Body
Overview
This article provides guidance on what Multi-Factor Authentication (MFA) is, why it's needed, when it will be required and how to enable it correctly.
Setting up MFA with your phone is easy and only takes a few minutes. Once enabled, it only takes a few seconds to verify yourself when logging in.
When you are ready to set up MFA on your account, visit the Setup MFA for detailed instructions.
What is Multi-Factor Authentication (MFA)?
Multi-factor authentication (MFA) is a security practice of using two or more authentication methods to verify your identity. In addition to entering your password, MFA will confirm your identity using one of the following:
- An approval notification through a secure authentication app on a mobile device.
- A verification code sent to your mobile device via SMS (text message).
- A verification code sent via your registered phone numbers - mobile or land line.
Why do I need MFA?
Educational institutions are now a major target of cyberattacks resulting in data breaches and identity theft. Cybercriminals are stealing student and staff data for malicious and exploitative purposes, e.g. for ransom. The impact on and recovery from a major breach will be extremely costly and disruptive to all affected students, staff, families and district operations.
Currently, access to our school district's digital stores of information currently only requires a single method of employee identity verification - a username and password. Passwords are increasingly becoming compromised from phishing, malware and social engineering attacks that attempt to trick employees into revealing them. By requiring a second verification method, MFA is highly effective at preventing cybercriminals from accessing your account even if they know your password. This is a crucial safeguard against unauthorized access and helps ensure our student, employee and district information remains secure.
The Freedom of Information and Protection of Privacy Act (FIPPA) states that public bodies “must protect personal information in its custody or under its control by making reasonable security arrangements against such risks as unauthorized collection, use, disclosure or disposal.” MFA constitutes a reasonable security arrangement and has become a standard security practice in almost every aspect of our personal and professional online experiences.
What services require MFA?
With MFA in effect, you can expect to occasionally, and under certain conditions, provide a second form of verification when accessing certain district resources like email, Teams, Google Workspace and other digital applications that use your sd68.bc.ca username.
What methods of MFA are available to me?
MFA supports the use of the free Microsoft Authenticator App on a mobile device, and codes sent as SMS (text messages) and phone calls to registered numbers.
Will MFA slow down my login process?
While MFA adds a step, it only takes a few extra seconds to authenticate.
What if I don’t have a smartphone?
Alternative methods, such as phone calls to land lines, are also available, as are SMS messages to a flip phone. Using the free, lightweight and secure Microsoft Authenticator app proves to be a preferred, more convenient and ‘frictionless’ experience for most users, and provides a higher level of security than receiving codes through SMS or phone calls.
*Note, using the MS Authenticator app on a smartphone does not require a live internet connection or data plan when authenticating an MFA request, as it can also be used in offline mode.
Can the App control my phone or track me?
The app is only used to ensure your account security and verify your identity. It is not used to monitor your activity or provide access to your device. Please view the resource below for more information: Microsoft Authenticator FAQ
When will I need to authenticate using MFA?
Authentication frequency depends on your device, location and changing risk factors, but is typically required for new logins or periodically. You can expect to get prompted for MFA depending on your DEVICE and LOCATION:
- NO MFA Required:
- When using a district computer within a district property (school or office)
- MFA occasionally expected:
- When using a personal device (e.g. BYOD) on or off district property
- When using a smartphone on or off district property
- When using any device from a problematic (known high security risk) location or network
How do I get set up for MFA (registration, activation, etc.)?
- Visit the Setup MFA page for detailed instructions.
- Setting up multi-factor authentication with your phone is easy and only takes a few minutes. Once enabled, it only takes a few seconds to verify yourself when logging in.
- Workshops: Drop-in sessions, both virtual and in-person are being scheduled at schools and district offices for hands-on setup help. Watch your inbox for announcements.
When you are ready to set up MFA on your account, visit the Setup MFA for detailed instructions.
Additional Help
If you are still experiencing issues after attempting all of the steps outlined above, please contact the SD68 Helpdesk (Link)