There are many reasons schools struggle to successfully implement multifactor authentication. MFA, often a vital component of an organization’s security strategy, is a key protection in a zero-trust environment. It falls under the zero-trust pillar of identity, and it can help safeguard schools from costly cyberattacks.
Still, while MFA is necessary for keeping schools safe from cyberthreats, there are also many barriers to its use in K–12 settings. Students either don’t have phones or aren’t allowed to use their phones at school. Staff may refuse to use their personal phones for school-related business. In some cases, students and their families may lack the necessary connectivity at home for MFA processes.
Click the banner below to explore how CDW’s zero-trust solutions can secure your school.
While these might seem like insurmountable obstacles to using MFA in a K–12 environment, there are still ways to put in place this crucial security layer.
One of the most common methods of authentication at log in is to receive a code on your smartphone. However, there are other tools schools can use. This helps in instances where staff and students don’t have the option of using their phones.
One method that schools can employ is passwordless authentication. This frequently uses biometric authentication and could require a fingerprint or face recognition. Fingerprint sensing technology isn’t available on all school devices, however. And while this may be a great option for authenticating staff, some parents won’t consent to students’ faces being used for this security feature.
There are also ways to authenticate via social media; for example, Google Workspace uses YouTube to sign users in.
Hard tokens and soft tokens are other potential authentication methods. When considering USB drive hard tokens, IT departments should first ensure users’ devices have USB ports.
However, with the right hardware, hard tokens are ideal for staff members that don’t want to use their personal phones.
Schools using this MFA solution should train users on how to keep their hard tokens safe. It’s best to have a policy in place where the user is responsible for the cost of replacing a lost token.
DISCOVER: Go beyond authentication in identity and access management.
Private, independent and charter schools face many of the same barriers to MFA as public schools. However, a common problem for these schools is their significant population of international students.
If these students brought their own smartphones to the U.S. and are communicating by relying on Wi-Fi and messaging apps, then text messages triggered by authentication could be costly. Conversely, if the student acquires a U.S.-based phone, the messages originating in the U.S. for authentication could incur costs for the students — or the school — when student return abroad over breaks.
On top of that, there is sometimes the added challenge of language barriers for students and their families.
MORE ON EDTECH: What is the role of artificial intelligence in K–12 schools?
In these instances, authentication software can help. Microsoft’s Authenticator and Okta are examples often used in school districts for staff and students. Not only will they often download or display in a student’s native language, but they also function via Wi-Fi, eliminating messaging fees.
One extremely important element of multifactor authentication is training. As with any new security feature or educational technology, a lack of training will render any well-intended MFA solution useless.
If users don’t adopt it, it won’t work. It doesn’t matter what IT puts on someone’s computer. If there’s a lack of buy-in, it’s going to become a thorn in everybody’s side.
Districts must stand firmly behind their new security measures, and they must help users understand the importance of protecting their data and identities.
This article is part of the ConnectIT: Bridging the Gap Between Education and Technology series.
![[title]Connect IT: Bridging the Gap Between Education and Technology](http://www.edtechmagazine.com/k12/sites/default/files/articles/2014/05/connectit.jpg)
New research from CDW can help you build on your success and take the next step.
Copyright © 2025 CDW LLC 200 N. Milwaukee Avenue, Vernon Hills, IL 60061
Do Not Sell My Personal Information
