What is multifactor authentication (MFA)?

Multi-factor authentication is a critical security requirement in which users are prompted during the sign-in process for an additional form of identification, such as a code on their cellphone. 

If you only use a password to login, it leaves you more open to a hacker attack. If the password is weak or has been exposed elsewhere, an attacker could be using it to gain access. When you require a second form of authentication, security is significantly increased because this additional factor isn't something that's easy for an attacker to obtain or duplicate.

Multi-Factor Authentication works by requiring two or more of the following authentication methods:

  • Something you know, typically a password.
  • Something you have, such as a trusted device that's not easily duplicated, like a phone or security key.
  • Something you are - biometrics like a fingerprint or face scan.

The available multi-factor authentication options include the Microsoft Authenticator mobile app (our preferred and most secure standard), SMS text, or if required a physical FIDO2 security key for an additional fee. 

Why use multifactor authentication (MFA)? Watch this video from Microsoft https://www.youtube.com/watch?v=LB2yj4HSptc 

MFA at this time is currently optional, although we are quickly moving toward this as a mandatory standard for all users to ensure we are protected, and so we highly recommend that you self onboard to Multi-Factor authentication in preparation (prior to our upcoming deadline where this will be required 'on next login'). 

To self-onboard to MFA simply follow this step by step, or watch this video walkthrough: https://www.youtube.com/watch?v=Q8OzabuNwHI

Please make sure to backup your MFA application data in case you need to replace the device with your authenticator application. For detailed instructions on backup and recovery go to: Authenticator Backup and Recovery

1. Login to https://aka.ms/mfasetup

2. When prompted for "More information required" - click Next

3. To use the Microsoft Authenticator app follow the presented instructions on the screen to download the App on your smart phone - click Next 

4. To use SMS Text as an MFA method click "I want to set up a different method' - choose Phone - click Confirm - enter your phone number and choose either "Text me a code" or "Call me". Enter the one-time verification code to finalize the setup. 

5. To finalize the Microsoft Authenticator App setup - click Next again - you will be presented with a QR code on the screen

6. Launch your Microsoft Authenticator App on your smart phone - click the + symbol in the top right - choose Work or School account - Click "Scan QR Code" - Scan the QR code with your phone. 

7. A rotating code will now be displayed on your MS Authenticator App - click Next on the screen 

8. Click Next & Approve the prompt from your Mobile Phone (or type in the rotating code as needed) - click Next - click Done on the computer screen to finalize the setup. 

9. You will be prompted to login with your email, password & MFA to validate you are now setup. 

10. Turn on backup options for your phone app. Backup options will allow you to retain your data if you move to a new phone.

For IOS: On your iOS device, select Settings, select Backup, and then turn on iCloud backup

Your account credentials are backed up to your iCloud account.

For Android: On your Android device, select Settings, select Backup, and then turn on Cloud backup.
Your account credentials are backed up to your cloud account.

11. You are now setup with Multi-Factor authentication and much more secure! 

(optionally you can add additional MFA methods as backup methods if the primary method is not available)

To setup alternate MFA verification options

1. Login to https://aka.ms/mfasetup

2. Click Add method 

3. Select an alternate MFA verification method & follow the prompts to setup as per above

*Note: Email cannot be used as an MFA method, it is only used as a verification option if using self service password recovery. Validate MFA methods are Authenticator app, Phone or Security key. 

To set a default MFA sign-in option

1. Once logged into to the MFA site above

2. Click "Default sign-in method" - click Change 

3. Select the preferred primary MFA option 

(while other options are available for use as optional alternate forms)

If you have moved to a new phone:

On your new mobile device, open the Authenticator app, and select Begin Recoverry, This will recover your MFA information and allow you to sign into your school accounts with your new phone.

Important Note: If you do not have your multi-factor authentication device and require to login, simply contact us directly for assistance at; 

Yorkville University Support Portal: https://ask.yorkvilleu.ca/support/home (1-888-334-0899)

Toronto Film School Support Portal: https://ask.torontofilmschool.ca/support/home (1-888-334-0899)

Algoma Brampton Support Portal: https://support.algomabrampton.ca/support/home (1-866-623-7080)

For further information review this helpful article: https://aka.ms/mfatutor or watch https://aka.ms/mfavideo.

Thank you

IT Excellence Team