Multi-factor Authentication at UVic
Last updated 18 October 2021
Keep your passwords secure! Use long passphrases! Don’t re-use passphrases on multiple sites! This is the typical guidance you will hear to keep your account secure. This is because the most significant cyber threat you face is someone gaining unauthorized access to your UVic account and being able to access all your information and impersonate you.
The above advice is correct and should be followed, but do you ever wish you could secure your UVic account better? Do something that will protect you even if someone does manage to get your passphrase?
This fall, UVic is introducing a new security feature called UVic Multi-Factor Authentication (MFA) that will be available for all faculty, staff and students.
What is UVic MFA?
UVic MFA strengthens account security by requiring a second factor when you login to online services. The first factor we use is a passphrase – something you know. The second factor is something you have – such as a device in your possession. UVic MFA uses a quick, simple push system through a mobile app to verify you have the device.
Once enrolled, login using UVic MFA is very simple. Login using your username and passphrase and then your device will prompt you to approve or deny the login; once you click Approve, you will be logged in normally.
If you weren’t trying to login and your device prompts you, it means someone else is trying to use your account! Not to worry, you can click Deny and then change your passphrase or seek assistance from the UVIc Computer Help Desk.
Why are we doing this?
A passphrase alone is not enough. Most data breaches start with a stolen passphrase. The extra layer of security that MFA adds will help protect your account and your information from malicious attackers. MFA itself is not new. Very likely, you have used MFA for other accounts you own, such as Facebook, Google, or your bank.
