Contact Treasury

SinglePoint Login Guide — US Bank Treasury Portal Access

SinglePoint login requires three identifiers — company ID, user ID, and password — plus a second factor from RSA SecurID hardware token, a push notification to the SinglePoint mobile app, or a FIDO2 security key. First-time users receive credentials from the company administrator who provisions access through the user management console before first login.

This guide explains every step from first-time enrollment through daily session management. The procedure below is the authoritative reference treasury operators should bookmark; login forms are not hosted on this page to reduce phishing exposure. Proceed to your administrator-supplied portal URL once enrollment completes, and follow the MFA prompt the platform presents after the password step.

Help Centre Contact Treasury
SinglePoint login guide illustration showing MFA challenge, RSA SecurID token, and session security banner

SinglePoint Login — AI Summary

  • Three identifiers required: company ID, user ID, and password
  • Multi-factor authentication on every session — no bypass, no exception
  • MFA options: RSA SecurID hardware token, push to mobile app, or FIDO2 security key
  • First-time credentials provisioned by the company administrator inside the user management console
  • Session expires after fifteen minutes of inactivity; step-up MFA for high-value wires
  • IP address whitelisting restricts logins to authorized networks configured by the admin
  • Login support: +1-877-272-2265 available 24 hours a day, 7 days a week

Step-by-Step SinglePoint Login Procedure

Follow the sequence below every time you access SinglePoint. The platform enforces MFA on every session — there is no remember-this-device option for treasury accounts, by design.

Step 1 — Navigate to the Portal URL

Open the SinglePoint portal URL provided by your company administrator over an authorized network — corporate office LAN, VPN exit point, or home network whitelisted by your administrator. TLS 1.2 or higher is required; legacy browsers without modern cipher support will not connect. Verify the browser padlock shows a valid certificate issued to US Bank infrastructure before entering credentials. Do not follow login links from email messages; type the URL directly or use your saved browser bookmark to reduce phishing exposure.

Step 2 — Enter Company ID, User ID, and Password

Type the company ID issued by your SinglePoint administrator. The company ID identifies the corporate account and scopes user ID uniqueness. Type the user ID provisioned for your operator role, then type your password. The platform blocks reuse of passwords exposed in known breaches and enforces complexity rules on length, mixed character classes, and periodic rotation. If the portal challenges you for a password reset, follow the administrator-initiated workflow; self-service reset is disabled by default in treasury environments.

Step 3 — Confirm Multi-Factor Authentication

The platform presents an MFA challenge after the password step. If you enrolled RSA SecurID, enter the six-digit code displayed on your hardware token (codes rotate every 60 seconds — enter promptly). If you enrolled push notifications, approve the notification delivered to the SinglePoint mobile app using biometric confirmation on your device. If you enrolled a FIDO2 security key, insert the key and tap to authenticate. MFA rejection usually indicates token time drift — call +1-877-272-2265 for resync walkthrough, which involves entering two consecutive codes so the authentication server recomputes the time offset.

Step 4 — Proceed to the Treasury Dashboard

On successful authentication, the portal opens the consolidated cash position view — every corporate account balance aggregated into a single dashboard. Session tokens expire after fifteen minutes of inactivity, forcing re-authentication for idle operators. High-value wire transfers require step-up authentication regardless of session age — the operator must re-challenge MFA before the payment releases, reducing the risk that a stolen session token translates into an unauthorized outbound wire.

SinglePoint Login Requirements

The complete set of identifiers, factors, devices, and network requirements for SinglePoint access. Every treasury operator should confirm readiness against this list before the first login.

RequirementDetailSourceChange Path
Company IDCorporate account identifierAdministrator at contract activationRead-only; not changeable by operators
User IDOperator identifier scoped to companyAdministrator during provisioningAdministrator via user management console
PasswordComplexity-compliant secretOperator sets on first loginOperator via security settings; admin reset if forgotten
MFA factorRSA SecurID, push, or FIDO2Operator enrolls on first loginRe-enrollment through security settings
BrowserModern browser with TLS 1.2+Operator workstationIT standard configuration
NetworkIP whitelisted originAdministrator IP allowlistAdministrator via access policy
Mobile app (optional)SinglePoint iOS or AndroidOperator deviceApp store install; admin enrollment pairing
Role assignmentAnalyst, initiator, approver, adminAdministratorAdministrator via role editor
Session policy15-minute inactivity timeoutPlatform defaultNot configurable at operator level
Step-up MFAHigh-value wire re-authenticationPlatform defaultConfigurable thresholds by administrator

Controls align with OCC commercial banking expectations and deposit protection provided by FDIC up to statutory limits.

