Multi-Factor Authentication (MFA)....NOW????

John Ronan
John Ronan
Tenth Anniversary Kudos 3 Name Dropper Participant
in Blackbaud Enrollment Management System™

Is anyone else seriously inconvenienced by BB's recent declaration that they're mandating multi factor authentication now?

This is problematic for us, and I'm sure other schools because:

  • We are in the midst of BBID rollover
  • We are in the midst of end-of-year activities
  • Email Fatigue - If we introduce yet another “ya gotta do this!” email to our parents, they're going to be confused because of all the other [required and time-sensitive] emails they've been getting. [our communications director strongly recommends avoiding this!]

Please weigh in and maybe, if it makes sense [to others], BB will time this better.

Comments

  • Kathy Hannon
    Kathy Hannon
    Tenth Anniversary Kudos 5 K-12 Fall 2025 Product Update Briefing Badge Name Dropper

    MFA - this doesn't apply to the Enducation Suite only to users of RE & FE & Church management

  • Jonathan Tepper
    Jonathan Tepper
    Eighth Anniversary Name Dropper Participant Facilitator 1

    In addition to the Blackbaud's BB ID, it was announced Blackbaud will be enforcing Two-Factor Authentication (2FA) for users with elevated access to their systems (https://lnkd.in/g__SyZ34).

    The 2FA requires the end user to have a mobile device, where Blackbaud 2Fa provider will send a text or require to use a 2FA app. While we applaud Blackbaud steps in taking security seriously, what does this mean for organizations that do not provide mobile devices to their employees? What does it mean for organizations that do not endorse or advocate the use of personal devices for their employees? If an organization does, do they have have a policy in place? If so, is the organization accounting for renumeration, compliance, and monitoring of personal devices?

    Because Blackbaud's 2FA does not offer other established alternatives such as allowing the organization enforce 2FA with their native soltuion (my organization does this), offer phone call 2FA solution or 2FA security keys, this seems to create two issues.

    1) Incuring additional (hidden) costs to the organization (e.g. providing organization owned mobile devices, renumeration for personal devices, AMM software, etc.)
    2) If endorsing personal devices, there is a perception of deminished Privacy for employees and boundries between work life expectations.

    When we tested Blackbaud's 2FA it is an added layer to our existing 2FA authentication. This is disappointing. Did anyone in this community concluding the same or have a different perspective? In response to John's post, @Kathy Hannon We use FE and RE NXT as well as K12 solutions - it certainly applies to us.

  • Boyd Reilly
    Boyd Reilly
    Ninth Anniversary Kudos 3 Name Dropper Participant

    Question about this. We authenticate via Google which already has 2-factor authentication turned on. Will users still need to do MFA for RE?

    Thanks.

    Boyd

  • Kathy Hannon
    Kathy Hannon
    Tenth Anniversary Kudos 5 K-12 Fall 2025 Product Update Briefing Badge Name Dropper

    @Jonathan Tepper I am now confused - in BB's kb 119213 that was sent with the notification email it states

    "Is this requirement going to impact my SSO connection?
    No, organizations that are already enrolled in using Single Sign-On for their users are not impacted by this enforcement change."

  • Trudy Howard
    Trudy Howard
    Ninth Anniversary Kudos 1 Name Dropper Facilitator 1

    No, you won't - from what I understand after attending the webinar.

Categories