Two-Factor Authentication comes to Federal Student Aid

Did you know that more than ninety-thousand people have access to Post-Secondary School Federal Financial Aid network services? Yup. They do. This number encompasses all FSA users including personnel at schools, guarantee agencies, lenders, third-party servicers, call centers and everyone else at the Department of Education, their partners and their subcontractors. Together they service over thirteen million students and over thirty-million aid awards. And while aid administrators are generally a trustworthy bunch, FSA isn’t immune to the malicious threats which plague today’s digital world. The solution? Two-Factor Authentication.

What is Two-Factor Authentication? It’s simple, really. In order to access FSA websites like FAA Access to CPS, COD and NSLDS, users will have to use two passwords.

The first of the two “factors” is your FSA User ID and Password.

The second,  will be a one-time password generated by a token like the one depicted below. A new unique password will be generated each time a user attempts to gain access to one of the FSA system websites. Only “privileged users” of FSA network services will receive a TFA token. Just who is a privileged user anyway? Well if you are one of the more than ninety-thousand people working in Federal Student Aid, you are.

FSA - TFA Token

Last month Ed, began the phased distribution of tokens and token information to schools. While they planned an elaborate state by state deployment, Ed hasn’t been sticking to their stated schedule so it’s anyone’s guess as to when you’ll get yours. My bet, it’ll be happening sooner than you might expect.  Primary Destination Point Administrators and COD Security Administrators in group 4 and 5 on the chart below, have already begun receiving instructions from ED.

Token Deployment Schedule

Want to know more about Two-Factor Authentication? Check out the presentation from the 2011 FSA conference here: Two-Factor Authentication: Session #56

 

Advertisements