George Brown Polytechnic Multi-Factor Authentication

Multi-Factor Authentication (MFA)

Keep the bad guys out

George Brown Polytechnic requires all users to enable Multi-Factor Authentication (MFA) when accessing George Brown resources. MFA is a cybersecurity best practice widely adopted by organizations worldwide to protect users and their systems and data. To provide an extra layer of security, you will be prompted to authenticate using the Microsoft Authenticator app on your mobile phone or tablet in addition to logging in to George Brown applications using your username and password. Read George Brown's MFA policy.

Follow the steps below to set up MFA. Have questions? Please refer to our FAQs.

Set up MFA using the steps below:

Step 1: On your phone:

  1. Download and install the latest version of Microsoft Authenticator app from the Google Play Store for Android (georgebrown.ca/android) or the App Store for iOS (georgebrown.ca/apple).
     
  2.  Open the Microsoft Authenticator app.
    Within the app, choose + Add account and then choose 'Work or school account'
     


     

  3.  Select Scan a QR code:
     

Step 2: On your laptop or desktop computer:

  1. Go to georgebrown.ca/begin.
     
  2. If you are not already signed in, select your account and log in as usual using your regular, numbered GBPID@georgebrown.ca and password.

     

  3. Select + Add sign-in method:
     

     

  4. Select Authenticator app and then click Add:
     

     
  5. Click Add to progress to the next screen, and then Next to reveal your QR code.

Step 3: On your phone:

  • Scan the QR code visible on your computer from Step 2. You will need to allow your phone to take photos while using the app to scan the QR code.
  • If you are having trouble scanning the QR code, click on the Can’t scan image option under the QR code to manually enter the code and URL in the app.

Step 4: On your computer:

  • Select Next. A notification is sent to the Authenticator app on your phone to test the account.
     

Step 5: On your phone:

  • Approve the notification in the Authenticator app by entering the number shown on your computer, and then select Next.

You are now set up for Multi-Factor Authentication.

Frequently Asked Questions

General Information

Why does George Brown require Multi-Factor Authentication (MFA)?

Multi-factor authentication (MFA) is used by many organizations worldwide to protect their systems and user data. Implementing MFA makes it more difficult for a threat actor to gain access to George Brown’s premises and information systems, such as remote access technology, email, and billing systems, even if passwords or PINs are compromised through phishing attacks or other means. George Brown is adopting it as part of its ongoing efforts to ensure the safety and security of our community.

Who is required to use Multi-Factor Authentication (MFA)?

All users of George Brown Polytechnic, including students, faculty, staff, contractors, and other affiliates, must enable and use Multi-Factor Authentication (MFA) to ensure the security of George Brown resources and data. This requirement applies regardless of the individual’s role or employment status.

Are exceptions to MFA allowed?

Exceptions may be granted only in cases of significant demonstrated need (not preference) after weighing the associated risks and costs. Exceptions are typically time-limited and designed to provide individuals additional time to comply. If you believe you qualify for an exception, you may request one by completing the exception form. Approved exceptions may include alternatives such as a hardware token for MFA.

If I'm using a personal computer, can I still use MFA?

MFA is setup on your phone and can be used to authenticate you whether using a personal or George Brown Polytechnic-issued computer, tablet or phone.

I have concerns about using MFA. How should I raise them?

MFA is essential to ensure the Cyber Security of George Brown Polytechnic systems and users. The Microsoft Authenticator app is solely used to authenticate your George Brown account, and George Brown has no access to your personal device(s) after you install the app. If you have any Cyber Security-related questions or non-technical concerns (e.g., AODA, etc.) please email us at cybersecurity@georgebrown.ca

What does using Multi-Factor Authentication mean for using apps such as Outlook and MS Teams?

Upon setting up MFA, you will be prompted to use it once a month or whenever you log in from a new location. This security measure is essential for accessing Microsoft Outlook, Teams, and STU-VIEW applications. Please be aware that additional applications will also require MFA in the near future.

Can I opt out of using MFA?

NO. To protect George Brown Polytechnic systems and our users, we require all employees and students to use MFA when accessing designated George Brown applications. MFA is being implemented to secure your data and accounts from malicious actors.

How can I learn more about cybersecurity?

If you'd like to learn more about cybersecurity best practices, please visit georgebrown.ca/it-resources.

If you have a cybersecurity-related question, please email us at cybersecurity@georgebrown.ca

Do I need to set up MFA if I am a student, alumni, or about to graduate?

All users who require access to George Brown Polytechnic resources, including students, alumni, and those about to graduate, must have Multi-Factor Authentication (MFA) set up to access George Brown resources.

