Multi-factor Authentication (MFA) | Information Technology Services

What is Multi-factor Authentication (MFA)?

Passwords alone are no longer sufficient to protect online services.
MFA is a simple method of adding extra protection to your personal user account(s).
Security is increased by requiring more than one form of identification during the sign-in process.

Getting Started

We strongly advise all Fleming users to activate MFA on their accounts as soon as possible by following the step-by-step instructions below. We recommend that users enrol with one or both of the MFA methods below, using Microsoft Authenticator mobile app or SMS text message to receive one-time codes. If none of the previously mentioned MFA methods are available to you, then the use of a physical security key is supported as a last resort. Click here for more details on physical security key options.

Instructions

Method One: How to Set Up SMS Text Messages for MFA

Method Two: How to Set Up Microsoft Authenticator for MFA

Have your computer and your phone available when following these instructions.

Using MFA at Fleming

All Fleming users have had the opportunity to opt in to MFA since October 2022.
MFA use is mandatory for users who are granted access to the College’s VPN service or DocuSign service.
MFA use is mandatory for all full-time employees as of 3-Apr-2023.
MFA use is mandatory for all students & employees as of 29-May-2023.

Which Applications?

MFA is enabled for several college applications and services with others underway. The following are currently enabled:

Microsoft/Office 365
VPN
CERB (Ticket System)
JIRA/Confluence (Project Management & Knowledge Base)
DocuSign
CIRA/Beauceron Training Platform

The following will soon be enabled:

myCampus
Evolve/Oracle PeopleSoft
VDI
MyWorkDrive
D2L (BrightSpace)

Where: Expect MFA from Certain Locations

MFA is required when accessing College systems remotely, from anywhere off campus.
MFA is required when using Wi-Fi on campus or at college residences.
MFA is not required when on campus using desktop PCs hardwired to the campus network, such as those found in classrooms, in the LRC and library, and on staff desks.

When: Expect MFA at Certain Times

Each application, on each device, independently remembers your MFA approval for 60 days.
You will be prompted for MFA credentials after changing your Fleming password.
You may be required to use MFA for any sign-in attempts that appear unusual or out of place, such as from a new geographic location or when using an anonymous VPN service.

Reject Unexpected Requests

Do not approve any MFA requests not initiated by you, and if you are repeatedly asked to approve such MFA requests, immediately change your password and report this to the Fleming ITS department as a security incident.

Asking for Assistance

For technical support, please contact the Fleming ITS Service Desk:

itsupport@flemingcollege.ca
1-866-353-6464 x4111 Option #1

Learning More About MFA

Watch a Video About MFA

Source: Communications Security Establishment. (2020, June 19). Get Cyber Safe: Multi-factor authentication [Video]. YouTube. https://www.youtube.com/watch?v=yEIzO2S2tT4&t=51s

Statistics About MFA

One in three Canadians use multi-factor authentication.
Even a two-step verification can protect you from 100% of automated bots, 96% of phishing attacks, and 76% of targeted attacks.

Source: Communications Security Establishment. (2022, March 31). Multi-factor authentication. https://www.getcybersafe.gc.ca/en/resources/multi-factor-authentication

FAQs About MFA

Q — How long will it take to start working?
A — All changes made to MFA will take effect within 5 minutes.

Q — What do I do if I lose my phone?
A — If you have set up additional sign-in methods, sign in to your Fleming account and then visit this web page to remove your lost phone: https://mysignins.microsoft.com/security-info. Otherwise, contact the Fleming ITS Service Desk for assistance.

Q — Can I use a USB security key for MFA purposes?
A — Yes, if none of the other support MFA authentication methods will work for you. Click here for more details.

Q — Can I use Google Authenticator instead of Microsoft Authenticator?
A — Yes, during the setup process, you may choose “I want to use a different authenticator app.”

Q — Can I use SMS or voice call?
A — Yes, both are supported as well as, or instead of, an authenticator app.

Q — Does my Authenticator device need to have a mobile data plan or cell number?
A — No, any Android or iOS device with Internet access, such as WiFi, can be used. A cellular data plan or phone number is not required.

Q — Why am I getting an MFA request every time I access Office 365 services?
A — You may be experiencing a known issue if you are accessing Office 365 through myCampus using a personal device (not a Fleming computer). While we work on correcting this, please access Office 365 services directly from Office.com.

Q — When adding your account to MS Authenticator app, you get the following error message: “Unexpected error. Contact your local IT administrator to resolve the problem. Error details: Device token is empty.”
A — To resolve this error, Microsoft recommends you uninstall and reinstall the Microsoft Authenticator app on your mobile device. Then retry adding the account to the reinstalled MS Authenticator app. If the error persists, you can also try using SMS text or Google Authenticator app instead as an alternate authentication factor.