Simon Fraser University
Engaging the World

IT Services

Home / Information Security / Multi-Factor Authentication

Multi-Factor Authenticationget help

Enroll in MFA today.

To promote a safer online environment at SFU, all faculty and staff will be required to enroll in MFA by May 2021. All students, sponsored accounts, retirees, and any other accounts will be required to enroll in MFA by December 2021.

Note. If you have a shared sponsored account, we recommend to hold off on enrollment until we have a process defined by Summer 2021. For more information regarding sponsored accounts, please visit our FAQ page.

Quick Access

Set up MFA

Manage your MFA

Tell me more about MFA

What is Multi-Factor Authentication (MFA)?

"Multi-factor" refers to using two or more independent items to verify your identity, typically something you know (i.e., your SFU computing ID and password) and something you have (i.e., a time-based code). 

During this time where work and study from home has increased, attackers are using increasingly sophisticated ways to obtain your password. MFA is one of your best defenses against remote attacks. 

Who needs to set up MFA?

MFA enrollment will be required for all faculty, staff and students.

  • All faculty and staff at SFU will be required to enroll in MFA by May 2021. If you are a faculty or staff member, you can choose to enroll at any time ahead of the deadline to avoid the rush. The MFA project team will be working with faculty and departments to facilitate the adoption for faculty and staff members. 
  • All students, sponsored accounts, retirees, and any other accounts will be required to enroll in MFA by December 2021, and will be fully supported if they choose to enroll sooner. 

Note. If you have a shared sponsored account, we recommend to hold off on enrollment until we have a process defined by Summer 2021. For more information regarding sponsored accounts, please visit our FAQ page.

Do I need to have cellular service or data coverage to use the MFA mobile application?

No; Aside from the initial app download, MFA applications do not require any internet connection, cell service, or data coverage to function.

How will MFA change the way I sign into SFU systems?

With MFA, you will start by signing into SFU applications with your SFU Computing ID and password as you currently do.  Next, you will be asked to enter a time-based code from an app on your phone – and you’re set. There is also the option of “remembering” your MFA sign-in for seven days.

*Only applications that are protected by the Central Authentication Service (CAS) will ask for the MFA passcode at this time.

How often will I be prompted for MFA?

By default, you will be prompted for your MFA code every time you log into a CAS-protected SFU web application.

If you do not want to be prompted for MFA every time you log in, you may select the  “Remember me on this browser for 7 days” checkbox just below the MFA code field. Upon successful sign in, you will not be prompted for an MFA code for seven days as long as you are using the same browser and device/computer.

Please note that the ‘Remember me’ setting will not work if you perform any of the following actions:

  • Log in using a different device and browser than the ones you previously authenticated to “remember” your MFA sign-in,
  • Clear your browsing history and/or cookies,
  • Log in under “incognito mode” or “private mode” on your browser, or
  • Log in using the same device and browser after seven days since your last MFA sign-in.

*To view and/or remove the browsers you’ve allowed to “remember” your MFA login, please visit the SFU MFA Management App.

Which SFU applications are protected by MFA?

MFA is currently enabled for all web applications that are protected by the Central Authentication Services (CAS) and any new future services launched at SFU. Prominent applications include:

CAS-protected web applications

Other Services
  • goSFU, SFU Mail, Canvas
  • FINS, myINFO
  • SharePoint, Maillist
  • Zoom
  • Microsoft 365 (via web portal)
  • AEM (author.sfu.ca)
  • Research Ethics Application system (Kuali)
  • SFU VPN

Note. Future services at SFU will require you to be enrolled in MFA. More details will be announced with the new services.

Tell me more about MFA

 

How do I set up MFA?

The initial setup includes three parts which will take approximately 5 minutes.

*Ensure to enroll at a time when you do not need to log into any CAS-protected applications, as you will not be able to log in until the setup is complete.

Set up MFA

How do I manage MFA settings after enrollment?

Manage the following MFA settings using the  SFU MFA Management App:

Change MFA Devices

Change which device you use for MFA.

Learn more about changing device

 

Emergency Login Code Management

View your current emergency login codes and/or generate new codes.

Learn more about emergency login codes

Change MFA Applications

Change which mobile application you use for MFA.

Learn more about changing mobile app

 

Trusted Browsers Management

View and/or remove the trusted browsers you authenticated to “remember you”.

Learn more about trusted browsers

Have questions? Please see our collection of Frequently Asked Questions or visit our MFA Toolkits.

For additional assistance, please contact your department’s IT staff, IT Service Desk or email us at mfa-info@sfu.ca.