2 Factor authentication (2fa) is an extra layer of security for accessing IT systems.

In addition to needing a username & password to access an IT system you also require a random code from a device, such as a phone. 


This means that if your username/password are ever lost, e.g., Accidently given out in a phishing email, no one can logon to your account without the extra code.

As a bonus, setting this feature up will also allow you to reset your school password outside of school at any time, should you forget it.


Why are we doing this?

Over the past few years, schools have become a big target for cyberattacks resulting in millions of pounds worth of damages & lost education time. Every day we see multiple attack attempts on our system from all over the world & whist they are blocked, we need to ensure it stays that way.


Who has to do this?


  • Staff - All staff members have been required to register for this since March 2018
  • Students - We are now asking students to register for this by the end of April 2022, Each yeargroup will be emailed when this is setup for them, starting with Post 16 and rolling down the years. 


We have started rolling this out to students due to other local schools suffering successful attacks on their IT systems via "hacked" student accounts that have been used to "Phish" their way up to high value accounts.


How does it work?

The system we are using requires registering two methods of verification. 


The first must be either

  • Phone number (Landline or mobile)
    OR
  • Authentication app, installed on your mobile phone

 

The second can be either of the two above, but with the addition of security questions, or a non-school email account to which a code will be sent to.

Then whenever you logon to the system from outside of school, you will be required to prove your identity using the methods registered.


What IT Services need this?

Any IT service we offer that you can access outside of school on a non-school device
When accessing a computer inside school, you won’t be asked to enter your 2-factor details.
Just your username & password like at present.


What do I need?

Ideally, a mobile phone that can install the authenticator app or receive text messages. 

If you don’t have this a landline & Security questions/email can be used instead.


How do I set it up?

For setup instructions, please see our guide here 

https://itservicedesk.kscs.org.uk/support/solutions/articles/43000655335

or you can go straight to https://aka.ms/mfasetup & follow the onscreen instructions.

 

We are asking students to register their details as soon as possible. Yeargroups will be emailed in stages with cutoff dates after which registration will be enforced & students won’t be able to logon outside of school without doing this.


I’m lost - Can you help me set this up?

Absolutely – Pop into IT Support (3L23) with your Mobile Phone when you can or arrange a set time for us to assist by emailing ITServiceDesk@kscs.org.uk