What is Multi-Factor Authentication (MFA)?

Multi-Factor Authentication (MFA) combines two or more independent credentials or "factors" -- what you know (i.e. your password) with something you have (e.g. mobile phone) -- in order to create a second layer of security for your UWin Account. Even if someone has your password, they will be prevented from accessing your account when it is protected by MFA, unless they have access to your secondary authentication method.

Currently, MFA is enabled on all faculty, staff, and student accounts, and is being used with the following apps and services:

  • Office 365 and associated apps: Office 365 Portal, Microsoft Office, Outlook, OneDrive, Teams and LinkedIn Learning
  • BlackBoard Learn (LMS)
  • UWinsite Student
  • UWinsite Finance
  • myUWinfo VIP Portal (Human Resources)

Note that once MFA was enabled on your UWin Acocunt, the secondary authentication will be required only when accessing MFA protected services and apps from a non-trusted location. It will not be required when accessing MFA protected services and apps:

  • on any computer in a trusted location (i.e. connected to campus wired or wireless networks)
  • on a computer connected to off campus network but using VPN connection

To report any MFA related issues, please submit your request for assistance by opening a ticket (select "Report MFA issue" in the Request Type field on the form).

Authentication Methods

Prior to MFA being enabled on your UWin Account, you should set up your authentication methods.

University of Windsor MFA users can pick any of the following secondary authentication methods as their second authentication "factors". We recommend enabling more than one in your profile so that in the event you are unable to proceed with your default secondary authentication method (as configured in your Microsoft work account profile), you can cllick on Sign in another way link and select a different method.

  1. Text message to your mobile phone containing the verification code
    You will be prompted to enter this code (i.e. second credential) when accessing MFA protected services and apps on non-trusted computers, right after entering their password.
     
  2. Call to phone number provided
    An automated voice call is placed to the number that you listed in your profile when accessing MFA protected services and apps on non-trusted computers. You will answer the call and presses # on the phone keypad to approve the authentication. 
     
  3. Microsoft Authenticator mobile app
    A push notification is sent to the Microsoft Authenticator app installed on your mobile device when accessing MFA protected services and apps on non-trusted computers. You will view the notification and select Approve to complete verification. If your phone is not connected to wi-fi or does not use mobile data, you will be prompted to enter verification code (i.e. second credential) when accessing MFA protected services and apps on non-trusted computers, right after entering their password. The Microsoft Authenticator app is available for iOS and Android platforms and can be downloaded from Apple and Google app stores.
     
  4. MFA Token (Hardware)
    Purchase a card or fob that displays a 6-digit code upon the press of a button.

For more details, please see Options for Second Factor of Authentication.

 

Signing in with MFA

Once you have configured your authentication methods and MFA was enabled on your UWin Account, the next time you log in to any MFA protected resources, you will be prompted for your login, password, and your MFA code or verification through the authenticator app. You will have the option to not ask again on that device for 30 days. Do not check that box if you are using a public computer (eg. library or computer lab workstation).

If you did not configure your authentication methods prior to MFA being enabled on your UWin Account, you will need to go through MFA setup on your first access of the MFA protected resource.

If you are unable to proceed with your default secondary authentication method (as configured in your Microsoft work account profile), you can cllick on Sign in another way link and select a different method.

Note for Office 365 Android Users:  Currently there are no supported mail apps for Android that support MFA - IT Services recommends installing the Outlook app from the Google Play store, which will give you improved functionality over the built-in mail/calendar app as well as the ability to use MFA. 

Note for Office 365 iPhone Users:  If you are using the built-in mail/calendar app on iOS 11 or above, it does support MFA, but you must remove and re-add the account in order for it to function.  Please see the instructions here on how to remove and re-add your account:  https://uwindsor.teamdynamix.com/TDClient/1975/Portal/KB/Edit?ID=9459  However for the best supported experience, IT Services recommends the Outlook app.

 

50% helpful - 2 reviews