MFA - Multi-Factor Authentication Overview
What is MFA?
Multi-factor authentication (MFA) is a security enhancement that makes it very difficult for attackers to gain access to your data. The premise is very simple. Instead of using just a user name and password to access your data, another factor is required. The other factor can be a code sent to your cell phone via SMS text message, which you key in at login. UTS can also provide a keychain token that can provide your second factor code. You can choose the option that works best for you.
Why are we Doing This?
MFA is very effective because logging in requires physical possession of something, be it your cell phone or a hardware token. While there are many ways to steal your username and password from anywhere in the world, it’s much more difficult to steal or access these other items.
Who needs MFA?
At this time MFA is required for accessing the Nipissing VPN and any data stored in Microsoft’s online services, including Teams, OneDrive and SharePoint Online. Eventually, other services like email, Blackboard, and WebAdvisor will require MFA.
MFA is primarily for accessing resources that are available from the internet, and isn't used for signing into your computer itself. It makes no difference if you are using a Mac or a PC.
Registering for MFA
To register for MFA, first you must choose your second factor. Your options are as follows:
1) Using the Microsoft Authenticator App
The authenticator app is the easiest way to use MFA. This app produces a notification on your phone or tablet when you log into online services, and your login can be completed by simply acknowledging this notification.
UTS highly recommends this method because there isn’t an additional prompt that you have to type something into, and you don’t have to carry an additional piece of hardware with you. To register for MFA using the app, follow the instructions here:
2) Using SMS Text Messages
If you would prefer not to install an app on your phone, you can also register for MFA using SMS Text Messages. When you use this method, you'll be sent a 6 digit code via text when you log in, and you'll type this code into another prompt. To register for MFA using text messages, please visit here:
3) Hardware Token
The final option is to use a hardware token. These devices fit on a keychain, and provide a 6 digit code that changes every 60 seconds. Again, this code will be typed into a secondary prompt, along with your password.
If you require one of our hardware keychain tokens, it must be configured by UTS and associated with your account. To request a keychain token, please follow the following instructions:
- Visit https://helpdesk.nipissingu.ca
- Click “Create a New Ticket Now”
- Key in the subject “MFA Token”
- Choose the category “Accounts & Passwords”, and the subcategory “Multifactor Authentication – MFA”
- Provide delivery instructions for your hardware token. Typically, you would pick up your token at UTS, but we will be mailing these out while we’re all working from home due to the Pandemic.
Your ticket should look like this:
You'll have to contact UTS again when you receive your token so that it can be activated. You can do so by adding a comment to your ticket. To do so, either reply to your ticket email, or visit https://helpdesk.nipissingu.ca and click "my tickets".
Once you follow these easy steps, you'll be all set up for MFA. Congratulations, your data is more secure!