Multi-factor Authentication | Information Technology Services | UNB

Multi-factor authentication

Multi-factor authentication (MFA) is an extra layer of security required to access UNB services like email, Teams, OneDrive and the MyUNB Intranet. 

The Microsoft Authenticator app is UNB’s recommended MFA method. It’s fast, secure, and works on UNB and personal smartphones and tablets (Android, iOS, Windows).

Set up MFA

Watch the video below to set up MFA using two devices (computer and mobile device).

Get the written instructions.

I’m using only a mobile device, how can I set up my MFA?

Get instructions for setting up MFA using your mobile device only.

In case my mobile device is lost or stolen, can I set up a backup MFA method?

Yes. Add a backup MFA method now to still be able to log in to your UNB IT services in case of lost or stolen devices.

  1. Go to https://myaccount.microsoft.com 
  2. Log in with your UNBloginID@unb.ca (don’t forget the @unb.ca) and UNB password if prompted (if you're already logged in to M365, you won't need to log in)
  3. In the Security info section, click Update Info >
  4. Click + Add method
  5. Read the next question, "What options do I have for a backup MFA method?"

You can set up to five (5) backup MFA methods per account.

  1. Text message (SMS) authentication to receive text messages with a one-time code to enter when prompted for MFA.
  2. A secondary mobile device - the Microsoft Authenticator app can be set up for your account on multiple devices.
  3. If you do not have a mobile device: A hardware security key (e.g. YubiKey 5 series) can be used for MFA. These are small devices that use your USB slot or an NFC connection to act as virtual “keys” to your account or which produce one-time codes similar to those received on a mobile device using SMS authentication. Make sure you choose one with the right connection type for your device.

Before I get a new mobile device, what should I do? 

Before you get rid of your old mobile device, you will need to transfer (or re-add) your MFA setup to your new one.  

If you don’t have your old mobile device or can’t access your MFA account using your backup method, contact the IT Service Desk  for help. 

Troubleshooting

If your mobile device does not support the Microsoft Authenticator app you can set up text message (SMS) authentication to receive text messages with a one-time code to enter when prompted for MFA. 
 
This works on UNB and personal smartphones and cell phones. NOTE: this method does not work with UNB VoIP (Teams) phones.

A hardware security key (we recommend the Yubikey 5 series) can be used to generate a one-time code for MFA.
  • Faculty/Staff: Please contact your Level 1 or the IT Service Desk for more information or contact your department to learn if your hardware security key can be reimbursed through your department.
  • Students/Retirees/guests/alumni: You can purchase a hardware security key from an external provider (like Amazon) if desired. Make sure you choose one with the right connection type for your device. Please contact the IT Service Desk for additional details.

Once you have your hardware token, follow these setup instructions.

  1. Go to https://myaccount.microsoft.com 
  2. Log in with your UNBloginID@unb.ca (don’t forget the @unb.ca) and UNB password if prompted (if you're already logged in to M365, you won't need to log in
  3. In the Security info section, click Update Info > 
  4. Next to Default sign-in method: click Change 
  5. Select the method you would like from the drop down then click Confirm 

Do not approve the sign-in and contact the IT Service Desk. Someone might be trying to log in to your account as you. 
Note: If an IT service stops working for you after you deny the login, it was likely you. 
You can review your M365 sign-ins at any time in your M365 account portal (https://myaccount.microsoft.com) - click ‘My sign-ins’ in the menu. These details can help you figure out if the device attempting to log in is yours. 
If you have any questions or concerns related to a sign-in attempt, contact the IT Service Desk.

If possible, retrieve your device or click ‘Sign in another way’ and use your backup method.

If you don’t have a backup option and cannot easily retrieve your device, contact the IT Service Desk.


About multi-factor authentication

MFA is an extra layer of security that requires you to use two or more different verification methods to log in to a device or account. You likely already use MFA for other personal accounts without realizing it like:

  • Using your bank card + a PIN to withdraw money from a bank machine
  • Entering a password + a code sent to your phone to access an online account

MFA helps protect your account by keeping it secure even if your password becomes compromised. This is particularly important in today’s online environment where cybercriminals are constantly trying to steal login and personal information through phishing emails, malicious links, fake online forms, and more.


At a glance:

  1. Enter your UNB password
  2. Use your phone to verify your identity
  3. You're securely logged in!

Here's what to expect when logging in to an MFA-enabled service:

  1. You'll be prompted with a 'More information required' screen. Click Next.
  2. On the UNB login screen, enter your UNBloginID@unb.ca (if not already pre-filled) and UNB password then click Sign in.
  3. An approval request or one-time code will be sent to your MFA method (i.e. the Microsoft Authenticator app on your phone/tablet or a text (SMS) message to your phone). Approve the notification/enter the code provided to finish signing in.
  4. You should now be logged in.

It depends on whether you’re on a UNB-owned or personal device, what network you’re connected to, how long it’s been since you last logged in, and other factors.

Here are some general tips to help reduce how often you’re prompted:

  • When logging in through a web browser on personal devices, select to "Stay signed in". Do not do this when using shared or public computers.
  • Use a UNB-owned device (e.g. faculty/staff or lab computers) whenever possible
  • Use desktop/mobile apps instead of a web browser – you’ll be prompted to log in less often if you download apps like Teams, Outlook (for checking email/calendar), and Office Apps (Word, Excel, etc.) directly onto your computer or mobile device instead of using the web versions.
  • Use Microsoft Edge as your default web browser

No - the Authenticator app provides a verification code option that will work even if you aren't connected to Wi-Fi or using cellular data. See Microsoft's Authenticator app FAQ for more information.

To use a verification code instead of an approval notification to sign in:

  1. When prompted for MFA, click 'sign in another way'
  2. Select the 'Use a verification code from my mobile app' option
  3. Open the authenticator app on your mobile device and click on your UNB account (displayed as 'Azure AD' followed by your UNB email address). A one-time password code will be displayed
  4. Enter the one-time password code from the app on the log in screen to finish logging in

If desired, you can also change your default MFA method to always use verification codes.


Yes, but please keep in mind Microsoft Authenticator is UNB’s recommended and supported authenticator app and support for other authenticator apps will be limited.