Two-factor authentication (2FA) at sign-in is active for all brightwheel accounts (administrators, student contacts, and staff)! We are excited to be the first in the early education industry to add this extra layer of security to protect your information!

We've prepared an overview of this change, why we're doing it, and what to expect in this resource below.

Two-factor (2FA) authentication is a recognized best practice for security. It’s designed to make sure that you’re the only person who can access your account by requiring two different forms of verification, instead of just a single password.

In brightwheel's 2FA sign-in process, you will be required to verify your identity using your login credentials and also by providing a unique 6-digit code that is sent to your email address or phone anytime you need to log in.

We invest heavily in the security and reliability of the brightwheel platform. This is the next step in our ongoing commitment to improve and protect your brightwheel account and information. Enabling 2FA during the sign-in process will add an extra layer of protection to your account and improve the overall security of your information on our platform.

Opting out of 2FA is an option, however, we are strongly encouraging everyone to use 2FA as an industry-accepted best practice security measure. To learn more about opting out, please see our Opt-out of 2FA at Sign-in resource.

All brightwheel accounts (administrators, student contacts, and staff).

As long as you are on the most up-to-date app version, each time you are required to log in, you will be prompted to provide the unique 6-digit code sent to the email address or phone being used to log in.

For admins and staff, this code will always be sent to your email. For student contacts, the code may be sent to your email or phone, it will be dependent on what method you are using to log in.

Please Note: If you are a student contact that is based internationally, you will not be able to add your phone number to your account as a method you can use to log in and we are unable to deliver SMS messages internationally. Therefore, it's vital you ensure your email address on file is up to date.

Staff members using shared admin credentials will not be able to get into the account unless they have access to the email being used to sign in or you share the code with them.

For account security purposes, we do not recommend this approach. As an alternative, please see our Shared Devices resource to learn more about options available to set up staff member accounts and avoid the risks associated with shared logins. Additionally, if you need these staff members to have administrator access, you can enable that for them by following our Enable Admin Permissions resource.