12/10/21 - MFA, Logins, Access
Beginning December 17th, 2021 we will be enabling Multi-Factor Authentication, or MFA, for all staff and faculty.
What is MFA?
Multi-Factor Authentication is the process of using an extra method when logging in to certain applications. This could be in the form of a call, text, one-time code via an app, or a prompt on your phone. A common example is getting a text message sent to you with a code to put in, when logging into certain applications. This is to add an extra layer of security, and prevent hackers from accessing your account if they find your password.
We are currently activating MFA for Office 365 applications only, so anytime you use your school Microsoft account to log into applications like your Outlook email you'll be prompted for MFA. When logging into a device via MFA it will give you the option to check "Don't ask again for 90 days", allowing you stay logged into that particular device for 90 days before asking you again. It will ask you this for each new device you log into.
Why are we doing it?
There's been a significant increase in cyberattacks recently across all institutions. Schools, businesses, and personal devices have all been targeted more and more frequently. This will help you ensure that you are the only one accessing your account, and that all your data is safe.
What should I do?
Most users should have security questions and an secondary authentication method set up already, it prompts you for these when your account is created. If your information has changed, or if you'd just like to go ahead and make sure that your authentication methods are set up and up to date, you can use the following link to do so:
Multi-Factor Authentication Setup
Otherwise, it should automatically prompt you after the change goes live on December 17th, 2021. If anyone has any issues we will be available via phone on Friday, December 17th and Monday, December 20th in addition to normal methods via tickets. You can reach us at (423) 442-3297.
Multi Factor Authentication Methods:
- Phone - This method will call the phone of your choosing. After answering the call, it will prompt you to hit the pound symbol to verify the login attempt.
- Text - This method will text you a one-time code to use to log in. The text will contain the code and you will type in the code into the provided field.
- Microsoft Authenticator App - this is an app you can download on your phone that gives you quick and easy access to your accounts. Downloading the app opens up two more avenues of MFA authentication:
- One time code: The app has constantly-changing code that you can look at any time to log in with. This code refreshes every 30 seconds, and is constantly visible in the app.
- Notification: The app also allows you to accept login attempts via push notification. This is the fastest way to log in - it requires no further interaction beyond clicking "approve".
When setting up MFA, you can choose your preferred authentication method so it always defaults to whichever method you prefer.
We are also rolling out a new optional method for login over the break. Windows Hello is a new, passwordless method for login. This will allow you to log in via biometrics such as facial recognition via webcam or fingerprint via fingerprint scanner. This is especially useful for logging into Windows laptops, which we hope to offer to all faculty in 2022.
Windows Seamless Single Sign On (SSSO):
In our efforts to make logging in and accessing your applications easier and more streamlined, we are setting up Windows Seamless Single Sign On. This is an automatic change that should be set up by the time everyone returns from break. This feature should reduce the amount of times a user is prompted to log into their account. By logging into your Windows account, SSSO should, once enabled, also automatically log you into many other accounts on that device, cutting down the amount of times you are prompted to put in your password. We are rolling out this feature for Office 365 applications at first, and hope to extend this to Google applications soon.
Technology Page Updates / Access Links:
We have updated the Technology page on the district website with more useful links and information: https://www.monroe.k12.tn.us/apps/pages/index.jsp?uREC_ID=1135765&type=d&pREC_ID=1402779
These links include a link to directly view your Microsoft Account, which allows you to do things such as update your security information (including account recovery questions and MFA setup), change your password, personalize your account, set up self service password reset, view your attempted logins to ensure that you are the only one accessing your account, among other things.
We have also posted direct links to the MFA Setup and the My Sign-Ins page as well.
We have also posted the Self Service Password Reset link on the website. If you lose access to your account, you may use your security information to quickly regain access.
We will also post large technology updates (including this one) on the district website for future reference. These can be accessed by navigating to the Technology Department webpage and clicking on the relevant Technology Update page.
Beginning in 2022, students will be receiving occasional automated emails containing a phone number and an email address that they can use to anonymously report bullying, students in crisis, drugs, weapons, or any threats of danger. These reports are anonymous and are sent to our web safety team at Gaggle, where real people review the reports and quickly reach out to the relevant leadership at each school as needed.
Potential threats and issues are monitored and reported based on severity. If there is a serious or time-sensitive threat, Gaggle will quickly reach out via phone calls to school and district leadership to ensure that the situation is handled quickly and efficiently.
We will be sending out more information on this when we return from break!