At SLP Toolkit, security is our top priority! While working in the app, you will notice Two Factor Authentication (2FA) integration, which adds an extra layer of protection to your student data. Two-factor authentication not only prevents unauthorized access but also enhances the overall integrity of the system by requiring both a password and a time-sensitive code.
How does 2FA work?
When you create a new account or to log into a current account, the system will send you a one-time code (OTC) via email that is valid for 15 minutes.
Click on the link in the email and enter the one-time code, and you're all set!
Please note: For detailed information about 2FA challenges and resolutions, as well as other security procedures, you can visit our website here.
Common 2FA Challenges and Their Causes
1. Codes Sent to a Single Email Address in Shared Use Scenarios
If multiple staff members attempt to use a personal SLP Toolkit account, all 2FA codes will be sent to the single email tied to that account.
Cause: Personal subscriptions are intended for individual use and only allow sign-ins from up to two devices. Multi-user setups can lead to conflicts, risking account instability and data corruption.
2. Frequent 2FA Code Prompts
Some users experience repeated requests for 2FA codes.
Cause: This can result from switching devices or browsers, or using organizational VPNs or web filters that disrupt session persistence.### Solutions to Manage 2FA Challenges
1. Adopt a District Account for Multi-User Access
For scenarios where multiple staff members require access, switching to a district account is recommended. District accounts come with additional features:
Centralized user management tools.
The ability to disable 2FA for staff directly via the user management dashboard.
Support for multiple users without risking account corruption.
2. Minimize Reauthentication Requests
To reduce how often 2FA codes are required:
Use the same device and browser consistently.
Avoid logging out or closing the browser tab for ongoing sessions.
Codes are typically valid for 30 days per device/browser, so maintaining session stability helps.
If your organization uses a VPN or web filter, ask your IT team to whitelist the necessary SLP Toolkit URLs to prevent forced re-authentication.
3. Collaborate Without Sharing Credentials
Instead of sharing login credentials, make use of SLP Toolkit’s built-in sharing features. For example, you can share your caseload with collaborators directly through the platform, maintaining both security and usability.
Questions? Start a chat in the app or email hello@slptoolkit.com.

