Multi-Factor Authentication (MFA) - Part 2
This information only applies to users who have one of the privileged roles mentioned below...
Due to the access staff with privileged roles in NCEdCloud have to student and employee data (this includes LEA Administrators, LEA Data Auditors, LEA Help Desk, and LEA Student Help Desk), NCDPI is requiring Multi-Factor Authentication (MFA) when logging in. This requires the use of a Time-based One Time Password or OTP with every login to NCEdCloud.
In May, NCDPI rolled out Part 1 of MFA for LEA Administrators and LEA Data Auditors. On November 7, 2019 NCDPI will require staff with LEA Help Desk and LEA Student Help Desk roles to use a One Time Password (OTP) when logging in.
Webinars on MFA (see Sidebar) will be held on October 15th and 31st, 2019 to review the process and answer any questions. FAQs on Multi-Factor Authentication and One-Time Passwords are in their own Category on the NCEdCloud FAQ Page.
Instructions for setting up Authentication Apps
To prepare for setting up your One-Time Password to access the NCEdCloud IAM Service you will need to download one of the following authentication applications to your mobile device or computer. Decide which application you will be using (e.g. Google Authenticator, RapidIdentity, Authy Desktop) and select the appropriate instructions from below. Links to the applications are included in each set of instructions. NOTE: Until November 7th, staff with LEA Help Desk and LEA Student Help Desk will not be able to configure the One-Time Password in NCEdCloud.
- Setting up your OTP with Google Authenticator
- Setting up your OTP with RapidIdentity
- Setting up your OTP with Authy Desktop
In preparation for this implementation, we encourage LEAs and charter schools to review the list of staff members that currently have LEA Help Desk or LEA Student Help Desk roles to ensure that these roles are still required. The process is explained below.
Managing Users with Privileged Roles
[Note: The commands require an LEA Administrator role to execute. If you are from a Charter School without an LEA Administrator and are entitled to request this role, please follow the instructions on the Privileged Roles page.]
If you are not familiar with how to check who has privileged roles in your LEA or Charter School, the process will require an “advanced search” under your Profiles tab in NCEdCloud. An instruction sheet is provided below, as well as documentation on Revoking privileges and Resetting the OTP.
- Finding Users with Privileged Roles in NCEdCloud
- Revoking Privileged User Roles
- Resetting the MFA One-Time Password (OTP) for Privileged Users