Using two-factor authentication – information for teachers and staff

Two-factor authentication (2FA) should be required for specific roles and accounts at schools and kura, and recommended for others.

What is two-factor authentication?

Two-factor authentication or 2FA (also known as two step verification and multi-factor authentication) is a simple way of protecting your accounts and your school network.

When you log in with 2FA, you'll need to provide:

  • something you know (your username and password), and
  • something you have with you (this can be a token, an app or code on your phone, or a fingerprint or voice recognition).

Adding this second step makes your account much more secure than logging in with a password alone.

Setting up 2FA on school/kura accounts

Your school's cyber security policy will define which roles and accounts must use two-factor authentication, and what type of 2FA to use. Your IT lead will provide any support and hardware that might be needed.

Setting up 2FA on personal accounts

Two-factor authentication is a good idea for protecting personal accounts.

It's most important for accounts that hold a lot of personal information – especially email, which can be used to reset credentials for many other accounts if hacked.

2FA for email

2FA for social media

Last reviewed: Has this been useful? Give us your feedback