In this article
Update phone number used for SMS MFA
Sign in using SMS MFA (default)
Set up MFA with Authenticator App
Sign in using Authenticator App MFA
Note:
MFA is mandatory for all SchoolDay admin users.
To improve security for your admin account, set up Multi-factor authentication (MFA). MFA provides you with a more secure login process. It grants additional security if anyone other than you attempts to log in to your SchoolDay profile using your account.
To activate MFA for non-admin users, enable Passport Login.
Requirements
- Primary Admin permissions.
- Installing Google Authenticator, Microsoft Authenticator, Authy, etc., on a smartphone to use the Authenticator App MFA.
Available MFA factors
SchoolDay supports multiple authentication factors to help secure user accounts. You can enable one or more factors, depending on the level of protection needed.
- SMS Mobile phone: Requires a mobile phone or email. Users receive a one-time code and enter it with their password.
- Authenticator App (TOTP): Optional secondary factor. Requires a compatible app. Users enter the temporary code generated by the app along with their password.
Enable MFA
MFA is mandatory and enabled by default for all admin users. It combines the required SMS factor with an additional factor. When activated, you will have to go through a 2-step login process each time.
Update phone number used for SMS MFA
If you change your phone number, you need to update the number used for SMS authentication. This ensures you continue to receive one-time verification codes required for login. Since SMS is a required authentication factor, you cannot sign in if the registered number is no longer active.
- Go to the Connect > profile settings > My Profile.
- In the SMS section, click Edit.
- Enter your phone number and click Continue. You will receive a verification code on the provided phone number.
- Enter the verification code, and then click Verify.
Sign in using SMS MFA (default)
Note: SMS is the default MFA method and is required for all users.
- Go to https://sso.gg4l.com, select your organization, and enter your username and password, then click Sign In.
- (If first-time sign in) When prompted for MFA, enter phone number used for MFA.
- Enter the verification code, and then click Verify.
- (If first-time sign-in) Copy recovery codes and save them in a secure location.
Set up MFA with Authenticator App
To configure an authenticator app from your account settings:
- Go to the Connect > profile settings > My Profile.
- Turn on Authenticator App toggle.
- Scan the QR code displayed in your authentication app. Then, enter the code from the app for verification and click Verify.
- Copy recovery codes and save them in a secure location.
To set up an authenticator app during sign-in:
- Go to https://sso.gg4l.com, select your organization, enter your username and password, and then click Sign In.
- When prompted to enter phone number, click Set up Authenticator App.
- Scan the QR code displayed in your authentication app. Then, enter the code from the app for verification and click Verify.
- Copy recovery codes and save them in a secure location.
Sign in using Authenticator App MFA
- Go to https://sso.gg4l.com, select your organization, and enter your username and password, and then click Sign In.
- Enter the code from the app for verification and click Confirm.
Get recovery codes
Important: Save your recovery codes in a secure, memorable place.
If you lose access to your account, you can recover it using one-time recovery codes (for example, if you lost access to your mobile device).
- Go to the Connect > My Profile.
- Click Regenerate Recovery Codes.
- Copy recovery codes and save them in a secure location.
If you sign in using a recovery code, MFA is disabled immediately for your account. You’ll need to reconfigure your MFA factors the next time you sign in