What should I do if I forgot my phone or hardware token and need to log in?

If a user is unable to complete MFA because their phone or hardware token is unavailable, they may contact the Help Desk to request a one-time access code. This code provides temporary access to George Brown systems for remote use only and is intended for limited or exceptional circumstances.

Note: While a temporary access code is active, users will not be able to log in using on-campus computers. Users are expected to restore their MFA method as soon as possible to maintain uninterrupted access to George Brown systems and services.

Technical Support & Privacy Information

How can I access technical support for MFA?

Technical support is available by calling the Help Desk at 416-415-5000, ext. 4357 and selecting option 1 for the Helpdesk.

Which device can I install the Microsoft Authenticator app on?

The Microsoft Authenticator app is free and available for download from the Apple App Store and Google Play Store. If your phone or tablet can access one of these stores, you should have no issues downloading the app. To use the Microsoft Authenticator app, you must have a compatible device that meets the following minimum requirements:

  • Apple Devices
    • iPhone: Requires iOS 15.0 or later. 
    • iPad: Requires iPadOS 15.0 or later. 
    • iPod touch: Requires iOS 15.0 or later. 
    • Apple Vision: Requires visionOS 1.0 or later. 
  • Android Devices:
    • Require Android 8.0 or later.*

*Some Android devices, such as Huawei phones without Google Mobile Services, may not support the installation or proper functioning of the Microsoft Authenticator app. If your device does not meet the minimum requirements or you cannot download the app, please contact the Helpdesk at (416) 415-5000 x4357 or helpdesk@georgebrown.ca first to confirm the issue. If the Helpdesk confirms that your device is incompatible, you may request an exception by completing the exception form. Approved exceptions will include the provision of a hardware token for MFA. Please note that opting out of MFA is not permitted.

Note: Technical exceptions may only be granted to users who joined George Brown Polytechnic before April 2023. Approved exceptions will include the provision of a hardware token for MFA. 

What if I am unable to download or install the Microsoft Authenticator app?

The Microsoft Authenticator app is available at no cost and can be downloaded from the Apple App Store or Google Play Store. It is mandatory to have a compatible mobile phone or tablet capable of accessing these app stores to successfully install and use the Microsoft Authenticator app. If you encounter any issues downloading or installing the application, please contact the HelpDesk at (416) 415-5000 x4357 or helpdesk@georgebrown.ca.

I’m trying to sign in and I need to select the number in my app that’s displayed on the sign-in screen, but the notification prompt from Authenticator is blocking the screen. What do I do?

Select the 'I can’t see number' option on the notification so you can see the sign-in screen and the number you need to select. The prompt reappears after 3 seconds, and you can select the correct number then.

How can I scan the QR code?

Click "Verified IDs" at the bottom right of the MS Authenticator app, then select "Scan a QR code".

How is my location information used and stored?

The Authenticator app collects your GPS information to determine what country you are located in. The country name and location coordinates are sent back to the system to determine if you are allowed to access the protected resource. The country name is stored and reported back to George Brown, but your actual coordinates are never saved or stored on Microsoft servers.

Is registering a device agreeing to give George Brown Polytechnic access to my device?

Registering a device gives your device access to George Brown's services and doesn't allow George Brown to access your device.

Do I have to provide TouchID or FaceID when opening the Authenticator app?

No. You can turn off TouchID or FaceID for the Authenticator app by taking the steps listed here: https://ccp.com.au/microsoft-authenticator-turn-off-app-lock/

Why can't I use text messages or voice calls to authenticate?

SMS and voice calls are not encrypted. This makes them easier to intercept and both are vulnerable to phishing attacks. Attackers can also trick the phone company's employees into transferring a phone number to the attacker’s SIM card, thus the SMS codes being sent to them instead of you. Authentication apps such as Microsoft Authenticator can work offline despite any outages by your phone carrier. The recent Rogers outage is one example where text messages or voice calls would not have been possible. Also, attackers usually target the weakest link in security and with MFA, SMS is the weakest link.

How can I learn more about the Authenticator app?

Please visit Microsoft's Authenticator app webpage for more information.

How often will I be prompted to authenticate?

Once you have successfully registered for MFA, you will be prompted to authenticate when logging in to your George Brown accounts once a month, or whenever you are in a new, unrecognized location. 

