Multi-Factor Authenticationget help

What is Multi-Factor Authentication (MFA)?

MFA adds an extra layer of protection to your SFU account.

"Multi-factor" refers to using two or more independent items to verify your identity, typically:

  • something you know (e.g., your SFU computing password) and
  • something you have (e.g., a randomly generated passcode from your mobile device).

This creates a layered defense, preventing further unauthorized access from your SFU account if your password is compromised.

Why use MFA?

MFA is one of your best defenses against remote attacks

During this time where working from home has increased, we are at a higher risk of potential credential theft and phishing attacks. We encourage you to enroll in MFA to receive another layer of protection.

How will MFA change the way I sign into SFU systems?

With MFA, you will start by signing into SFU applications with your SFU Computing ID and password as you currently do. Next, you will be asked to enter an MFA passcode that's randomly generated from an app on your phone - and you're set. There is the option of "remembering" your MFA sign-in for seven days.

Only applications that are protected by the Central Authentication Service (CAS) will ask for the MFA passcode at this time.

Examples of CAS-protected SFU applications

MFA is currently enabled for all web applications that are protected by the Central Authentication Services (CAS). Not all SFU applications use CAS at this time. 

CAS-protected web applications Web applications that aren't CAS-protected
  • SFU Mail
  • Canvas
  • SharePoint
  • Maillist
  • AEM (author.sfu.ca)
  • goSFU 
  • FINS
  • myINFO
  • SFU Vault

Desktop applications are not protected by MFA at the moment, and there are plans underway to expand MFA's scope.

Have questions?

Please see our collection of Frequently Asked Questions, or contact us using the Get Help button at the top.