Information Security

About multi-factor authentication

Multi-factor authentication is a method of confirming users' claimed identities by, in our case, using a combination of two different factors:

1. something you know (username and password)
2. something you have (a device - mobile phone or tablet)

The Microsoft Authenticator app enables authentication, usually with approve/deny selection or by showing a randomly-generated and constantly refreshing code. The sign-in frequency is 30 days but this does not necessarily mean you will be only be prompted every 30 days. Factors such as the use of multiple devices and various web browser sessions could mean that you are prompted more often.

Why do I need to use multi-factor authentication?

Cyber attackers obtain passwords by phishing or guessing. The second layer of security protects your account so that even if someone else obtains your password, they are unlikely to also have your second step, e.g. your phone. This is considered best practice by IT security and industry professionals and has been approved by the University.

Using multi-factor authentication

Once you have set up multi-factor authentication you will be asked to approve/deny access or input a code periodically, whenever you log in to a multi-factor authentication supported service on a new device/browser or when you have logged out.