UNSW security update for Multi-Factor Authentication

02 Feb 2023
UNSW security update for Multi-Factor Authentication

From 14 February all students and staff using Authenticator push notifications will receive a new number matching process.

Microsoft is improving the authentication process for all its products and, as a result, UNSW IT will be implementing three Multi-Factor Authentication (MFA) security improvements.

New number matching process in the Authenticator app
When accessing a Single Sign-On (SSO) application, you will be asked for MFA. If you’re using push notifications with your Microsoft Authenticator app, a number will be sent to your computer screen which you need to enter into the app on your smartphone. Tapping ‘Yes’ will then finish the authentication process and the application will open.

MFA

Please note:

  • On or after 14 February, number matching will occur the first time you are prompted to MFA
  • This doesn’t apply to those using the six-digit One Time Passcode (OTP) within the app, such as China-based students
  • This doesn’t apply to students or staff who only use a YubiKey.

If you are accessing an SSO application on the same smartphone used to authenticate, then select ‘I can’t see the number’ and you will be shown a two-digit number to enter.

Improved fraud alert
If you receive a push notification on your Microsoft Authenticator app, but it wasn’t your action, you can click ‘No It’s Not Me’ in your app. At this point, a ‘Report Fraud’ message will appear. You can then select ‘Report’ and the fraud attempt will be sent to the UNSW IT Cyber Security Operations team for investigation.

New students and staff to set up MFA as part of their onboarding
New students and staff are required to set up MFA before they can access SSO applications. They will no longer have a grace period where MFA can be skipped.

Learn more
Read more about Multi-Factor Authentication, including FAQs, guides and privacy information.
Please contact the IT Service Centre on 02 9385 1333 for technical assistance.

Comments