As part of ongoing efforts to improve cybersecurity for KPU students, we are implementing multi-factor authentication (MFA) for all KPU accounts.
This change will affect the use of Microsoft Office apps, as well as other applications at KPU using the new Unified Login system.
What is Multi-Factor Authentication?
Multi-factor authentication requires you to provide additional information to gain access to some KPU services.
How does MFA work?
When you attempt to login to a service that uses MFA, you will enter your username and password as normal. Then you will be prompted to use your chosen MFA method. This can be entering a time-based one-time password, also known as a temporal one-time passcode (TOTP), from an authenticator app or hardware token, or it can be performing number matching in the Microsoft Authenticator app.
What can I use as my multi-factor authentication method?
We recommend the use of Microsoft Authenticator, as it integrates directly with your Microsoft Account at KPU, and is supported on most smartphones and tablets on both iOS and Android. For older Android devices, Google authenticator is supported on Android 4.4 and up.
Less secure methods such as audio and text message are also available where you would have to provide your phone number to receive a call or text to verify your identity.
Other TOTP-based MFA apps should also work, though we cannot guarantee full support or functionality of all MFA applications.
If you are unable to make use of any of these options, please contact the IT Service Desk (604-599-2116 or servicedesk@kpu.ca) for additional support.
| Microsoft Authenticator | Google Authenticator |
Image
 | Image
 |
|
|
| Setup Guide for Microsoft Authenticator | Setup Guide for Google Authenticator |
Authenticator Lite through Outlook Mobile
While we recommend using Microsoft Authenticator for a consistent experience in KPU's computing environment, Outlook mobile may also be used as an MFA factor under certain conditions, using the app's Authenticator Lite feature.
When you have MFA requirements enforced on your account, you may be prompted by Outlook Mobile to use it as an authenticator. If so, you may enable this feature and use it as your additional factor. We are unable to force Outlook to enable this feature on a given device, so if you do not receive the prompt, you will need to install Microsoft Authenticator, or another TOTP based authenticator app, like Google Authenticator.
If your Outlook mobile app is able to be used as an authenticator, you will see this prompt:
Once set up, when you log into your account you will receive a notification with a number matching prompt as a notification:
You can also login using TOTP Codes by opening the Authenticator section under Outlook’s settings pane:
Do I need a data plan to use MFA on my phone?
While some MFA application functions can make use of a data plan if it is available, you do not need a data plan to use MFA.
Any TOTP-based MFA app can be used without having an active data or cellular connection on your phone. TOTP MFA relies on shared secret information between your account and the app, and your device having an accurate clock.
Frequently Asked Questions.
Please visit our FAQ Page
To learn more about when you can add MFA to your account, visit the MFA self enrolment page
You will receive a communication from servicedesk@kpu.ca to let you know you need to set up MFA to access your online KPU services.
Please contact the IT Service Desk (604-599-2116 or servicedesk@kpu.ca) for support.