Overview
To enhance the security of access to Compass at your school, you can enable Two Factor Authentication. This will require your users to confirm their identity via email or SMS when logging in to your school's portal.
Please note: If your portal has SAML/SSO enabled, a banner will display above the page to advise you that the Compass 2FA settings will not apply. All MFA settings should be applied in your SAML/SSO provider, and will automatically apply upon login to Compass.
To enable/manage the Two Factor Authentication settings, you will need the permission Configure which will give access to the Security Settings page which is located in the Administration Tools menu (under the cog menu icon).
Please refer to our
Permission article in the Knowledge Based for further details on assigning staff permissions.
Enabling Two Factor Authentication
To enable Two Factor Authentication (2FA) you will need to go to the cog menu icon in the top right of your Compass screen and click on Administration Tools. Within this menu, click on Security Settings.
To enable for Staff, tick the associated box.
To enable for Students, tick the associated box.
You can enable the methods you want the 2FA codes to be delivered via. You can also set the number of days before the user will be re-prompted for 2FA.
Click 'Save' at the bottom of the page to update your settings.
Enter any email domain you wish to blacklist from receiving 2FA codes; this will prevent them from accessing the system should they attempt to log in.
Login when 2FA is enabled
When 2FA is enabled, the user will go to their standard Compass portal login screen and enter their username and password. When they click 'Sign In' it will then prompt them that 2FA is enabled and they can then choose to have their Access Code issued via email or SMS.
When they receive the Access Code, they can enter it click 'Sign In' to proceed with their login.
Please note, if a user only has either an email or an sms on file, the access code will be issued by default to the type they have on file.