2 Factor authentication
What is two factor authenitcation?
Multifactor Authentication (MFA) is a security feature offered by many websites, applications and devices that dramatically improves account security. Sometimes MFA is also referred to as Two-Factor Authentication or 2FA. Technically, MFA could refer to a system where there are more than two forms of authentication.
Anyway, here’s how it works. If you have MFA setup for a given account (website, application or device), when you log in with your username and password, that account server is going to ask for a second, independent form of authentication before it will actually let you into the system. It’s kind of like when you open a bank account and they ask to see a picture ID and some other form of identification, like your social security card or a passport. It’s much harder to pretend you are someone you’re not when you have to prove who you are in two different ways!
FAQ's
How often will I have to provide 2 Factor Authentication?
When you log into your Google Account from a device for the first time you will be required to authenticate. Once that device is recognized, you will only have to authenticate every 30 days. Therefore, any unrecognized or new device will trigger an authentication protocol. BE SURE TO CHECK "REMEMBER DEVICE" after the first prompt from a new device. Otherwise, you will receive a prompt everytime you log in to your Google Account.
Will I have to provide 2 Factor Authentication when I log into my computer?
No, when you log into your computer you are logging into an account protected by our Microsoft Active Directory services. The 2 Factor Authentication we are requiring all users to enroll in is for their school issued Google Account.
What if I receive a 2 Factor Authentication prompt and don't have my cell phone available?
The Technology Team manages and has access to your account. Contact us via phone or email and we will provide you with a temporary code. x2105 or x2109
Is this guaranteed to keep my account safe and our organization less vulnerable?
MFA is considered the “gold standard” of account security, but it isn’t entirely perfect. For example, if you may fall victim to a phishing attack and you are directed to a fake webpage. If you believe you are on a legitimate site and enter your username and password, there is nothing to stop the phisher from immediately plugging that information into the real account (the one they are impersonating). This will cause the real account to request your second form of authentication. If you then respond and plug a code into that fake website, you will have just given the phisher access to your account and allowed them to side-step the security. That’s why it’s really important to be vigilant against phishing attacks and other forms of social engineering.
Now that my cell phone is linked to my Google Account, will my personal activity and data on my phone be shared?
No, the only data or activity being shared/managed by Brookville Local Schools is the activity on your Brookville Google Suite profile