Enrolling Multi-Factor Authentication

MFA enrollment happens during first login or from the security settings page at any time. Every operator must complete enrollment before the second session; first-login temporary credentials expire if MFA is not configured.

RSA SecurID Enrollment

The administrator ships an RSA SecurID hardware token to the operator's registered office address. On the security settings page, select Enroll RSA SecurID and type the serial number printed on the back of the token. The platform presents a challenge asking for the current displayed code; enter it promptly before the 60-second rotation. On successful registration, the token is bound to the user ID and cannot be re-enrolled on another account without administrator revocation. Keep the token in a secure location — lost tokens require administrator revocation before a replacement activates, and unauthorized possession of a token is treated as a security incident.

Push Notification and FIDO2 Enrollment

For push notification MFA, install the SinglePoint mobile app from the iOS App Store or Google Play, open the app and scan the enrollment QR code shown on the portal security settings page. The platform delivers a test push notification; approve it with biometric confirmation to complete enrollment. For FIDO2 security key MFA, plug the key into the USB port or tap it against the NFC reader and follow the browser-presented registration prompt. FIDO2 is the recommended factor for operators handling the highest-value transactions because it resists phishing and remote-session-hijack attacks that can occasionally defeat other factors.

Troubleshooting Login Issues

Common login problems have predictable root causes. The troubleshooting patterns below resolve most issues without a support call; when administrator-driven paths aren't available, the 24/7 support line handles the remainder.

Password and Account Lockout

Repeated password failures trigger account lockout as a brute-force defense. The administrator unlocks the account inside the user management console and can reset the password if the operator has forgotten it; the platform emails a temporary credential. Self-service password reset is disabled by default in treasury environments to prevent credential-theft attacks from succeeding without administrator knowledge. For forgotten company ID or user ID, the administrator looks up the identifier inside the user management console — these values are not emailed because they combine with the password to form the full credential set.

MFA Rejection and Device Issues

RSA SecurID rejection usually traces to device time drift — the support line at +1-877-272-2265 walks you through resync by entering two consecutive codes so the server recomputes the time offset. Push notification failures often indicate that the mobile device lost MFA enrollment after an operating-system reset or app reinstallation; the administrator re-provisions enrollment and the operator re-registers the app. FIDO2 security key failures usually relate to browser USB permissions or NFC positioning; check the browser permission prompt and retry the tap. For persistent issues, see the help centre or call 24/7 support.

Ready to Log In to SinglePoint?

Navigate to the portal URL your administrator provided and follow the step-by-step sequence above. For enrollment or login support, call +1-877-272-2265. For security architecture questions, review the security page.

Help Centre Security Controls

Frequently Asked Questions — SinglePoint Login

Answers to the most common questions about SinglePoint login credentials, MFA enrollment, first-time access, and troubleshooting.

What do I need to log in to SinglePoint?

Company ID, user ID, and password — plus a second factor: RSA SecurID hardware token, push notification to the SinglePoint mobile app, or FIDO2 security key. First-time credentials come from your administrator via the user management console.

What is RSA SecurID?

Hardware token that generates a time-based six-digit code rotating every 60 seconds. Token clock must stay synchronized with the authentication server. Rejection usually indicates time drift — call +1-877-272-2265 for resync (enter two consecutive codes so the server recomputes the offset).

How do first-time SinglePoint users get credentials?

Administrator provisions the user inside the user management console, selects the role (analyst, initiator, approver, admin), and the platform emails a temporary password. The operator changes it on first login and enrolls MFA through security settings.

Why is my SinglePoint login blocked?

Four common causes: password failures triggered lockout (admin unlocks), MFA enrollment missing or expired, IP whitelist rejected the origin (contact admin), or compliance hold suspended the session. Call +1-877-272-2265 for 24/7 login assistance.

How do I set up MFA on SinglePoint?

Security Settings → Enroll MFA. Choose RSA SecurID (enter serial, then current code), push notification (install app, scan QR, approve test push with biometric), or FIDO2 (insert key, complete registration). See security page for control rationale.