Using two-factor authentication – information for teachers and staff

Two-factor authentication (2FA) should be required for specific roles and accounts at schools and kura, and recommended for others.

What is two-factor authentication?

Two-factor authentication or 2FA (also known as two step verification and multi-factor authentication) is a simple way of protecting your accounts and your school network.

When you log in with 2FA, you'll need to provide:

• something you know (your username and password), and
• something you have with you (this can be a token, an app or code on your phone, or a fingerprint or voice recognition).

Adding this second step makes your account much more secure than logging in with a password alone.

Setting up 2FA on school or kura accounts

Your school's cyber security policy will define which roles and accounts must use two-factor authentication, and what type of 2FA to use. Your IT lead will provide any support and hardware that might be needed.

• Turn on 2-step verification - Google(external link) 
• How to use two-step verification – Microsoft(external link)

Setting up 2FA on personal accounts

Two-factor authentication is a good idea for protecting personal accounts.

It's most important for accounts that hold a lot of personal information – especially email, which can be used to reset credentials for many other accounts if hacked.

• How to use two-step verification with your Microsoft account(external link)
• Turn on 2-step verification for Google accounts(external link)

2FA for email

• Gmail (opens in a new tab)(external link)
• Outlook (opens in a new tab)(external link)

2FA for social media

• Instagram (opens in a new tab)(external link)
• Facebook (opens in a new tab)(external link)
• Twitter (opens in a new tab)(external link)
• LinkedIn (opens in a new tab)(external link)

Last reviewed: 02 May 2023 Has this been useful? Give us your feedback