An Introduction to Multi-Factor Authentication

Navigation links for UGDSB employees (You may be prompted to log in):

• MFA Device Survey
• MFA Smartphone Registration
• MFA OTP Token Registration
• MFA Knowledgebase

What is Multi-Factor Authentication?

• Multi-Factor Authentication (MFA) is a technology we use increasingly often in our daily lives. For example, when you access your online banking application you may be required to respond to a text message sent to your smart phone. The text message communicates a code that you need to input into the banking website. This text message is called a “second factor” and is part of Multi-Factor Authentication – essentially a second way to prove you are who you say you are.
• Like the example above, MFA will allow UGDSB employees to use multiple “factors” when accessing the board’s Microsoft Azure cloud services (e.g. Microsoft O365 Services, MS Teams, Exchange Online, OneDrive, inTune, etc.). 
• For a simple overview of MFA, you can view this short YouTube video.

What are MFA Factors?

• The first factor is “What You Know” – this is your UGDSB username and password 
• The second factor is “What You Have” – this is your smartphone with MS Authenticator app installed, a call back number or a physical token.

Why should I use MFA?

• Using MFA will help mitigate many of the cybersecurity threats the UGDSB faces every day. MFA will also help mitigate potential damage from phishing emails, credential-stealing and malware attempts against the Azure cloud service. 

How will MFA affect me?

• At this time, the sign-in process for MFA will only apply to UGDSB employees when they access Microsoft Azure Cloud services (e.g. Microsoft 0365 Services, MS Teams, OneDrive, Exchange Online, inTune, etc.). Once you have registered for MFA, you will be asked periodically to verify your login when accessing these services. A message will be sent to your smart phone, phone number or physical token to which you need to respond with “Approve” or “Deny”, or with a six-digit code from a physical token.
• UGDSB employees will not be required to respond to an MFA prompt every time they access Microsoft Azure cloud services and applications. Instead, employees can expect to be MFA prompted about every 90 days or less. In the future, we will review and stay aligned with cloud security best practices regarding frequency of MFA prompts.

How long after I register should I expect the first MFA prompt?

• All new users that register for MFA can expect their first MFA prompt the next day, once they access an Azure Cloud service for the first time (e.g. Microsoft O365 Services, MS Teams, Exchange Online, OneDrive, inTune, etc.)
• Users that have not registered for MFA by their cohort dates below, will be required to register for MFA before accessing an Azure Cloud service for the first time. 

When will MFA roll out start?

• The IT Department will be rolling out MFA for Microsoft Azure cloud services and applications to all staff/educators, on July 1, 2022.
• Any user not registered in MFA at this time will be locked out of their account.

How do I get MFA support?

• Technical support for MFA is available during normal business hours Monday through Friday from 8:30 a.m. to 4:30 p.m. If you need support, please call (519) 822-4420 ext. 247 or submit a ticket online at https://ugsupport.ugdsb.on.ca/.
• If you have other questions related to MFA, please contact the UGDSB IT Department at [email protected]