Authentication (Single and Multifactor)

Authentication (single and multifactor) is a mechanism that an electronic system uses to identify and validate the identity of users with the required degree of confidence that the user is who he or she purports to be. Authentication is accomplished through the use of one or more “factors,” which correspond to things that the user knows (like a password), something that they possess (like a security token), or something they are (like a fingerprint). Authentication should not be confused with authorization, which is the process of granting individuals access to system resources based on their identity. More guidance is available on identity credentials from the National Institute for Standards of Technology publication NIST SP 800-103.

Additional information is available in the PTAC publication Identity Authentication Best Practices.

Featured Resources

A Parent Guide to the Family Educational Rights and Privacy Act (FERPA)

The Family Educational Rights and Privacy Act or FERPA provides certain rights for parents regarding their children’s education records. This guide provides general information on a parent’s rights under FERPA.

An Eligible Student Guide to the Family Educational Rights and Privacy Act (FERPA)

The Family Educational Rights and Privacy Act or FERPA provides certain rights for parents regarding their children’s education records. When a student reaches 18 years of age or attends an institution of postsecondary education at any age, the student becomes an “eligible student,” and all rights under FERPA transfer from the parent to the student. This guide provides general information on an eligible student’s rights under FERPA.

Protection of Pupil Rights Amendment (PPRA) General Guidance

This guidance document reviews parents’ rights under the PPRA and education officials’ obligations in implementing the PPRA. The PPRA applies to the programs and activities of a State educational agency (SEA), local educational agency (LEA), or other recipient of funds under any program funded by the U.S. Department of Education. (20 U.S.C. § 1232h, 34 CFR Part 98)

SPPO-21-01

Mobile complaint link