Multi-factor Authentication

As of January 5, 2021, multi-factor authentication (MFA) is required to access all UNB Microsoft 365 (M365) services like email, Teams, OneDrive and SharePoint.

Did you pre-register for MFA?

Setup MFA - Microsoft Authenticator app

  • Why we recommend the Authenticator app for MFA: it's fast (no need to enter a code), easy and secure.
  • How it works: Receive a notification or one-time code from the Microsoft Authenticator app on your smartphone or tablet to approve/enter when prompted for MFA.
  • Works on: UNB and personal smartphones and tablets (Android, iOS, Windows)
  • Set up this method

I can't download the app/don't have a mobile device.

Alternative/backup MFA methods

The Microsoft Authenticator app is UNB’s recommend MFA method. If you’re unable to use the app, choose one of the alternative methods below:

Note: You can also add these methods as a backup in case your Authenticator app is ever unavailable, or your primary device is lost or stolen.

Text message (SMS)

  • How it works: Receive a text message with a one-time code to enter when prompted for MFA.
  • Works on: UNB and personal smartphones, cell phones and landline phones. NOTE: this method does not work with UNB VoIP (Teams) phones.
  • Set up this method

Hardware token (e.g. YubiKey)

  • How it works: When prompted for MFA, enter a one-time code generated on a hardware token (looks like a USB flash drive) connected to your device. 
  • Works on: UNB and personal computers and mobile devices.
  • To use this method:
    1. You must get/purchase a hardware token (e.g. YubiKey)
      • Faculty/staff: Please contact the IT Service Desk to arrange to get a YubiKey.
      • Students/retirees/guests/alumni: you can purchase a hardware authentication token from an external provider (like Amazon) if desired. Please contact the IT Service Desk for additional details.
    2. Once you have your hardware token, follow these setup instructions.

Questions or need help?

Contact the IT Service Desk.

About multi-factor authentication

What is multi-factor authentication (MFA)?

MFA is an extra layer of security that requires you to use two or more different verification methods to log in to a device or account. You likely already use MFA for other personal accounts without realizing it like:

  • Using your bank card + a PIN to withdraw money from a bank machine
  • Entering a password + a code sent to your phone to access an online account

Why is MFA important?

MFA helps protect your account by keeping it secure even if your password becomes compromised. This is particularly important in today’s online environment where cybercriminals are constantly trying to steal login and personal information through phishing emails, malicious links, fake online forms, and more.

What UNB services require MFA?

As of Jan. 5, MFA is required to access all UNB Microsoft 365 services. This includes:

  • Email
  • Teams
  • OneDrive
  • SharePoint
  • Office web apps (Word, Excel, etc.)
  • Other M365 applications (accessed via the Microsoft 365 link in myUNB)

MFA will also be required to access other IT services in the future.

What can I expect when logging in to services with MFA?

At a glance:

  1. Enter your UNB password
  2. Use your phone to verify your identity
  3. You're securely logged in!

Full details:

Here's what to expect when logging in to M365 services, on any device, after MFA is turned on:

  1. You'll be prompted with a 'More information required' screen. Click Next.
  2. On the UNB login screen, enter your UNBloginID@unb.ca (if not already pre-filled) and UNB password then click Sign in.
  3. An approval request or one-time code will be sent to your MFA method (i.e. the Microsoft Authenticator app on your phone/tablet or a text (SMS) message to your phone). Approve the notification/enter the code provided to finish signing in.
  4. You should now be logged in.

How often will I be prompted to log in and use MFA?

It depends on whether you’re on a UNB-owned or personal device, what network you’re connected to, how long it’s been since you last logged in, and other factors.

Here are some general tips to help reduce how often you’re prompted:

  • When logging in through a web browser on personal devices, select to "Stay signed in". NOTE: Do not do this when using shared or public computers. 
  • Use a UNB-owned device (e.g. faculty/staff or lab computers) whenever possible
  • Use desktop/mobile apps instead of a web browser – you’ll be prompted to log in less often if you download apps like Teams, Outlook (for checking email/calendar), and Office Apps (Word, Excel, etc.) directly onto your computer or mobile device instead of using the web versions.
  • Use Microsoft Edge as your default web browser

Do I need data or Wi-Fi to use the MFA app on my phone?

No - the Authenticator app provides a verification code option that will work even if you aren't connected to Wi-Fi or using cellular data. See Microsoft's Authenticator app FAQ for more information.

To use a verification code instead of an approval notification to sign in:

  1. When prompted for MFA, click the 'sign in another way' link
  2. Select the 'Use a verification code from my mobile app' option
  3. Open the authenticator app on your mobile device and click on your UNB account (displayed as 'Azure AD' followed by your UNB email address). A one-time password code will be displayed
  4. Enter the one-time password code from the app on the log in screen to finish logging in 
If desired, you can also change your default MFA method to always use verification codes.

Can I add additional/backup authentication methods?

Yes, you can add additional/backup authentication methods to your account at any time:

  1. Go to https://myaccount.microsoft.com
  2. Log in with your UNBloginID@unb.ca (don’t forget the @unb.ca) and UNB password if prompted (if you're already logged in to M365, you won't need to log in)
  3. In the Security info section, click Update Info >
  4. Click + Add method.

Can I use another authenticator app besides Microsoft Authenticator?

Yes, but please keep in mind Microsoft Authenticator is UNB’s recommended and supported authenticator app and support for other authenticator apps will be limited.

How do I change my default MFA method?

  1. Go to https://myaccount.microsoft.com
  2. Log in with your UNBloginID@unb.ca (don’t forget the @unb.ca) and UNB password if prompted (if you're already logged in to M365, you won't need to log in)
  3. In the Security info section, click Update Info >
  4. Next to Default sign-in method: click Change
  5. Select the method you would like from the drop down then click Confirm

What if I don’t have my phone with me when trying to log in to M365?

If possible, retrieve your device or click ‘Sign in another way’ and use your backup method.
If you don’t have a backup option and cannot easily retrieve your device, please contact the IT Service Desk.

What if the device I use for MFA is lost or stolen?

Use your backup method if possible. If your backup also isn’t available, contact the IT Service Desk.

I just got a new mobile device. What should I do?

If you get a new phone, or if you’ve re-installed the Microsoft Authenticator app, you'll need to re-add the app as an authentication method to your account.

To do this, you’ll need to log in using a backup MFA method you already set up. If you don’t have a backup method set up or can’t use your backup method, contact the IT Service Desk for help.

I received a notification to approve a sign in when I wasn’t trying to log in to a service. What should I do?

Do not approve the sign-in. Someone might be trying to log in to your account as you.

You can review your M365 sign-ins at any time in your M365 account portal (https://myaccount.microsoft.com) - click ‘My sign-ins’ in the menu. These details can help you figure out if the device attempting to log in is yours.

If you have any questions or concerns related to a sign-in attempt, contact the IT Service Desk.