Multi-factor authentication is a way of increasing the security of your account. When you login to a service you are providing a “factor” of authentication, usually a password. This is referred to as “something you know”, but there are other factors such as “something you have” and “something you are”. MFA adds the ability for you to use “something you have” to also help prove that you are who you say you are, in this case a mobile device that only you have.
The way it works is that when you login to certain UniSA services you will be asked to provide your regular account and password, and then you may be asked for a code or to approve a notification that will be sent to your mobile device. This prevents a hostile party from using your account without your permission, as only you will have access to your mobile device so only you will be able to provide the code or approval.
Passwords can be stolen, guessed or hacked, and compromised user accounts have become one of the primary methods used by cyber criminals to gain access to networks and data. New technology and hacking techniques combined with the limited pool of passwords most people use for multiple accounts means information online is increasingly vulnerable.
Multi-factor authentication adds a second factor of authentication as an additional layer of security to make sure that no one else can access your account, even if they know your password. The second factor of authentication is separate and independent to the password step and never uses or sees your password.
When you attempt to access certain UniSA applications and services, you will be prompted to enter your username and password as usual (the first ‘factor'). You will then be taken to an additional MFA screen. The first time you visit one of these MFA pages, you will be asked to enroll an MFA factor, either SMS or a mobile application (the second 'factor'). On subsequent visits, you will be directed to an MFA screen where you will be asked to submit a code or approval sent to your enrolled MFA factor. This additional step is used to verify the person logging in is really you, not someone else that has stolen your credentials.
All UniSA staff and students will be required to register and use MFA to access UniSA applications and services
Your mobile device number is securely stored with UniSA’s provider and is only used for the purpose of your account security.
NOTE: UniSA has been notified by our service provider for multi-factor authentication, that as of Monday 17th October 2022 they will cease to service requests from the countries identified by the United States regulatory changes to their export control laws. As such any UniSA users will not be able to access UniSA’s digital environment from Cuba, Iran, North Korea, Syria, the regions of Crimea, Luhansk (LNR) or Donetsk (DNR either directly through the internet or through a VPN (virtual private network).
