Two-factor authentication (2FA) at sign-in is active for all brightwheel accounts (administrators, student contacts, and staff). We are excited to be the first in the early education industry to add this extra layer of security to protect your information!

We’d like to address common questions surrounding 2FA to help you feel confident and prepared for this change.

No! 2FA is only initiated if you are logged out, so this is likely not something you will see in your day-to-day when accessing your brightwheel account.

Note: If you are using Room Device Mode at your program, please keep in mind that exiting this mode also signs you out and when signing in again, you will experience 2FA.

The code will be sent to whichever credential you are using to log in at the moment. For admins and staff, email is the sole method used to access an account and the code will be sent there. Student contact accounts can be accessed using an email address or phone number, so the code will be sent to whatever method is being used at that moment to log in. This is a standard security practice when using 2FA, as a necessary precaution to keep your account secure.

A new and unique 6-digit code will be sent each time you sign in to the brightwheel mobile or web app. Remember, the code will expire after 10 minutes.

Note: The only time we will send you the same verification code is if you click the ‘Resend code’ option in the 2FA sign-in process.

Staff members using shared admin credentials will not be able to get into the account unless they have access to the email being used to sign in or you share the code with them.

For account security purposes, we do not recommend this approach. As an alternative, please see our Shared Devices resource to learn more about options available to set up staff member accounts and avoid the risks associated with shared logins. Additionally, if you need these staff members to have administrator access, you can enable that for them by following our Enable Admin Permissions resource.

Ensuring that you have direct access to the username you're using to log in (email address or phone number) is essential to making the 2FA experience seamless.

Additionally, we suggest turning on Daily Reports on your parent account to be automatically emailed a summary of your child’s feed each day and using a password manager plug-in on your web browser or saving your credentials on your phone. This way, you won’t need to type the username and password each time you need to log in!

There are some features, like check-in as a parent and logging activities as an admin, that must be completed on the mobile app. And there are also some features like running reports as an admin that are only available on the web. We understand that every program uses brightwheel in a specific way, but depending on your setup, you could also try:

While these suggestions may not be relevant all of the time depending on the features you need to access, they could help to make the need to log in and out less frequent.

Yes, you have the option to opt-out from your account on the web. Having said this, we are strongly encouraging everyone to use 2FA as an industry-accepted best practice security measure. To learn more about opting out, please see our Opt-out of 2FA at Sign-in resource.