Using 2-factor authentication – Information for teachers and staff

Two-factor authentication (2FA) should be required for specific roles and accounts at schools and kura, and recommended for others.

What is 2-factor authentication?

2-factor authentication or 2FA (also known as two step verification and multi-factor authentication) is a simple way of protecting your accounts and your school network.

When you log in with 2FA, you'll need to provide:

  • something you know (your username and password), and
  • something you have with you (this can be a token, an app or code on your phone, or a fingerprint or voice recognition).

Adding this second step makes your account much more secure than logging in with a password alone.

Setting up 2FA on school or kura accounts

Your school's cyber security policy will define which roles and accounts must use 2-factor authentication, and what type of 2FA to use. Your IT lead will provide any support and hardware that might be needed.

Turn on 2-step verification – Google(external link) 

How to use two-step verification – Microsoft(external link)

Setting up 2FA on personal accounts

2-factor authentication is a good idea for protecting personal accounts.

It's most important for accounts that hold a lot of personal information – especially email, which can be used to reset credentials for many other accounts if hacked.

How to use two-step verification with your Microsoft account(external link)

Turn on 2-step verification for Google accounts(external link)

2FA for email

2FA for social media

If you have attended a conference and collected a security key to use from our Ministry of Education – Digital stand. Follow these instructions to set it up:

How to set up and use security keys for 2-factor authentication(external link)

Last reviewed: Has this been useful? Give us your feedback