device.
With a passkey, you can verify your identity in a similar way to how you unlock your device, such as with your fingerprint, face, PIN or swipe pattern.
About authenticators
An authenticator generates a one-time code on your device that you enter to verify your identity. This code generally isn’t shared and changes frequently.
Set up options and support
We understand that not everyone uses a smartphone, and some members may have accessibility needs that make using an authenticator or passkey challenging. If this applies to you, there are other secure options available.
Whether these options will work for you depends on the device you are using, its operating system, the browser you are using – and your preference.
For general compatibility requirements, go to the Member Online help guide.
Password managers
You can set up a passkey or authenticator through password managers such as Keeper Security, 1Password or Google Password Manager. These services store your passkeys in an encrypted vault and sync them across devices.
Device password features – automatic set up
Depending on your device, you may be able to use automatic password-saving features to set up and store passkeys. Apple users may also be able to automatically set up an authenticator on their device. This depends on the device and operating system you are using.
Authenticator apps
Depending on your device, you may need to install an authenticator app, such as Microsoft Authenticator and Google Authenticator.
You may be familiar with authenticator apps if you work in the WA Government, as many agencies use Microsoft Authenticator to access internal devices.
Physical security keys
If you don’t have a smartphone or prefer not to use one, you may be able to use a physical securitykey (such as a USB or NFC key) for MFA – if compatible.
A physical key works by plugging into your computer or tapping your device and doesn’t stay on the device.
Accessibility support
If you have accessibility requirements that make authenticators or passkeys difficult to use, we’re here to help. Our team can talk through your situation and work with you to set up an option that best meets your needs.
Alternative ways to check and manage your super accounts
If you’d rather not set up the enhanced security requirements or you are unable to use one of the above options, you won’t be able to access your Member Online account – but you can give us a call or use Live Chat to check your balance and make changes to your account.
You can still submit paper forms and receive account information over the phone or by email or letter.
New to Member Online?
If you register now, you’ll be prompted to set up a passkey and/or authenticator for MFA. This will give your account an extra layer of security from the moment you create it.
Protect your privacy and identity
We have secure measures in place to help make sure your super stays safe, but there are steps you can take to protect your privacy and identity online.
- Check your accounts often
- Use strong passwords and change them regularly
- Keep your security up to date
- Always set up multi-factor authentication
More information
- The Australian Government has a range of resources to help Australians stay secure online
- Learn more about multi-factor authentication
Need help
- Visit our Member Online help guide for compatibility information and FAQs
- Contact us if you're concerned about the security of your account
Thank you for printing this page. Remember to come back to gesb.wa.gov.au for the latest information as our content is updated regularly. This information is correct as at 09 June 2026.