Protecting your data with MFA

In order to register for MFA, you will need to download the Microsoft Authenticator Application. When you attempt to log in to a BCU service, a prompt will be sent from the app on your personal device asking you to approve the log in.

You will also need to set up a secondary option, which you can choose from the following options:

1. Code to your mobile via SMS – You will receive a text message providing you with a code to enter on the log in page. This option is ideal for working remotely – works with any mobile phone, no app to install and no cost to receive SMS in the UK (roaming costs may apply to receive SMS outside of the UK). A mobile signal will be required to use this option.
2. Call to your mobile – As above, a quick call requesting you press the # key to authenticate your log in. This is another quick and easy option – no codes to enter, no app to install and works with any mobile phone. Roaming costs may apply to receive calls if you are working outside of the UK.

You will only be prompted to use MFA to log in when you are logging into your emails, Moodle, iCity and Office 365 applications from outside of the University. You will not be asked to use it when you are on campus.

Once you have logged in to your emails, Moodle, iCity, Office 365 using MFA, you will be remembered for that service until you log out or end your session. Remember this only applies when using protected services when outside of the University network.

No. MFA is not used for logging in to PCs or laptops, it only applies to accessing your email, Moodle, iCity and Office 365 applications.

No, the University Wi-Fi is still considered to be within the University network so you will not be prompted to use MFA if you take your laptop to a room and use the Eduroam Wi-Fi connections.

Yes, if you use a BCU laptop on any network other than in the University you will be prompted to use MFA to access any protected systems.

Yes, you can change your option at any time by logging into myapps.microsoft.com and either changing your phone number or choosing a different option. You will be required to authenticate with MFA to log into this site and will be prompted to authenticate with your new option as part of the process so must have the device with you.

There is no charge for using the MFA App, if you decide to use either the call back or SMS text option there is no cost for the calls or messages being sent to you within the UK, however if you use this from outside the UK you may be charged a roaming fee by your service provider. For more details on any charges please consult your mobile phone contract or contact your service provider.

Yes, you can use any mobile phone to receive SMS codes or a call back to approve your log in.

Like many Apps, this one collects data to enable service improvements, the Microsoft Authenticator App’s Privacy policy complies with GDPR and allows you to customise what data is collected and switch on/off data gathering. However, in order to function properly, the App requires access to several phone features and resources including your account settings, contacts, SMS to receive messages, read and write to memory storage and use of the camera to read a QR code on set up.

If you would prefer, you can use another mobile device such as a tablet or iPad. You can download the authenticator app on this device and use that method to authenticate. Alternatively, it is possible to nominate a fixed land line for MFA, so you can use your home land line if you are working from home. Using a land line for MFA is very simple, at the point where you need to confirm your log in you will receive an automated call that plays a recorded message asking you to press # to confirm you want to log in.

The use of MFA for access to secure BCU Data outside the University network has been mandated by the University to comply with GDPR. For this reason it is being applied to all University staff and students. If you are unwilling to use MFA you will be unable to access secure BCU data from outside the University and thus will not be able to work/learn from home if you need access these resources to complete that work. You will still be able to access all of these resources from within the University when it is open.

If you chose to receive a code via SMS text message it will be valid for 2 minutes before you will need to refresh the code. If you use the code from the App, these are refreshed every 30 seconds and are only valid whilst displayed on screen. The App shows a countdown of how much time is left so ideally you should wait for the code to auto refresh to give you the most time to enter it.

After the setup of your primary method of authentication, you have the option to add a secondary option, such as an alternative phone number, or the Microsoft Authenticator App. If you are not connected to the BCU network, and haven’t set up a secondary option, you will not be able to access secure BCU data. In this case, IT can reset your MFA registration, however for security reasons this can only be done by request in person whilst on site as it is not possible to confirm your identity over the phone.

Code – ignore this and report to the help desk. If someone is trying to gain access to BCU data using your details, they will not be able to log in without this code, your account will not be compromised. Request to approve access – deny this and report to the help desk. As above, if someone is trying to gain access using your details, they will not be able to without your approval via the app.

Call - hang up without pressing #. If the call is the result of someone trying to gain access to University data using your ID you have successfully blocked them. If you constantly receive calls you can lock MFA by pressing the key combination stated in the automatic message. Contact the IT Help desk as soon as possible to alert them to this and change your password.