Two-factor authentication (2FA) at sign-in is active for all brightwheel accounts (administrators, student contacts, and staff). We are excited to be the first in the early education industry to add this extra layer of security to protect your information!

We’d like to address common questions surrounding 2FA to help you feel confident and prepared for this change.

No! 2FA is only initiated if you are logged out, so this is likely not something you will see in your day-to-day when accessing your brightwheel account.

Note: If you are using Room Device Mode at your program, please keep in mind that exiting this mode also signs you out and when signing in again, you will experience 2FA.

The code will be sent to whichever credential you are using to log in at the moment. For admins and staff, email is the sole method used to access an account and the code will be sent there. Student contact accounts can be accessed using an email address or phone number as long as it is listed and authenticated on the account, so the code will be sent to whatever method is being used at that moment to log in. This is a standard security practice when using 2FA, as a necessary precaution to keep your account secure.

A new and unique 6-digit code will be sent each time you sign in to the brightwheel mobile or web app. Remember, the code will expire after 30 minutes.

Note: The only time we will send you the same verification code is if you click the ‘Resend code’ option in the 2FA sign-in process.

Staff members using shared admin credentials will not be able to get into the account unless they have access to the email being used to sign in or you share the code with them.

For account security purposes, we do not recommend this approach. As an alternative, please see our Shared Devices resource to learn more about options available to set up staff member accounts and avoid the risks associated with shared logins. Additionally, if you need these staff members to have administrator access, you can enable that for them by following our Enable Admin Permissions resource.

Users can sign in to both an admin and parent account from one device with Account Switching! Account Switching allows for easy transition between multiple accounts without requiring a 2FA code when toggling between the two. Please visit our Help Center resource Using brightwheel as a Student Contact and Staff Member for steps on how to login to two accounts on one device.

Yes, you have the option to opt-out from your account on the web. Having said this, we are strongly encouraging everyone to use 2FA as an industry-accepted best practice security measure. To learn more about opting out, please see our Opt-out of 2FA at Sign-in resource.