Multi-Factor Authentication for Microsoft 365

Effective July 1^st, all Technology Directors and Technology Staff will be required to use MFA (Multi Factor Authentication) when signing into Office 365 and any related Office 365 SSO applications.   **This will only apply to sign ins that occur from outside of the K12 network.   

Effective October 1^st, all users who are categorized as high risk will be required to use MFA (Multi Factor Authentication) when signing into Office 365 and any related SSO applications.   The high-risk categorization is dynamically assigned by Microsoft based on user behavior or known indicators that the account may be compromised.    **This will only apply to sign ins that occur from outside of the K12 network.   

It is highly recommended that all staff members register at least one MFA method (such as Authenticator App, Text Message, Phone Call, etc.) prior to these dates to avoid disruption when they are required to complete an MFA step while logging in outside of the K12 network.  Multiple methods can be setup and are recommended so that if one method is not available then an alternate method can be used to get into the account. 

**THE EPIC OFFICE AND OTHER FACILITIES THAT HOUSE EPIC PROGRAMS ARE NOT ON THE K12 NETWORK**

Currently, there are no plans to enforce MFA on Student accounts.  

To address potential spam issues with Student accounts, @stu.k12.wv.us will be limited to sending 50 emails per hour.   If this threshold is met, their account will be restricted per the standard Outbound Restricted Senders protocol and a notification will be sent to the appropriate county staff.