Securing Australian schools with deviceless MFA
IN Partnership with
Digital identity breaches are rising, putting school communities at risk. Learn how Clever is building a digital fortress around Australian schools with classroom-friendly security that’s built for educators
More
As school leaders navigate the growing complexities of modern education, digital identity security has emerged as one of the most pressing challenges.
�Every minute a student spends struggling to log in is a minute of learning lost – a silent tax on their education. But the cost of a fragmented digital system runs far deeper than frustration. According to the Annual Cyber Threat Report 2024–25 from the Australian Signals Directorate (ASD), identity fraud continues to be the most common cybercrime type reported by Australians. In an era in which cyber threats are escalating and identity fraud is rampant, the very systems meant to facilitate learning are leaving students’ sensitive information perilously exposed.
For principals and school leaders, this is a leadership challenge that cuts to the core of their mission. Protecting digital identities has become as critical as ensuring physical safety, demanding �
Clever is on a mission to connect every student to a world of learning. As the leading identity platform for education, Clever is used by more than 110,000 schools worldwide to power secure digital learning experiences. With Clever’s layered security solutions, schools can protect access and identities for all staff, teachers and students. With a secure identity platform for schools and a network of leading application providers, Clever is committed to advancing education with technology that works for students everywhere. Clever, a Kahoot! company, has an office in San Francisco, US, but you can visit us at clever.com/anz anytime.
“Unfortunately, we have seen that digital identities are at risk in Australian schools. In fact, we’ve seen that one in four school organisations has already experienced a cyberattack involving student data”
Derek Devine,
Clever
vigilance and creating strong systems and a culture of digital trust. The question is no longer if schools will be targeted but how they will build the unshakeable foundation needed to protect every child.
Enter Clever – founded in 2012 by educators and technologists committed to solving critical integration challenges in education that block learning. Recognising the gaps in schools’ digital identity security, they set out to build a platform to streamline educational technology.
�Today, Clever is described as the leading identity platform for education, trusted by more than 110,000 schools worldwide and a network of over 1,050 application partners. �
Share
Published 03 Nov 2025
Share
Subscribe
best in education
Events
Resources
technology
business
tv
News
K/12
Higher Education
Copyright © 2024 KM Business Information Australia Pty Ltd.
Companies
People
About us
Privacy
Terms of use
Terms & Conditions
Contact us
RSS
K/12
Higher Education
K/12
Higher Education
Subscribe
Best in Education
Events
Resources
technology
business
TV
News
Copyright © 2024 KM Business Information Australia Pty Ltd.
Companies
People
About us
Privacy
Terms of use
Terms & Conditions
Contact us
RSS
K/12
Higher Education
K/12
Higher Education
Subscribe
Best in Education
Events
Resources
technology
business
TV
News
Copyright © 2024 KM Business Information Australia Pty Ltd.
Companies
People
About us
Privacy
Terms of use
Terms & Conditions
Contact us
RSS
K/12
Higher Education
“With a unified digital identity platform, students log in safely and instantly – no password resets, no delays”
Derek Devine,
Clever
A unified identity strategy for schools �With in-country expertise, Clever is actively helping Australian schools protect digital identities in compliance with cyber insurance requirements and Essential 8, using deviceless multi-factor authentication (MFA). It also simplifies access for students of any age and ability with authentication designed for schools. Clever joined Australia’s Safer Technology for Schools program in 2023.
�“Unfortunately, we have seen that digital identities are at risk in Australian schools,” Derek Devine, Clever’s director of international markets, tells The Educator. “In fact, we’ve seen that one in four school organisations has already experienced a cyberattack involving student data.” �
Devine says a secure identity foundation is key for safe, fast learning for every student.
�“Digital identities unlock devices, provide access to schedules, grades and attendance, and open the door to endless learning opportunities,” he says. “With a unified digital identity, the right people have secure access to the right resources.” When student identities are compromised, the effects ripple far beyond the school day: families are left vulnerable and educators overwhelmed, while students may face long-term consequences like identity theft or limited access to essential services later in life.
Advanced authentication for every student�One way that schools can ensure the right users have the right access to their systems while complying with Australian government requirements and cyber insurance requirements is with multi-factor authentication, says Devine.
�“In Australia today, all MFA options rely on mobile phones, which is impractical and often banned in schools,” he says. “Clever fills the void with Classroom MFA, which adds a second layer of security without requiring a mobile to protect Google, Chromebooks and Entra ID.” ��
Two security challenges schools can’t ignore �The fragmented nature of the edtech ecosystem creates two significant challenges that impact security, Devine explains: IT staff becoming buried in manual data tasks and students losing learning time due to login delays. Clever solves both of these challenges.
