In today’s digital age, security is more important than ever, especially when it comes to managing your sensitive data. That’s why we’re excited to introduce two powerful new features to EDMISS: Multi-Factor Authentication (MFA) and Enhanced Password Policies.
These additions are designed to provide an extra layer of protection for your system data, ensuring that only authorized users have access.
Multi-Factor Authentication
Multi-Factor Authentication (MFA) is a security mechanism that requires users to provide two or more verification factors when they log in. One factor is something the user knows, such as their username and password. Other factors include something the user has such as an authenticator app on a mobile phone or a security code on their email or phone.
By adding additional factors to verify the users’ identity, MFA makes it harder for common threats to succeed.
Why is MFA Important?
Passwords alone are no longer enough to protect against the sophisticated cyber threats we face today. MFA significantly reduces the risk of unauthorized access, even if a password is compromised. By requiring a second form of verification, MFA ensures that the access to your data remains secure.
How Does MFA Work in EDMISS?
Implementing MFA in our Student Management System is straightforward and user-friendly.
Here’s how it works:
- Login Attempt: When a user logs in, they will enter their username and password as usual.
- Verification Prompt: After entering the correct password, the system will prompt the user for a second form of authentication. This could be a code sent to their email or a code from an Authenticator app installed on their mobile phones.
- Access Granted: Once the second form of authentication is successfully completed, the user is granted access to the system.
What MFA Methods are Available?
We understand that convenience and accessibility are crucial when implementing new security measures. That’s why we offer two methods for Multi-Factor Authentication (MFA): Email Verification and an Authenticator App:
- Email Verification (available in EDMISS Classic and Next Generation): After users enter their username and password, they will receive a short-lived code sent to their email address. They must enter this code before it expires to complete the authentication process.
When this method is enabled, MFA will be enforced for the entire organization (users cannot opt-out individually).
- Authenticator App (only available in EDMISS Next Generation): With this method, after users successfully enter their username and password, users need to get a code from their authentication app of preference and enter it to complete the authentication process.
This is an opt-in method that users need to enable and set up individually.
When enabled, this method takes preference over the email verification method (if enabled).
Trusted Devices
To enhance user convenience while maintaining security, when MFA is enabled (email verification) users can mark their devices as “trusted.” This means that once a device is trusted, users can skip the MFA process on that device for a period defined by the system administrator.
Enhanced Password Policies
Alongside Multi-Factor Authentication, we are also introducing enhanced password policies to further safeguard your data.
These policies include:
- Minimum Length Requirements: Ensures that all user passwords meet a required length
- Password Complexity Requirements: Mandates the use of varied character types in user passwords
- Password Expiration: Enforces regular changes to user passwords after a specified period
These policies can now be customized by the system administrator to better align with their organization’s specific needs.
These policies apply to all administrative users and teachers using EDMISS Classic, EDMISS Next Generation and EDMISS Teacher Portal.
Getting Started with MFA and Enhanced Password Policies
Setting up these new security features is easy, follow these links for the details.
EDMISS Classic (Desktop version)
EDMISS Next Generation (web version)
Preparing your Users for Multi-Factor Authentication
If you are enforcing MFA (email verification), ensure all your users have a valid email address that they can access during their login process. If they do not have a valid email address or cannot access it during the log in process, they will be unable to complete the authentication process.
