Community notices
SFU to roll out multi-factor authentication for all accounts by end of 2021
By Kevin Chiang
Each year, SFU detects more than 2000 instances of unauthorized access to SFU accounts – mostly due to stolen, phished or guessed online credentials.
That’s why, starting May 2021, all faculty and staff will be required to use multi-factor authentication (MFA) when accessing SFU systems. MFA will also become the new standard for students starting at SFU, beginning with the fall 2021 cohort. All remaining students, and everyone else, will be required to use MFA by the end of 2021.
SFU's MFA works by pairing something you know (your SFU computing ID and password) with something you have (a six-digit code on your phone). This simple extra step helps guard your digital identity, data and access to systems even if your password becomes compromised. It's also a great way to deter attackers from accessing your account with your password alone.
“The decision to enrol faculty and staff early was due to the amount of sensitive data they have access to,” says Mark Roman, SFU’s chief information officer. “All of IT Services, as well as staff from Human Resources, Safety and Risk Services and some local IT, were part of the mandatory preliminary group earlier this year."
These groups were among the first that ensured MFA would be ready for everyone at SFU.
Using MFA is straightforward. Simply enter a six-digit code generated by the authenticator app on your mobile device when signing in. The app does not require WiFi or a data plan to generate codes once it has been downloaded and set up.
MFA is just one of the ongoing improvements IT Services has deployed over the years to better protect sensitive data and technology infrastructure at SFU. As part of SFU’s information security strategy, IT Services has also established new firewalls, and introduced intrusion protection and detection systems, and dedicated appliances to fight distributed denial of service attacks.
“Multi-factor-authentication is a giant leap forward and will be followed with a continuous stream of more improvements,” says Roman.
Signing up for multi-factor authentication is quick and only takes about 10 minutes. Get started early by enrolling on SFU's Multi-Factor Authentication website.