Not logged in - Login

An introduction to Two Factor Authentication

SIMS ID introduces Two Factor Authentication.

SIMS ID is providing the option to enable Two Factor Authentication (2FA) for all or some of your users.

What is Two Factor Authentication?

In today's world of increasing access to services and data via a single login, it is necessary to consider the risk of a username and password becoming known to a third party. With standard security procedures (especially online) only requiring a simple username and password it has become increasingly easy for unauthorised people to gain access to a user's private data such as email or personal files.

With an increasing amount of pupil data being accessed online SIMS ID gives you the option to apply additional security to the services that you use through SIMS ID such as your e-mail or access to Hosted SIMS or SIMS Primary.

How does it work?

Two Factor Authentication, also known as 2FA, two-step verification or TFA (as an acronym), is an extra layer of security that is known as "multi-factor authentication" that requires not only a password and username but also something that only that user possesses, i.e. a piece of information only they should know or something that they have immediately to hand - such as a physical token.

Using a username and password together with a piece of information that only the user knows makes it harder for potential intruders to gain access and steal that person's personal data or identity.

Two Factor authentication is something you will be familiar with for securing your Online Banking. It is now increasingly common for service providers and social media companies to allow you to enable Two Factor Authentication when accessing your account details.

What Additional Authentication Factors will SIMS ID accept.

SIMS ID will initially support two methods of Two Factor Authentication

Random Characters from a Passphrase

You will be asked to provide an Additional Passphrase. On authentication, you will be asked to provide three characters from this Additional Passphrase in addition to your username and password.

For example, you may have set a passphrase of V0ldeM0rtshallNOTBnamed

When authenticating you may be asked for characters 4,7&12 which in this case is 'd','0'&'a'

Authenticator App.

There are a number of Authenticator Applications that can be installed on mobile devices.

SIMS ID recommend Google Authenticator for iOS and Android devices and Microsoft Authenticator for iOS and Windows-based mobile devices. The links below will help you to download an Authenticator App.

I have an iOS (Apple) Device

Download Google Authenticator from the ITunes App Store or Download the Microsoft Authenticator App from the ITunes App Store

I have an Android Device

Download Google Authenticator from the Google Play Store Or Download Microsoft Authenticator from the Google Play Store

I have a Windows Mobile Device

If you have a Windows Phone then you will need to download the Microsoft Authenticator App from the Windows App Store

Before you can use Two Factor Authentication

There are some things that you and your Site Administrator need to do before you can use Two Factor Authentication.

Site Administrators need to...

Enable Two Factor Authentication for your site.

This has to be done by a Site Administrator.

Full details on Enabling Two Factor Authentication for your site.

When enabling Two Factor Authentication for a site it can be enabled for * all users* or just for some users. An effective from date can also be set to allow users to prepare for Two Factor Authentication.

Users need to

Set up your Security Questions.

To use Two Factor Authentication through SIMS ID you will need to have set five security questions. You may have already set these to enable Password Self Recovery. You can do this at any time by clicking the Set Security Questions option in SIMS ID.

These questions are not used as part of the Two Factor Authentication process but are needed in case you have a problem with Two Factor Authentication once it is enabled.

Enable a Two Factor Authentication method.

You will need to either Set up an Additional Passphrase

or

Set up an Authenticator Application

What happens when a user logs in after Two Factor Authentication has been enabled?

First login with Two Factor Authentication


You may also be interested in...

Enable an additional Two Factor Authentication method.

Setting up a Two Factor Authentication Passphrase

Set up an Additional Passphrase as a Two Factor Authentication Method

Setting up an Authenticator App.

Set up an Authenticator Application as a method of Two Factor Authentication

Managing my Personal Two Factor Authentication Settings

Managing Two Factor Authentication Settings

Resetting another users' Two Factor Authentication Settings

Sometimes it is necessary for a site Administrator to reset a user's Two Factor Authentication settings so they can reset them this may be necessary if they have lost their mobile device. Instructions for a Site Administrator reset of a user's Two Factor Authentication Setting