Using two-factor authentication – information for teachers and staff
Two-factor authentication (2FA) should be required for specific roles and accounts at schools and kura, and recommended for others.
What is two-factor authentication?
Two-factor authentication or 2FA (also known as two step verification and multi-factor authentication) is a simple way of protecting your accounts and your school network.
When you log in with 2FA, you'll need to provide:
- something you know (your username and password), and
- something you have with you (this can be a token, an app or code on your phone, or a fingerprint or voice recognition).
Adding this second step makes your account much more secure than logging in with a password alone.
Setting up 2FA on school/kura accounts
Your school's cyber security policy will define which roles and accounts must use two-factor authentication, and what type of 2FA to use. Your IT lead will provide any support and hardware that might be needed.
- Turn on 2-step verification - Google(external link)
- How to use two-step verification – Microsoft(external link)
Setting up 2FA on personal accounts
Two-factor authentication is a good idea for protecting personal accounts.
It's most important for accounts that hold a lot of personal information – especially email, which can be used to reset credentials for many other accounts if hacked.
- How to use two-step verification with your Microsoft account(external link)
- Turn on 2-step verification for Google accounts(external link)
2FA for email
2FA for social media
- Instagram (opens in a new tab)(external link)
- Facebook (opens in a new tab)(external link)
- Twitter (opens in a new tab)(external link)
- LinkedIn (opens in a new tab)(external link)
Last reviewed: Has this been useful? Give us your feedback