FAQ - MFA (Multi-Factor Authentication) and Yubikey

Multi- factor authentication is an extra layer of security for your Selkirk College network identity designed to ensure that you're the only person who can access your account, even if someone knows your password. MFA significantly mitigates potential damage from Phishing/Credential stealing and Malware. For example, when you access your online banking application you may be required to respond to a text message sent to your smart phone. The text message communicates a code that you need to input into the banking website. This text message is called a “second factor” and is part of Multi-Factor Authentication – essentially a second way to prove you are who you say you are.

NOTE: MFA and 2FA (Two-factor authentication) are the same thing.

First factor is "What you know"  - Selkirk email and password.

Second factor is "What you have" - examples: a College or personal smartphone with Microsoft Authenticator App installed.

Multi-factor authentication is an extra step added to the log-in process, such as a code sent to your phone, that helps verify your identity and prevent cybercriminals from accessing your private information.

MFA adds one more step of authenticating your identity making it harder for an attacker to access your data. This drastically reduces the chances of fraud, data loss, or identity theft.

Open

Watch this short video clip for a user friendly learning explanation.

You still can register for MFA using your College office phone number and extension. If you are an instructor who works out of a computer lab or classroom, you may want to request a Yubikey from IT Services.  Yubikey's are an alternative method of authenticating.

Passwords are increasingly easy to compromise. They can often be stolen, guessed, or hacked — you could be locked out of your account, or you might not even know someone is accessing it. With MFA, you'll be alerted right away (on your phone) if someone is trying to log in as you.

IT Services has enabled MFA for select Selkirk College services including Microsoft OneDrive and O365 email (via Outlook).

Users will be prompted for MFA when sign in behavior changes (signing in from a different location or a different computer) on a rolling 90 day period.

Logging in to any of these services with your @selkirk.ca email address will require MFA.

If you do not have a College cell phone, do not want to use your personal cell phone, and you work in classrooms and labs, a Yubikey will be the best option for you to authenticate.

Yubikey can be requested from IT by submitting a ticket.

You will begin to receive prompts for authentication starting November 1st, 2021. Be sure to remember your Yubikey when you go to your classroom or labs.

Yes. When you initially configure your Yubikey you will be prompted to create a PIN between 4 - 6 characters.  You will need to remember this PIN when you use your Yubikey. 

Contact the IT helpdesk for assistance.

1. Try to find it right away!

2. Log in to mysignins@microsoft.com and change your method of authentication to a cell phone or office number

3. Request a 1time only free replacement. If any additional keys are misplaced, you or your department will be responsible for the replacement cost.

4. You may be unable to access Zoom, OneDrive or Outlook email services.

1. Go back and get it.

2. Don't use Zoom, OneDrive, or Outlook until you find it.

3. Log in to mysignins@microft.com and change your authentication method temporarily.

1. Try a different web browser when registering your Yubikey (Chrome works, Safari does not)

2. Reboot your computer and try again

3. Try a different USB port (USB ports on the back of your computer are typically better quality)

If you are using your regular computer to access the MFA enabled platforms - Zoom, Microsoft OneDrive, O365 email (via Outlook) you may not be required to authenticate each time you log in.  Your primary device is directly associated with your account, and requiring to authenticate may be infrequent. However, anytime you use another device to log into one of these services you will be required to authenticate.