Multi-Factor Authentication (MFA) for Faculty and Staff

MFA icon - validating a loginIf you have ever banked or shopped online, you may already be familiar with Multi-Factor Authentication or MFA. MFA is a security enhancement that requires two sets of different credentials before granting users access to an account (i.e., your password paired with a code sent to your mobile phone). The new authentication service is referred to as UTORMFA.

 

Why is this important?

The amount and sophistication of phishing attacks continues to worsen; the time to act is now. The addition of MFA will empower U of T faculty, researchers, librarians and staff to better protect their work, research, data and identities.

 

UTSC Roll-out timeline

  • Q3 2020: UTSC early adopters roll out – Completed
  • Q4 2020: UTSC staff roll out – Started
  • Q1 2021: UTSC faculty roll out – In planning

 

How will you enroll in UTORMFA?

When the time comes for your department to be enrolled, you will receive an advance notice from IITS Help Desk and on the following day you will receive another email from DUO system with instructions on how to enroll into UTORMFA. The sender of the email will be utormfa@utoronto.ca and the subject line “UTORMFA Enrollment”. The enrollment process takes less than five minutes to complete. You are required to complete the enrollment within eight days of receiving the first email. After the eight day period, you will be automatically enrolled and will be prompted to use MFA when logging in from an untrusted network (outside UofT).

 

How does it work?

After you have been set up with UTORMFA, the DUO App on your smart phone will prompt you to confirm the log-in (Step 2) when you access any secure web site that utilizes U of T Web Log-in page shown in Step 1.

 access weblogin / step 2: receive notification from Duo Mobile App / step 3: securely log in

 

IT Support