Two-Factor Authentication

Santa Barbara City College uses Two-Factor Authentication (2FA) for remote access to systems and services.

Two-Factor Authentication is required for remote access to some SBCC systems, such as our Virtual Private Network (VPN) service.  In the near future, it will be required for our Virtual Desktop Infrastructure (VDI) when connecting from off-campus.

Follow the steps in the Enrollment Guide (English version) or Enrollment Guide (versión en español) to get set up with 2FA.

Frequently Asked Questions

  • Two-Factor Authentication (2FA) adds a second level of security during the login process to help prevent anyone other than you from accessing systems storing sensitive data. This is accomplished using 2 layers of security to verify your identity when logging into a system:

    1. Enter your username (your Pipeline ID) with your password.
    2. Use a physical device such as your cell phone, tablet or external email address to confirm your identity.

    The device that is most convenient for this purpose is a cell phone or tablet with the Google Authenticator app installed on it. Alternatively, a text message can be sent with a One-Time Passcode (OTP) for you to type in.

  • Previously, if you wanted to remotely connect to SBCC resources, such as Pipeline, Gmail, Virtual Desktop Infrastructure (VDI), or Virtual Private Network (VPN), you would log in with just your username and password. When you are enrolled in 2FA, you will also be prompted for the 2nd factor when connecting to Pipeline, Gmail, VDI, or VPN.

  • Passwords may be stolen and used without your knowledge. Two-factor authentication provides an additional layer of security. It prevents unauthorized account access by using your phone or other device to confirm your identity when logging into campus applications and systems.

    SBCC has decided to implement 2FA in response to multiple recent phishing scams and other vulnerabilities faced by the College and other organizations worldwide. 2FA provides much stronger insurance that information is only accessible to the intended people, and that the systems remain highly available. 2FA will be used in the future by an increasing number of SBCC services, or by designated users of a given service such as VPN.

    Currently, over 300 higher education institutions have implemented the same two-factor system throughout the nation with SBCC joining the security movement. By rolling out 2FA, we are pushing our account security to the next level and protecting the data of the College and our students, faculty and staff.

  • 2FA is currently available for all SBCC faculty, staff, and students.

    It is highly recommended that ALL faculty, staff, and students enroll in Two-Factor Authentication.

  • Using 2FA is required for remote access to some SBCC systems and services:

    • All faculty and staff who use our Virtual Private Network (VPN) service are required to use Two-Factor Authentication to connect to the service.
    • Starting this Summer, all faculty, staff, and students who wish to access our Virtual Desktop Infrastructure (VDI) from off-campus are required to use Two-Factor Authentication to connect to the service from off-campus.
    • All SBCC employees with access to personally identifiable information (PII) are required to enroll in 2FA to access SBCC network systems and services.
    • Students not employed by the college who do not use VDI may use the service on an opt-in basis.


    It is highly recommended that ALL faculty, staff, and students enroll in Two-Factor Authentication.

  • After entering your usual password information, you can authenticate your login through one of these options:

    • Text message: Receive a code via text (SMS) message on your phone
    • Mobile App: Enter a passcode from the Google Authenticator mobile app on your phone or tablet

  • Enrollment Guide (English version) or Enrollment Guide (versión en español) to get your device registered.

    The Faculty Resource Center has also put together a training video on how to set up and use 2FA.

  • Although the Google Authenticator app is the most convenient 2nd factor option, you are not required to install it on your device.

    Google Authenticator is a very small application, taking up little room on your phone, and it is meant for individual consumer use. It is free, and its use does not result in any charges if you use the passcode options from the app itself. 

    Google Authenticator can also be installed on a tablet if you do not have a phone.

    You may also choose the option to receive a text message, or if you forget your device, you can always use pre-printed passcodes, or call the IT Service Desk for assistance.

  • We recommend that you use the Google Authenticator mobile app as your 2FA method, especially if you are in an area with no internet connectivity or cellular service. You do not need an internet connection or a cellular signal to generate passcodes in Google Authenticator. Google Authenticator can also be installed on a tablet if you do not have a phone.

    You can also use a backup passcode. This will enable you to enter a one-time passcode if you can’t access your phone or device, or have no reception to receive a text message. Remember to bring your cell phone and/or a printed copy of the backup codes to your classroom so you can login with your class computer if there is poor cellular reception in the room. Please refer to the Enrollment Guide (English version) or Enrollment Guide (versión en español) for instructions on generating backup passcodes.

  • Please contact the IT Support Desk for assistance.