Multi-factor authentication (MFA) is a security enhancement that requires two sets of unique credentials before granting users access to an account (i.e., your password paired with a code sent to your mobile phone).

Why use multi-factor authentication?

Routinely, post-secondary institutions are targets of malicious phishing (i.e., impersonation emails, bogus job scams) and breaches to private data, including research. Stolen or compromised credentials and cloud misconfigurations are the most common causes of  malicious breaches. The addition of MFA empowers University of Toronto faculty, researchers, librarians and staff to better protect their work, research, data and identities.

Benefits include:

• Extra security against weak/compromised passwords: In the event that an account(s) is compromised (i.e., hackers gain access to login credentials), UTORMFA will ensure attackers won’t be able to complete the second login step, preventing unauthorized access to account(s).
• Protection against cyber-attack financial losses
• Potential for future technical innovations: Looking ahead, strengthening the University’s overall security will also result in more flexible implementations of new business processes and infrastructure solutions for the future.

Once you enable UTORMFA, you will either use your mobile phone or a hardware token to provide a second level of identification to certain U of T services. Full details about the service can be found on the UTORMFA Service website.