Multi Factor Authentication FAQ

What is Multi Factor Authentication (MFA)?
 

By setting up Multi Factor Authentication (MFA), you add an extra layer of security to your sign-ins. "Multi-factor" refers to using two or more items to verify your identity when you sign in, typically:

  • something you know (i.e., your UFV email and password) and
  • something you have (i.e., a time-based passcode from your mobile device or email).
     

This creates a layered defense, preventing unauthorized access from your UFV account if your password is compromised.

 



What services are protected by MFA?


Microsoft's suite of tools (Word, Excel, PowerPoint, etc.) and your UFV Outlook email will be protected by MFA. This ensures only you have access to your important emails and documents. If you see this branded login screen, your login is protected by MFA:

 


 

MFA may be expanded in the future to include other services, when available.
 

What if I lose access to one of my verification methods?


If you lose access to your phone, secondary email, or authenticator app you may not be able to reset your password or sign in to MFA-protected services.

 

If you have lost access to only one verification method, look for a link on the sign-in prompt that says "I can't use my phone right now" or similar, and you may still be able to sign in. If you are able to sign in, follow these instructions to update your verification methods: Update or Change Verification Methods

 

If you are unable to sign in to change it yourself, please submit a ticket to the IT Service Desk. Include your student number, and our cybersecurity team can remove the methods from your account. You will be asked to re-register on your next sign in.

 

Why are we being asked to provide my email or phone number?


As UFV moves to the cloud, for all its substantial benefits, we want to keep your information safe. MFA adds an additional layer of protection to your account, even if your password is compromised.  Microsoft's suite of browser tools, such as Word and Excel, offer easy access to your (potentially sensitive) documents; MFA helps secure them.

 

The largest threat we face is password compromise, usually by hacking of third party services, phishing, or weak passwords. Credential theft is easy and occurs frequently, even to the UFV community.  By providing an alternate email, phone number, or using a mobile app, individuals can register for self-service password reset and MFA. These alternative methods can be used instead of, or in addition to a password, to authenticate the individual. Since the adoption of MFA, it has already successfully blocked some fraudulent attempts to access UFV accounts.
 

Self service password reset (SSPR) allows you to easily unlock and change a password anytime and anywhere. Regardless if the password was forgotten, or has been changed due to a suspected compromise, the UFV community can unlock their account, change their password and get access restored.  

How is my information protected?

We understand concerns about privacy, and both SSPR and MFA are designed to enhance privacy and security. Most of the UFV community will have already used these techniques when interacting with banking, financial transactions, or other personal services. Similar to these other institutions, UFV community members will enroll the methods that they decide will be used to validate their identity. This information remains protected and secure in our Canadian tenant.

 

Your email address and phone number are not able to be seen by the IT Service Desk. These methods are only used to confirm your identity, either before resetting the password, or as an additional trust mechanism when required. If you do not wish to use an existing account, you can create a free email account with Microsoft, Google, or another provider that you can have only for UFV SSPR and MFA communications.  If you have an android or iPhone, you can use an authenticator app to generate a secure onetime passcode, rather than enter a phone number.

 

Is this really necessary, are other Universities doing this?

 

All Canadian universities are facing this same challenge and are already using SSPR and MFA technology to secure their systems. The recent report on security at higher education institutions in Canada shows this is becoming almost universally adopted. Outside higher education, the banking system and financial institutions have completely adopted this to protect their customer’s savings and investments. Health systems in Canada are also starting to adopt this for patient privacy, as the United States has already done.

 

Survey results on MFA among Canadian higher education institutions:

 

I have other questions…

We would like to have anyone that has remaining concerns to reach out to the Cybersecurity team. We are proceeding with this rollout knowing there are going to be questions, and we will endeavour to answer each one. In doing so we will be transparent about why this is necessary, and how this will improve privacy for our community. Open a ticket with the Service Desk, or email our team at “cybersecurity@ufv.ca”

Details

Article ID: 817
Created
Tue 9/22/20 10:44 AM
Modified
Fri 9/3/21 1:16 PM