Multi-Factor Authentication (MFA) for students

As part of ongoing efforts to improve cybersecurity for KPU students, we are implementing multi-factor authentication (MFA) for all KPU accounts.
This change will affect the use of Microsoft Office apps, as well as other applications at KPU using the new Unified Login system.

What is Multi-Factor Authentication?

Multi-factor authentication requires you to provide additional information to gain access to some KPU services.

How does MFA work?

When you attempt to login to a service that uses MFA, you will enter your username and password as normal. Then you will be prompted to use your chosen MFA method. This can be entering a time-based one-time password, also known as a temporal one-time passcode (TOTP), from an authenticator app or hardware token, or it can be performing number matching in the Microsoft Authenticator app.

MFA Login Process

What can I use as my multi-factor authentication method?

We recommend the use of Microsoft Authenticator, as it integrates directly with your Microsoft Account at KPU, and is supported on most smartphones and tablets on both iOS and Android. For older Android devices, Google authenticator is supported on Android 4.4 and up.

Less secure methods such as audio and text message are also available where you would have to provide your phone number to receive a call or text to verify your identity.

Other TOTP-based MFA apps should also work, though we cannot guarantee full support or functionality of all MFA applications. 


If you are unable to make use of any of these options, please contact the IT Service Desk (604-599-2116 or for additional support.


Microsoft AuthenticatorGoogle Authenticator
Microsoft Authenticator Icon
Google Authenticator Icon

Get it on Google Play

Download on the App Store

Get it on Google Play

Download on the App Store

Setup Guide for Microsoft AuthenticatorSetup Guide for Google Authenticator

Authenticator Lite through Outlook Mobile

While we recommend using Microsoft Authenticator for a consistent experience in KPU's computing environment, Outlook mobile may also be used as an MFA factor under certain conditions, using the app's Authenticator Lite feature.

When you have MFA requirements enforced on your account, you may be prompted by Outlook Mobile to use it as an authenticator. If so, you may enable this feature and use it as your additional factor. We are unable to force Outlook to enable this feature on a given device, so if you do not receive the prompt, you will need to install Microsoft Authenticator, or another TOTP based authenticator app, like Google Authenticator.

If your Outlook mobile app is able to be used as an authenticator, you will see this prompt:

Microsoft Outlook Authenticator Lite setup prompt

Once set up, when you log into your account you will receive a notification with a number matching prompt as a notification:

Microsoft Outlook Authenticator Lite Authorization prompt

You can also login using TOTP Codes by opening the Authenticator section under Outlook’s settings pane:

Microsoft Outlook Authenticator Lite TOTP Code

Do I need a data plan to use MFA on my phone?

While some MFA application functions can make use of a data plan if it is available, you do not need a data plan to use MFA.

Any TOTP-based MFA app can be used without having an active data or cellular connection on your phone. TOTP MFA relies on shared secret information between your account and the app, and your device having an accurate clock.

Frequently Asked Questions.

Please visit our FAQ Page

To learn more about when you can add MFA to your account, visit the MFA self enrolment page

You will receive a communication from to let you know you need to set up MFA to access your online KPU services.

Please contact the IT Service Desk (604-599-2116 or for support.