What is Multifactor Authentication?

Multi-factor authentication (MFA) is an extra layer of security for your UCC Student IT Account. Verifying your identity using an additional factor (something you have in your possession, such as your phone) prevents others from accessing your account, even if they know your password.

Additional factors used for verification include; authentication applications for your device such as Microsoft Authenticator, security codes sent as text messages to mobile phones or automatically generated telephone calls to your mobile phone. You may be familiar with some of the practices that are already widely used for online banking and purchasing.

Why does UCC use Multifactor Authentication?

Multifactor Authentication helps fight against phishing, social engineering and password brute-force attacks and helps to secure your logins from attackers exploiting weak or stolen credentials.

Due to the number of attempted account compromises IT Services is increasing account security by augmenting the thing you “know” (your username and password) with additional authentication factors, allowing you to use approval security requests sent to a mobile and more, to protect your personal data and institutional system.

How Does It Work?

With MFA enabled on your student account, an additional authenticator factor is required to complete the login to services, rather than only using your username and password.  The additional factor uses something that you have in your possession, such as a mobile phone. When you logon to a service that requires MFA, after you enter your student email address and password, you'll be prompted to use your additional means of verification. For example, if using the Microsoft Authenticator app as your authentication method, you'll receive a notification from this app. 

MFA will always prompt for additional approval when you attempt to reconfigure your account security settings.

FAQs

There are several ways of setting up MFA, which method does UCC recommend? 

UCC recommends using the Microsoft Authenticator app as your authentication method. The app uses wifi and sends a notification to your phone, requesting you to approve a sign in request.

Can I install the MS Authenticator app on multiple devices?

Yes. When you log in a notification will be sent to all devices with the app. You only need to approve the sign in from one device.

After you approve the sign from one device, if you try and approve the same request from another device you will get a notifications that it was denied , however this will not affect your account as you already approved the request through another device.

Why would I receive a logon approval request or security code when I am not trying to logon to a UCC service?

An unsolicited request to approve a logon that you have not initiated usually means that someone else knows your logon username and password, and are trying to use it. Do not approve these requests, change your password and report the incident to Student IT Support. 

What other methods of authenticating my login does UCC offer? 

Students can choose between the Microsoft Authenticator app, receiving a authentication code in a text message from Microsoft or receiving an authentication code in a phone call from Microsoft. However, the Microsoft Authenticator app is the recommended authentication method for UCC students.

I am concerned about the security of my phone number or that it may be used for purpose other than MFA?

If you use your phone number for MFA, it is stored in encrypted format as part of your UCC Student IT Account. Only you can view and change it. It is not accessible to UCC IT Services staff or others.

Your phone number will only be used for security of your account and will not be used for any other purposes.  This data is not used or transferred to any other UCC system.