Protecting your data with MFA

Person using phone to log in

To improve our cybersecurity and protect personal data, all BCU staff, students and graduates will need to register for Multi-Factor Authentication (MFA). MFA means you will need to verify your login when accessing BCU systems, similar to what you may have set up for online banking. 

What is Multi Factor Authentication?

Multi Factor Authentication (MFA) is the process of using two or more independent factors to verify a user's identity for a login, and to access secure data - similar to what you may use with online banking.

  • The first factor is something known only to you - your BCU password.
  • The second factor is a single use code sent to your personal device (mobile phone or tablet) OR a message sent asking for confirmation that you are attempting to log in.

Why do we need MFA? What are the benefits?

MFA protects your personal data, BCU data and keeps the University secure against cyber attacks.

Each year, cyber attacks are becoming more sophisticated and safeguarding our data has become more crucial than ever. Multi Factor Authentication is just one of the vital security measures in place as a solution to this.

Always remember that, as a staff member, student or graduate of BCU, you have a responsibility to keep data secure and be on guard against possible breaches and theft.

Which systems are protected by MFA?

Most BCU services are protected by MFA, including:

  • iCity
  • Outlook (email)
  • Moodle
  • Mahara
  • Office 365 suite of applications

How do I register for MFA?

When you attempt to login to access any BCU services, you will be prompted to register for MFA. Follow these simple steps to activate your authentication.

View User Guide

You will not be able to access BCU services until you have activated your authentication.

Changing your password

MFA also gives you the ability to reset or change your BCU password yourself, from home.

If you have been set up with MFA, you will now have access to reset or change your password for BCU services when you:

  • Are working remotely from the BCU network (at home or somewhere else off campus),
  • Have internet access and,
  • Have access to the device with your MFA method.

Instructions for resetting your password are available from iCity.

Instructions: How to reset your password

For IT Help and support

Please visit your local IT Help desk onsite, or call IT Help at 0121 331 6543, for help and support. Please note, staff will need to visit an IT Help desk onsite to get your BCU password or MFA method changed for you, as it is not possible to verify identity over the phone.

Multi-Factor Authentication FAQs

What do I need in order to use MFA?

In order to register for MFA, you will need to download the Microsoft Authenticator Application. When you attempt to log in to a BCU service, a prompt will be sent from the app on your personal device asking you to approve the log in.

When will I be asked to use MFA?

You may be prompted to log in using MFA to access BCU services like Outlook emails and calendar, Moodle, iCity, and more.

Do I have to use this to log in to a BCU PC/laptop?

No. MFA is not used for logging into PCs or laptops.

Can I change my preferred MFA option?

Yes, you can change your MFA method yourself, if you still have access to your old method. If you no longer have access to your old method, or you face issues changing your MFA method yourself, you will need to visit an IT Help desk onsite with your BCU ID card, and IT can reset your MFA for you.

What data about me does the App collect?

Like many Apps, this one collects data to enable service improvements, the Microsoft Authenticator App’s Privacy policy complies with GDPR and allows you to customise what data is collected and switch on/off data gathering. However, in order to function properly, the App requires access to several phone features and resources including your account settings, contacts, SMS to receive messages, read and write to memory storage and use of the camera to read a QR code on set up.

I don’t have or don’t want to use my mobile phone for this. How can I log in?

If you would prefer, you can use another mobile device such as a tablet or iPad. You can download the authenticator app on this device and use that method to authenticate.

How long can I take to type in the MFA code?

The codes from the Microsoft Authenticator app are refreshed every 30 seconds and are only valid whilst displayed on screen. The app shows a countdown of how much time is left so ideally you should wait for the code to auto refresh to give you the most time to enter it.

What if I forget or lose my phone?

If you no longer have the device with your Microsoft Authenticator app set up, you will need to visit an IT Help desk onsite with your BCU ID card, and IT can reset your MFA method for you.

What if I get a code, call, or request to approve access when I am not trying to log in?

Please change your BCU password and contact IT Help as soon as possible to let them know that someone is trying to get into your account.