2SV: What is 2-Step Verification (2SV)?

security M365 MFA 2SV secondAPPID

Passwords are the main way VIU accounts are protected today. However, passwords alone are no longer enough to secure your important documents and access. Cyber criminals can get into your account if they guess your password correctly. They can also trick you into sharing your password by using a phishing email or finding a stolen password that has leaked on the internet. That's why almost all online services (including social media, banks, shopping, etc.) have added a way for your accounts to be more secure. This includes higher education institutions, which have become prime targets of phishing and ransomware attacks in recent years.

What is 2-Step Verification (2SV)?

2-Step Verification (Also commonly referred to as 2SV, Multi-factor Authentication (MFA) or 2-Factor Authentication) allows you to log in only after successfully presenting two or more pieces of evidence or "steps". These steps are a more secure way of verifying that it's you when you try to log in. For example, a password is one kind of step, it's a thing you know.

The three most common types of steps are:

Something you know - Such as a password
Something you have - Such as a smart phone or a hardware Token
Something you are (also called biometrics) - Such as a fingerprint or facial recognition (VIU does not currently employ this method.)

VIU Employees, and VIU Associates that have a VIU account, are now required to use 2SV for some services. With 2SV, your account will be protected with both your password AND your phone (via a text, phone call, or app), or a Hardware token, provided by VIU, to be used on your computer. This adds an extra layer of security that prevents unauthorized access to your account and helps to ensure that student and employee data is protected.

What VIU services will require 2SV?

VIU email (Outlook and Webmail)
Microsoft 365
IT Client Portal
OneDrive
Teams
Other services will eventually be added to this list

How does it work?

A 2-Step Verification enrollment has been activated for VIU accounts,. If you are not using a wired network or Secure VIU on Campus, you'll be prompted to enter your password AND a verification code when you sign-in to your email account for the first time on a new device. After the initial sign-in, the device will be trusted and will no longer prompt for approval the next time you sign-in. (If you are on a VIU Campus using our Wired Network or VIU-Secure you will not get these prompts).
IF you have NOT set up your account for 2SV, you will be prompted to do so the first time you log into a secure VIU resource. Please call the Service Desk if you need assistance with this process.

Who needs to sign up for 2SV?

VIU Faculty, staff and VIU Associates that have a VIU account (ex. Retirees, Affiliates, Honorary Research Associates and Adjunct Faculty).

When will 2SV be required for VIU Associates?

2SV is now mandatory for all VIU Associates, the voluntary period has ended.

When will 2SV be required for employees?

2SV is now mandatory for all VIU faculty and staff. the voluntary period has ended. This includes retirees who opt in to retain access to their email account.

Will 2SV be required for students?

A date has not yet been set to open 2SV up to students.

How do I enable 2SV for my account?

Click anywhere on the green banner below to open the 2SV set up page:

How do I set up 2SV?

Will I need to set up 2SV for each application?

You do not. One setup will work across all relevant applications/programs. You only need to enroll once.

What if I already have the MS Authenticator App for another business?

You can set up your existing MS App so that it will work for VIU as well as the other business. Instructions for setting up a second Verified ID are provided in the Instructions:
How do I set up 2SV - look at Option 1, Step 5 for the link to the PDF.

Will 2SV slow down the performance of my applications?

No, there is no impact on system performance.

Do I need to verify every time I sign in?

Not at all! Verification lasts for 30 days, at which point you will be prompted to verify again the next time you sign in. Please note that each 'verification' is independent. This means if you sign in to Outlook one day, but sign in to Teams four days later, they'll each hold their own 30 day timers.

Keep in mind, that if you are on Campus and connected to a Wired Network or Secure VIU (wifi), you will not be prompted for verification.

Do I need to verify for every application I use?

Yes. Each applicable app requires it's own verification, and each verification last for 30 days, on it's own timer.

What if I get a verification I did not request?

Check your logged in devices (Computers, mobile devices, etc.) for prompts.
- Remember that each app on each device requires re-authentication every 30 days
- Apps like email or teams on a mobile device will likely try to authenticate repeatedly
- Make note of the location that the request is coming from. While not precise, the notification should provide the general area that the request is coming from.
If it is not your device(s), Deny the request and Change Your Password immediately
- You'll only receive a verification request from a program that already has your password. If it doesn't come from your devices, it came from someone else that's already compromised your password.
- Note: A common tactic in these situations is to repeatedly send verification requests until you say yes, just to make the notifications stop. This has been observed in security breaches at Uber and other high profile companies.

What is the recommended method of 2SV?

The Microsoft Authenticator mobile app is the recommended method for most users, as it is the most secure. It provides both online and offline code options to log in, which is useful if you are at an offline location (such as out of country). The Microsoft Authenticator app takes up very little space on your phone, and you can use the app without an Internet connection or cellular data.

NOTE: The Microsoft Authenticator App for Android Phones requires an OS of 8.0 or higher. Apple phones require iOS 14 and up.
If your phone is not able to update to a current OS, you can still use it with Option 2 - receive a text or phone call.

Can I 'Opt out' of 2SV?

Once you are signed up for 2SV, there is no option to opt out. 2SV will be required to access some applications moving forward, so users of these applications will need to be enrolled.

How much data does the Microsoft Authenticator app use?

If you have set up Microsoft Authenticator to notify you to authenticate, it only uses a minimal amount of data -- less than 2KB per authentication. If your device is connected to Wi-Fi, no mobile data will be used. If you use the code generated by the Microsoft Authenticator App, no data will be used.

Can I use a different authenticator app?

While the MS authenticator app is the default, you can use any compatible authenticator app. Please note that there will be limited or no support from the IT Service desk for non-MS apps.

I have more questions. Where can I get assistance?

A few different places!

You can find non-IT peer support via Teams.
For issues in signing up or verifying your applications, you can reach out to the IT Service Desk at ithelp@viu.ca
You can call the IT Service Desk at 250-740-6300/1-833-902-6301 (Toll Free), Monday to Friday, 8:00 AM - 4:30 PM.

Sign in to leave feedback

0 reviews

Details

Article ID: 2920

Created

Sat 2/12/22 6:42 PM

Modified

Mon 1/15/24 11:14 AM

Related Articles (4)

2SV: How do I authenticate using a 2SV hardware token?

2SV: How do I change or add verification options?

2SV: How do I set up 2-Step Verification (2SV)?

2SV: How do I set up Microsoft Authenticator on a new phone?