Multifactor Authentication (MFA)

Introducing Multifactor Authentication (MFA)

Multifactor Authentication (MFA) provides an additional layer of security to a district user account by requiring extra information or a physical device, in addition to your password, before granting access to a computer system.

By requiring two different channels of authentication, we can provide user accounts with additional protection from remote attacks that may exploit stolen usernames and passwords.

The factors may include:
Something you knowA unique username and password

Something you haveA smartphone with an app to approve authentication requests

San Diego Unified School District has partnered with Duo Security to provide MFA services for district user accounts.

Why do we need MFA?

Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords.

MFA enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.

Who is required to use MFA?

Any district employee within the following categories is currently required to utilize MFA. Additional categories may be added in the future.

  • Employees with district-wide and/or school-wide access to student information in PowerSchool

  • Employees with access to other employee’s personal information in Peoplesoft

  • Employees serving in certain management roles

  • All employees within the IT department

What district applications require MFA at login?

The following applications will require MFA when logging on. Only users within the categories identified will see the MFA prompt.

  • PowerSchool Admin (District-Wide Users Only)

  • PeopleSoft HCM (Select Users Only)

  • Office 365

  • District website and Staff Portal

  • Edgenuity

  • Google (Drive, Docs, YouTube, etc.)

  • Schoology

  • Career Cruising

  • Paradigm

  • SEAS

  • OSPS

  • Canvas

  • RELY

  • Hoonuit

  • Cherwell

  • Illuminate

  • Asset Panda

How will MFA change my login experience?

When logging in to an application that is protected by MFA, you will still enter your username and password. After inputting your login information, a Duo prompt will appear requiring you to approve a Duo Push notification or another method of multifactor authentication.

MFA does not replace or require you to change your username and password. Think of MFA as a layer of security added to your pre-existing login method similar to how many banks and other financial institutions require you to have a secondary authentication when accessing your personal account(s).