Applying technical measures to support authentication and authorisation are key to any good digital security plan.
Authentication is checking that a user is who they say they are, and authorisation is deciding whether they should get access to the system. Some of the simplest ways to ensure good protection for school accounts is to enforce strong passwords and set up two-factor authentication on key accounts.
Password policy – best practices
The Ministry's recommendations for setting and enforcing secure passwords on school or kura accounts.
Creating secure passwords – information for teachers and staff
Everyone logging into any account on the school system should be using strong, unique passwords for each account.
Setting up two-factor authentication in schools and kura
School accounts and systems that hold a lot of information or are internet-based should be protected by two-factor authentication.
Using two-factor authentication – information for teachers and staff
Two-factor authentication (2FA) is required for specific roles and accounts at schools or kura, and recommended for others.
Last reviewed: Has this been useful? Give us your feedback