Multi-Factor Authentication

SameGoal has long supported multi-factor authentication through the use of single sign-on/OIDC, but we are excited to announce that we now also offer email-based multi-factor authentication for users that do not use single sign-on/OIDC.

How it works: When a user needs to reauthenticate, after they provide their login information, SameGoal will send a verification code to their account email, and they will be prompted to provide their verification code before they can log in.

This will be turned on for all districts automatically on July 1st and will be required after that. However, the feature is available now for districts that wish to opt-in early.

To enable multi-factor authentication:

1. When logged in as an administrative user, navigate to Settings > District Information.
2. Scroll down to the Multi-Factor Authentication (MFA) section.
3. Change the required interval to something other than Never to turn on MFA and determine how often users will need to reauthenticate.
   • This reauthentication interval is per device.

When MFA becomes required for all districts this summer, the required interval will be set to Monthly for districts that do not already have the feature enabled.

If your district chooses to enable MFA early, please communicate this change with your users.