Multi-Factor Authenticationget help

Is that really you logging in?

Password compromises are more common than you think.

What is Multi-Factor Authentication (MFA)?

"Multi-factor" refers to using two or more independent items to verify your identity, typically something you know (i.e., your SFU computing ID and password) and something you have (i.e., a time-based code).

During this time where work and study from home has increased, attackers are using increasingly sophisticated ways to obtain your password. MFA is one of your best defenses against remote attacks.

Who needs to set up MFA?

MFA enrollment will be required for all faculty, staff and students.

All faculty and staff at SFU will be required to enroll in MFA by Summer 2021. If you are a faculty of staff member, you can choose to enroll at any time ahead of the deadline to avoid the rush. The MFA project team will be working with faculty and departments to facilitate the adoption for faculty and staff members. If you have a sponsored account, please visit our FAQs for more details.

Students will be required to enroll in MFA by the end of 2021, and will be fully supported if they choose to enroll sooner.

Do I need to have cellular service or data coverage to use the MFA mobile application?

No; Aside from the initial app download, MFA applications do not require any internet connection, cell service, or data coverage to function.

How will MFA change the way I sign into SFU systems?

With MFA, you will start by signing into SFU applications with your SFU Computing ID and password as you currently do. Next, you will be asked to enter a time-based code from an app on your phone – and you’re set. There is also the option of “remembering” your MFA sign-in for seven days.

*Only applications that are protected by the Central Authentication Service (CAS) will ask for the MFA passcode at this time.

How often will I be prompted for MFA?

By default, you will be prompted for your MFA code every time you log into a CAS-protected SFU web application.

If you do not want to be prompted for MFA every time you log in, you may select the “Remember me on this browser for 7 days” checkbox just below the MFA code field. Upon successful sign in, you will not be prompted for an MFA code for seven days as long as you are using the same browser and device/computer.

Please note that the ‘Remember me’ setting will not work if you perform any of the following actions:

Log in using a different device and browser than the ones you previously authenticated to “remember” your MFA sign-in,
Clear your browsing history and/or cookies,
Log in under “incognito mode” or “private mode” on your browser, or
Log in using the same device and browser after seven days since your last MFA sign-in.

*To view and/or remove the browsers you’ve allowed to “remember” your MFA login, please visit the SFU MFA Management App.

Which SFU applications are protected by MFA?

MFA is currently enabled for all web applications that are protected by the Central Authentication Services (CAS). Prominent applications include:

CAS-protected web applications
SFU Mail Canvas SharePoint Maillist AEM (author.sfu.ca) goSFU FINS myINFO

Please note that future services will require you to be enrolled in MFA. More details will be announced with the new services.

Tell me more about MFA

How do I set up MFA?

The initial setup includes three steps which will take approximately 10 minutes.

*Ensure to enroll at a time when you do not need to log into any CAS-protected applications, as you will not be able to log in until the setup is complete.

Set up MFA