- Clint Independent School District
- Multi-Factor Authentication
Technology and Information Services
Page Navigation
- TIS Tech Team
- Student Information Services (PEIMS)
- Infrastructure Services
- Enterprise Information Services
- Instructional Technology Services
- Technical Assistance Center (FKA HelpDesk)
- Technical Services
- Technology Quote Request Form
- Cybersecurity
- Incident IQ
- WIFI Hotspots
- Multi-Factor Authentication
- Google 2-Step Verification
- Change Password
- Organizational Chart
- S2Q (Skyward SMS 2.0 to Qmlativ)
- Internet Safety Plan
- Technical Documentation
Multi-Factor Authentication (MFA)
-
What is MFA? MFA is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted computer system. Multi-factor authentication enhances the security of your account by requiring you to provide two or more verification factors before gaining access. This extra layer of protection significantly reduces the risk of unauthorized access and safeguards confidential information.
Why MFA? The education sector as a whole is cyber attacked daily. It only takes one compromised user account to make the district a victim of ransomware. Implementing MFA makes it more difficult for a threat actor to gain access to information systems, such as remote access technology, email, and financial systems, even if passwords or PINs are compromised through phishing attacks or other means. Adversaries are increasingly capable of guessing or harvesting passwords to gain illicit access. Password cracking techniques are becoming more sophisticated and high-powered computing is increasingly affordable. In addition, adversaries harvest credentials through phishing emails or by identifying passwords reused from other systems. MFA adds a strong protection against account takeover by greatly increasing the level of difficulty for adversaries.
How does MFA Work? MFA requires users to present two or more authentication factors at login to verify their identity before they are granted access. Each additional authentication factor added to the login process increases security.
A typical MFA login would require the user to present some combination of the following:
- Something you know: like a password
- Something you have: like a cellphone or land line telephone
- Something you are: like a fingerprint, face scan, palm print, or voice recognition
For example, MFA could require users to insert a debit card into a card reader (first factor) and then enter a PIN (second factor). An unauthorized user in possession of the card would not be able to log in without also knowing the pin; likewise, the pin is useless without physical access to the card.
When does MFA enforcement begin? MFA enforcement has already begun. Users will be able to skip the prompt a few times, before they will be required to establish MFA. Users who do not setup MFA will not be permitted to sign on.
Who does MFA apply to? All district staff who have been issued credentials (username, email address & password) are required to set up MFA.
Implementation Details: District staff do not have to wait for enforcement to begin. Staff are encouraged to initiate this process as promptly as possible prior to enforcement of their accounts. Instructions on setting up MFA are listed on this page.
Steps to Set Up MFA
-
Step 1. On your mobile phone, download and install the Microsoft Authenticator app.
- Search for the app in the Google Play Store or Apple App Store.
- Use the button or QR code below from your mobile to get the app.
On an Android device, click the button below or scan the QR code from your cell phone.
On an iOS device, click the button below or scan the QR code from your iPhone.
Step 2: Setup the Authenticator App
- Select (+) in the upper right corner of the app
- Add your Clint ISD Microsoft Account
Step 3: Add MFA to your Clint ISD Microsoft Account
Option 1:
- Click here to take you right to MFA setup: http://aka.ms/mfasetup
- Sign in with your Clint ISD email address and password.
- Add a default sign-in method (Microsoft Authenticator)
- Scan the QR code with your app.
- Add additional sign in methods, such as your mobile phone (call or text), or office phone (call only)
Option 2:
- Sign into: https://myaccount.microsoft.com
- Under Security Info, click on UPDATE INFO
- Add a default sign-in method (Microsoft Authenticator)
- Scan the QR code with your app.
- Add additional sign in methods, such as your mobile phone (call or text), or office phone (call only)
Questions and Answers
-
What does the app do? What information does it collect?
-
Do I have to use my personal cell phone?
No, you do not have to use your personal cell phone. You can set up an office phone to be called to verify it's you. However, if you are away from the office phone (working from home, at a conference or training, etc.) you will not be able to receive the call to authenticate you, and you will not be able to login.
Staff that have been issued a district cellphone, can use their district phone or personal phone for MFA.
Staff without a district cellphone can use their personal cell phone, an android device, or ipad.
The Microsoft Authenticator App is the preferred method of establishing MFA. Once downloaded and configured, the app does not require a data connection or a cellular plan (Will not use data or minutes in this method). The App does not allow the district or anyone to view your data, pictures, apps, location or any other information on your device. It's only used to prove it is you trying to login.
-
Who can help me set up MFA?
Follow the steps listed on this website to setup MFA.
If you need more assistance:
Campus staff can contact the campus Technology Coach for assistance.
District staff can come to the Technology and Information Services office. Anyone in the office can assist.
-
What if I lose my Phone?
If you lose your phone, you should contact the Enterprise Information Services team right away.
send an email to eis@clint.net or call 915-926-4104 and ask for the EIS team.
We can remove the phone from your account.