As part of the University's ongoing focus on cybersecurity, multi-factor authentication (MFA) is now enabled for all UWA staff.
Multi-factor authentication adds an extra layer of security to both your UWA identity and data, and is fast becoming a requirement for many services where confirming identity is vital, from online banking and government services, through to social media and cloud service accounts. In short, it requires you to provide two or more factors – sometimes called 2-step verification – to verify your identity when accessing UWA services.
How does MFA work?
In a typical MFA setup, you will use your smartphone – either via an app, or by being sent an SMS or phone call – along with your existing Uni-ID credentials (the combination of your firstname.lastname@example.org and password) to access UWA services.
When you try to access these services, you'll be prompted for your Uni-ID credentials, and will then be prompted to respond to an MFA "challenge". This challenge will either take the form of an app notification on your smartphone, an SMS, or an automated phone call. Once you have successfully passed the challenge, you'll be able to access UWA services as per normal. You also won't be forced to pass a challenge every time; typically, you'll be prompted every 14 days, or when you access UWA services from a new device or location.
In practical terms, MFA will be required when you access University resources while not connected to the UWA network (e.g. working from home, or while connected to a mobile network on a smartphone etc.). As the project progresses, MFA will be required for additional services, and eventually will be required whether you’re on campus or not.
For the above reasons, we recommend that you set up MFA regardless; that way, you won’t be put in a position of needing to access UWA resources, and not being able to.
How to set up MFA
A full setup guide catering to the different setup options – along with UWA’s recommended settings – is available below; setup typically takes around 10 minutes, and is best done during business hours should you require assistance from your IT Service Delivery Centre.
Lastly, we acknowledge that MFA does introduce a layer of complexity, and we thank you for your assistance in keeping both your and the University’s data and services secure.