Multi Factor Authentication (MFA)
Multi Factor Authentication (MFA) is required for anyone with a current zID account at UNSW to verify your sign-in for single sign-on (SSO) applications like Outlook, Moodle, and SharePoint. Read below to find out how to set up Microsoft Authenticator on your phone and what to do if you have a new phone.
What is MFA?
UNSW uses the Microsoft Authenticator app, which adds an extra layer of security to protect the University and your account from unauthorised access. You'll need to install the app on your smartphone before completing the MFA registration on your computer.
New students and staff will be prompted to set up MFA during their onboarding process. This requirement also applies to staff with a zID_sa account.
MFA combines two or more sets of credentials; what you know, such as your password, and what you have such as a Microsoft Authenticator app on your smartphone. The goal of MFA is to create an additional layer of defense to make it more difficult for unauthorised people to access the University’s resources (data, applications or devices) via your zID account.
After signing in using your zID and password, you may be prompted by the Microsoft Authenticator app (push notification) to verify that it is you signing in. A 2-digit number will appear on your sign-in device (eg computer), which you then need to enter into the app on your smartphone. Tap Yes (or Done) to confirm it is you and the University single sign-on (SSO) application will open.
If you receive a push notification on your smartphone but you know it isn't you signing in, please tap No, It’s Not Me. At this point a Report Fraud/Suspicious Activity message will appear. You can then select ‘Report’ and the fraud attempt will be sent to UNSW IT Cyber Security Operations team for investigation. If in doubt, report it! (Accidental alerting is expected, and no one will get in trouble).
- Our MFA solution is adaptive and as such, you may also be prompted to verify your sign-in at other times if it considers that a risk-based event may have occurred, or other cyber security policies apply.
- Always carry your authenticator when accessing university SSO applications.
Do not uninstall the Microsoft Authenticator app.
Setting up MFA
-
The one-off setup process first requires the installation of the Microsoft Authenticator app on your smartphone before completing the MFA registration on your computer. Watch this 3-minute video to gain an overall understanding.
To set up MFA you will need:
- Smartphone
- A compatible smartphone with a data connection.
- Install the Microsoft Authenticator app from your smartphone’s app store.
- Computer
- Internet access on your computer.
- Use an incognito (or InPrivate) browser window and the URL provided in the step-by-step guide to finish the registration of your computer.
- Time
- Allow approximately 5 minutes to complete the setup.
To Start: follow the step-by-step guide and set up MFA. Note: if the Microsoft Authenticator app is unavailable in your smartphone’s app store, follow this guide to set up MFA.
- Smartphone
-
MFA is only applied to a zID when it accesses a UNSW single sign-on (SSO) application. Examples of SSO applications include Office 365 (Outlook, Teams), Moodle, SharePoint.
Most users will be prompted to verify at least once every 30 days per device used when accessing an SSO application and more often when accessing applications with a higher risk profile, such as the VPN which will prompt for MFA more frequently (e.g.,12 hours). Thereafter you will be prompted again to verify only if:
- you use a new browser
- you clear your browser cookies/cache
- you use another computer such as one found on a lectern
- you work from a new location
- you use a new Wi-Fi connection, or
- our MFA solution considers that a risk-based event may have occurred.
-
Do not uninstall the Microsoft Authenticator app as you will need it to verify your sign-in when prompted periodically. Refer to the guide to use MFA.
Always have your authenticator with you when accessing University single sign-on applications.
Refer to the Support Materials section on this page for further guides and FAQs.
(Optional) Setup an MFA back up option
Microsoft Authenticator app can be installed on another smartphone or mobile device, such as an iPad, and that device is then used as your backup. For example, when you have forgotten or lost your smartphone you could use your iPad.
Note: Microsoft Authenticator app cannot be installed on your computer or laptop.
Refer to the guide to set up MS Authenticator app on a second mobile device and use it as a backup.
-
When switching phones, simply transferring data/photos (or a backup/restore) from your old phone to your new phone won’t re-establish your MFA account. Note: You may see the Microsoft Authenticator app (and account) on your new smartphone, but they will not work.
If you still have access to your old phone:
Please follow the steps in this guide (requires both your old and new phone): Transfer the Microsoft Authenticator app to a new phone (PDF, 922KB) prior to factory resetting your old phone.
If you no longer have access to your old phone:
You need to request an MFA Reset. Please contact us. Note: ID verification will be required.
-
How-to guides
- Set up MFA using Microsoft Authenticator (PDF, 1240KB) on your smartphone.
- Set up MFA when Microsoft Authenticator is unavailable in your smartphone app store (PDF, 1353KB) Note: This guide may be useful to China-based students.
- Set up MS Authenticator app on a second mobile device (PDF, 916KB) as a backup, after setting up MFA on your primary mobile device.
- Use Microsoft Authenticator (PDF, 1281KB)
- Use Microsoft Authenticator without a data/internet connection (PDF, 772KB) or when push notifications are unavailable.
- Transfer the Microsoft Authenticator app to a new phone (PDF, 1067KB) from your old phone (before you throw out your old phone).
Videos