Manual edtech provisioning overburdens IT, risks oversharing data �“For every application, administrators need to keep track of different data formats and SSO [single sign-on] methods,” Devine says. “With Secure Sync Rostering, schools automate edtech accounts and access right from Clever, powered by SMS data, so they rely on one set of standardised specs rather than multiple.” Additionally, IT won’t have to rely on sending data via insecure methods, such as by email, and risk oversharing data.
�Devine says Clever’s growing network of 1,050 digital learning application partners co-build custom, unique APIs to ensure accounts and access are up to date using one consistent format. As a result, IT gets greater oversight of data shared and can minimise the amount of PII (personally identifiable information) shared with applications.�
Devine explains that Classroom MFA supports student-friendly methods such as login pictures, Badges and six-digit PINs, while also providing flexible options – such as biometrics, hardware tokens, SMS, voice calls and authenticator apps – as stronger security for more mature users.
�“Schools can set distinct MFA policies for different groups of users by type [eg students, teachers], year group, school or by the individual, so they get custom-fit security protocols configured uniquely to their needs and abilities,” Devine says.
�For an additional layer of security, Clever’s Classroom MFA provides multiple, device-free second-factor methods to protect Microsoft Entra ID and Google Workspace and Chromebook logins without interrupting learning.
�“Clever’s Classroom MFA helps schools comply with Essential 8 guidelines,” Devine says.
The login burden fuels lost learning time and security risks�“The digital lead at St Thomas More School Hadfield in Victoria mentioned that young students were losing up to 20 minutes of a 40-minute lesson just trying to log in,” Devine says. To ease the login burden, some schools share passwords among students or have them written down on sticky notes, contributing to security risks. “Clever’s single sign-on solutions eliminate the login challenge into devices and applications.”
�Devine says a Clever Badge – a physical, encrypted passcode �
that looks like a QR code that students can scan with a device – provides instant, passwordless access to a school’s digital classroom via Google, Microsoft and iOS devices.
“Additionally, Clever’s single sign-on portal provides students, teachers and staff with one-click access to any digital learning resource. Our single sign-on and Clever Badges provide instant, one-click access to all learning apps.”
�For administrators, moving students from multiple usernames and passwords to one login also helps make password management less of an administrative nightmare, says Devine.
�“With the login challenge behind them, it’s also easier for IT to implement secure, complex passwords for students and comply with cybersecurity best practices.”
Secure, up-to-date accounts start with automation�“IT teams get stuck in busywork, spending hours on manual account provisioning, troubleshooting password resets and patching together disconnected systems. Clever automates the account management life cycle,” Devine says.
�One powerful solution that’s making life easier for schools is Clever’s identity management tool (Clever IDM), which delivers automated account provisioning and password management for Google, Active Directory and Entra ID so IT doesn’t have to worry about it.
�Another powerful feature within Clever IDM is the Secure Password Management Suite, which helps IT generate age-appropriate yet complex, memorable passwords and passphrases for identity accounts.
�“It also enables students and teachers to self-serve password resets and recover accounts with smart guardrails, while keeping passwords in sync across IdPs [identity providers] and balancing security with usability,” Devine says.
�“Powerful automation capabilities, all in one place, free up IT’s time to focus on more strategic, impactful projects.”
�‘Student safety starts with securing digital identities’�Looking ahead, Devine says he expects Clever to play an important role in helping Australian schools future-proof their digital infrastructure and adapt to new cybersecurity threats.
“Unified identity provides a critical foundation to help schools protect digital identities from day one,” he says.
“With a unified digital identity platform, students log in safely and instantly – no password resets, no
delays. An interoperable, secure approach means that schools can accelerate impact faster. Admins launch new apps in a day while teachers gain real-time insights on student progress and wellbeing without juggling platforms,” Devine explains.
�“At Clever, we believe student safety starts with securing their digital identities. In an era defined by AI innovation and escalating cyber threats, protecting access to learning isn’t optional – it’s fundamental to trust, equity and education itself. Schools shouldn’t have to choose between innovation and security.”��
Source: Australian Signals Directorate's Annual Cyber Threat Report 2024-25
84,700 cybercrime reports
(1 report every 6 minutes)
Identity fraud remained the top reported cybercrime, up 8% year-on-year
>1,200 incidents (11% increase from 2023/24)
The scale of cybercrime in FY2024/25:
Australia’s cybersecurity problem
11% of incidents responded to included ransomware, consistent with last year
monthly active students and teachers
Clever Badge logins globally
schools across the globe
Chosen by thousands of schools
A trusted solution
Supported by a growing network of
110,000
29 million
4 billion
1,050+
application partners
Find out more