Two-Step Authentication for CampusLogic's solutions adds an additional step during login - a one time use security code - is sent to an email address or mobile phone the user has defined. This way if a password is compromised the account is still not accessible. CampusLogic's Two-Step authentication process can be set up for different user groups - students, parents, and/or staff. Assuming your institution has configured the feature in PlatformManagement, the following outlines how the process works. Institutions can choose to use Two-step authentication with single sign-on (SSO) or direct sign-on (DSO) and can activate it even when general texting/SMS functionality is not active.
When a user creates an account the following prompt will be provided:
- The user then selects the preferred method to receive the one-time use code for authentication Email or SMS Text, then selects save.
- The student enters either email or phone number dependent upon option chosen in previous step, then selects save.
- The system will automatically generate the one-time use code and send it to the designated email or to the user's cell phone:
- The user enters the code and clicks Verify.
Based on your institution's configuration the user may have the ability to identify the computer or mobile device as "Trusted" and subsequent logins will not require the second step in the process. Trusted devices do require re-authentication every 6 months.
If the code expires before the user has logged in the user can obtain another code by clicking Resend Code.
Managing Two-Step Preferences
Once in the settings screen, the user selects Two-Step Authorization on the left or the edit button for Two-Step Communication.
- Change the preferred Communication Type (email or SMS)
- Remove Trusted devices from their profile
Once all changes have been made, the user selects Save Settings.