Multi-factor authentication (MFA) is one of the most effective ways of securing user accounts in your Student Management System. In this article, we will go over how to enable MFA in your system.
TABLE OF CONTENTS
- What is Multi-Factor Authentication?
- Activating Multi-Factor Authentication
- Disabling Multi-Factor Authentication for a User
What is Multi-Factor Authentication?
MFA is a security measure that requires you to provide a combination of things to verify your identity. Typically, it requires a combination of a two or more of the following factors at the time of sign in:
- Something that you know (password, PIN, passphrase, security question)
- Something that you have (authenticator app, SMS, email, physical token)
- Something that you are (fingerprint, facial recognition, iris scan)
Having MFA enabled provides you with much more protection against bad actors trying to access your account. Even if they were to gain access to one piece of information (for example, your password), they will need to obtain other required information to gain access to your account.
This provides extra layers of security and makes it much less likely that your account will be compromised.
Your Student Management System supports MFA via the use of an authenticator app on your mobile device. Some popular choices for MFA authenticator apps are:
Activating Multi-Factor Authentication
MFA needs to be enabled on a per user basis and only the user themselves can set it up. After logging into your account, click on your Profile at the top right corner and click on Preferences.
You will now be on the Preferences page for your user account. Click on the Security tab and you should see a message stating that MFA has not been enabled yet.
If you don’t see the message shown above, MFA functionality will need to be activated on your site.
Contact your Customer Success Manager or Support to get this enabled.
Click on the Enable Multi-factor Authentication button. This will bring up a QR code that you must scan with an authenticator app on your mobile phone.
When you go to scan the QR code with your authenticator app, you will be provided with a 6-digit code to enter into your system.
After entering the provided 6-digit code into your system, click on the Enable button to switch on MFA functionality for your account.
Now when you log into your account, you will need to provide the 6-digit code from the authenticator app to successfully sign in.
When you log into the system after using MFA, you will only need to provide the 6-digit code again if one of the following is true:
- You have manually logged yourself out of the system.
- 7 days has passed since you last used MFA when logging in.
Disabling Multi-Factor Authentication for a User
MFA might need to be disabled on a user account for a variety of reasons. To do this, you need to go to the party profile for the user.
You can either search for it using the search bar or go to Administration → Security → Users.
Click on the Edit button to go to the edit page for their user account.
Uncheck the MFA Enabled checkbox and save your changes. This will disable MFA for that user and they will not need to provide a 6-digit code to login.