Implementing two-factor authentication


Two-factor authentication adds a layer of security to online resources by requiring users to generate a code through a verified communication channel (in this instance, a mobile phone number or email address associated with your account) at the point of login.

The two-factor authentication process will be implemented on Wednesday 17 August.

This will only be required once every 28 days for each device you use. To ensure that there is no interruption to your access to most of AOA's resources, please take a moment to review your AOA profile (login required) and ensure that your current email address and mobile number are listed.

Questions? Please contact ithelp@aoa.org.au and we'll be happy to help. 

  • Log in to the AOA website with your member ID and existing password.
  • The log-in process triggers the one-time passcode to be sent via email or SMS based on the information in AOA’s files under your AOA profile. 
  • Type in the unique OTP code in the field shown after the log-in page. 
  • Please note the OTP code will expire after five minutes so please be ready to retrieve it from your inbox or phone when it arrives. 
  • The verified OTP code will be remembered on your device (computer, mobile or tablet) for up to 28 days but only on the device you’ve used. After this time or on a new device a new OTP will automatically be issued when you log in and you’ll need to repeat the steps above.


When the system launches on Wednesday 17 August, everyone will start with email notifications. Make sure your AOA member profile has the correct email address before this date. To change your log-in OTP preference, once the system launches follow the steps (and screenshots) below.
  • Log in to the AOA website, under My AOA select My Member Profile.
  • Select the Privacy tab, scroll down to the EDIT button, click to edit. 
  • Login OTP Preference is the last option at the bottom of the panel, from the dropdown menu – select either email or SMS.
  • Click SAVE to save your preferences. 
  • Logging in via the AOA website or the AOA Training App should automatically trigger your preferred notification method and can always be changed by following the steps above.
  • If you clear your browser cache (computer or mobile device), a new OTP will need to be issued as part of the automated process outlined above. 
  • If your OTP code doesn’t arrive before expiring, or you accidentally delete it, you’ll need to return to the log-in screen and repeat the log-in process; this will trigger a new code to be sent. 

    If two or more OTP codes don’t arrive in your email or on your phone in a row, we strongly encourage you to contact AOA IT support at ithelp@aoa.org.au