How to enable Two-Factor Authentication (2FA) for Staff Login in openSIS
Overview
To improve account security and protect sensitive school data, openSIS supports Two-Factor Authentication (2FA) for staff logins. When enabled, staff members must verify their identity using a one-time password (OTP) sent to their registered email address during login.
This article explains how to enable 2FA, how it works, and important behavior rules to be aware of.
Where to Enable Two-Factor Authentication
Two-Factor Authentication is configured at the school level.
Navigation Path:
Settings → School → Preferences
From this screen, administrators can enable or disable 2FA for staff users.
How Two-Factor Authentication Works
Once 2FA is enabled:
A staff member logs in using their email address and password.
An OTP (One-Time Password) is sent to the same email address.
The staff member must enter the OTP to complete the login process.
Without successful OTP verification, access will not be granted.
OTP Delivery Method
OTPs are sent via email
The email used is the staff login email address
OTPs are valid for users until newly generated or correctly validated
If the OTP expires, the user must attempt login again to receive a new OTP.
Staff Enrolled in Multiple Schools
If a staff member is enrolled in multiple schools within openSIS:
The Home School’s preference determines whether 2FA is enforced
If the Home School has 2FA enabled, OTP verification will be required
If the Home School does not have 2FA enabled, OTP verification will not be required—even if other schools have it enabled
This ensures consistent login behavior for staff users across schools.
Trust This Browser (60-Day Option)
After successful OTP verification, staff users can choose to trust their browser.
How this works:
When “Trust this browser” is selected after entering the correct OTP
The system will not prompt for 2FA again on that browser for 60 days
This applies only to the same browser on the same device
When 2FA Will Be Required Again
2FA will be prompted again if:
60 days have passed
The user logs in from a new browser or device
Browser cookies or local storage are cleared
Important Points to Remember
2FA applies to staff logins
OTPs are sent to the registered login email
The Home School setting controls 2FA behavior for multi-school staff
Trusted browsers remain valid for 60 days
This feature enhances security without disrupting daily workflows
Terminology Note
Need Help?
If you experience issues receiving OTP emails or have questions about enabling Two-Factor Authentication, please contact your school administrator or the openSIS support team.
Related Articles
How to Add a Staff Member to Multiple Schools in openSIS
In openSIS, administrators can assign staff members to multiple schools, allowing them to manage their duties across different institutions. Follow these simple steps to add a staff member to multiple schools. Step-by-Step Instructions: Access Staff ...How to Turn On (Grant) Student Portal Access in openSIS
openSIS allows students to access their schedule, grades, attendance, assignments, and school messages through the Student Portal. To enable this access, you must grant portal access directly from the student’s record. Follow the steps below to turn ...Add a School
Add New School After logging in to openSIS you can create a new school. Click on the '+' button on the top right corner of the page Here you will find options to create a new school, new student, new staff, a new event in the calendar, and notices ...How to Copy a School in openSIS
Copying a school in openSIS is a useful feature that allows you to quickly create a new school by duplicating the setup and configurations of an existing one. This can save you time and ensure consistency across multiple schools within your ...Moodle Integration Settings in openSIS
To start using the bi-directional integration feature of openSIS and Moodle, you have to set it up first. Navigate to Main Menu>>LMS>>LMS Settings . The first thing you will notice is this information bar. As it is mentioned here, the openSIS + ...