Faculty/Staff:

  • Any Location outside of George Brown Polytechnic Campus:
    • Compliant George Brown device: No challenge
    • Non-compliant George Brown device: 30 days sign-in frequency
  • George Brown Polytechnic Campus:
    • Compliant George Brown device: No challenge
    • Non-compliant George Brown device: 30 days sign-in frequency

Students:

  • Any Location:
    • 30 days sign-in frequency.
What if an employee does not want to use MFA, but they don't qualify for an exemption?

As with all George Brown policies, procedures and guidelines, employees will be expected to abide by the George Brown’s MFA policy as part of their employment with George Brown. Employees who do not comply and do not have an approved exception will be subject to sanctions/discipline, which could include cancellation of contracts, being placed on an unpaid leave and/or disciplinary action up to and including termination.

Does MFA use the data on my phone? What about roaming if I am out of town?

MFA uses a very small amount of data if data (cellular or Wi-Fi) is available. If you would prefer not to use data at all, especially when roaming or if your phone is in offline/airplane mode, you can still authenticate by clicking on “sign in another way” and using the 6-digit number provided in the Microsoft Authenticator app.

What should I do if I get a new phone?

Please set up MFA on your new device before resetting your old device. This can be done by following the same steps for setting up MFA by going to www.georgebrown.ca/begin and going through the setup. Once you have setup Microsoft Authenticator on the new device, you can remove the old phone from your account on the same ‘security info’ page. Now the authentication prompt will appear on your new phone.

My phone was lost, stolen or broken. What should I do?

If you have lost or a broken device, please reach out to helpdesk by calling 416-415-5000 ext. 4357. 

I am getting error messages for the QR code during set up. What should I do?

Please make sure that you’re installing Microsoft Authenticator on a supported device meeting the following requirements:

  • Apple Devices
    • iPhone: Requires iOS 15.0 or later. 
    • iPad: Requires iPadOS 15.0 or later. 
    • iPod touch: Requires iOS 15.0 or later. 
    • Apple Vision: Requires visionOS 1.0 or later. 
  • Android Devices:
    • Require Android 8.0 or later.*

*Some Android devices, such as Huawei phones without Google Mobile Services, may not support the installation or proper functioning of the Microsoft Authenticator app.

If the QR code is invalid on one of the supported devices, please close the browser window and restart that step of the process, as the QR code registration has to be completed within a few minutes of code generation. For any technical issues, please contact the HelpDesk at (416) 415-5000 x4357 or helpdesk@georgebrown.ca.

I know I am prompted when I sign into Microsoft accounts, does this also apply to signing into Blackboard, D2L-Brighstpace and STU-VIEW?

Currently, MFA only applies to all Microsoft 365 services such as Outlook and Microsoft Teams, however all George Brown Polytechnic services will require MFA starting soon.

How do I back up/restore the Microsoft Authenticator app or transfer it to a new device?

For more information on how to back up and recover account credentials in the Authenticator app, please visit this Microsoft webpage.

Will I be required to use MFA when connecting to George Brown Polytechnic resources over Virtual Private Network (VPN)?

Yes. MFA is essential to mitigate the risks associated with unauthorized remote access and potential breaches. MFA adds an additional layer of security, ensuring that only authorized users can access the George Brown network and resources remotely.

What if I need assistance using MFA due to an accessibility issue(s)?

George Brown Polytechnic is compliant with Accessibility for Ontarians with Disabilities Act (AODA) requirements, should you have concerns or feedback on our accessibility and compliance please email us at cybersecurity@georgebrown.ca.

Can I get an exception in person at the LLC or ITAC offices?

No. The Cyber Security team handles all decisions regarding exception approvals. You must first complete the exception form if you are eligible. Unless you receive an official approval email from Cyber Security, do not visit the LLC, ITAC offices, or any other location to pick up a hardware token. You will not be provided with a hardware token without prior exception approval from Cyber Security. 

The Cyber Security team strives to process exception requests as quickly as possible. However, there may be delays in approval depending on when an exception request is submitted — such as weekends or holidays. In the meantime, the Helpdesk can provide a temporary access code to grant requestors access to George Brown Polytechnic resources for the day. Please contact the Helpdesk at (416) 415-5000 x4357 or helpdesk@georgebrown.ca for the temporary code.

 

Submit a Question

Have a question or concern not featured in our FAQs? Please submit it below for consideration and include your email should you wish to be contacted for follow up. Anonymous submissions are accepted. 

CAPTCHA
Land Acknowledgement

Land Acknowledgement

George Brown Polytechnic is located on the traditional territory of the Mississaugas of the Credit First Nation and other Indigenous peoples who have lived here over time. We are grateful to share this land as treaty people who learn, work and live in the community with each other.

Learn more