Returning to campus with 2FA and a new mobile device and/or number?


2FA is required for all McGill accounts in 2021

As of July 29, 2021, 79% of student accounts and 81% of staff and faculty accounts are protected with 2FA.

Not enrolled? Enroll now

Staying cybersafe is part of everyone's McGill journey.

Find all the cybersecurity tools and resources you need to secure your journey at


Whether you realize it or not, you're actually using 2FA all the time, like when you withdraw money from your bank account at an ATM.

2FA protects your McGill account like your PIN protects your bank account.  

Enroll now

Would you go skydiving without a parachute? 

Secure your journey with 2FA, the parachute for your McGill account.

Enroll now


According to, 2FA could protect you from the effects of:

  • 100% of automated bots
  • 96% of phishing attacks
  • 76% of targeted attacks

Own your digital safety. Enroll now

How it works

  • On campus: 2FA will be required to access applications that involve higher security tasks (e.g., Workday). You may not be prompted for 2FA when logging in from trusted locations or devices, such as McGill-owned computers and laptops.
  • Off campus: You will be prompted every time* you log into most applications (e.g., Office 365, my Courses, Workday, etc.) and on the Virtual Private Network (VPN).

*Once you have authorized access from a specific device, you can reduce the number of times you are required to authenticate by checking the box "Don't ask again for 60 days" when you are prompted.

          Option 1: Microsoft Authenticator app             (strongly recommended)

                             Option 2:  Text message

Illustrations depicting authentication methods:  app notification and text message


BONUS! Self-service password reset

With 2FA you will have the ability to easily reset your McGill password using self-service password reset (SSPR).

Ready to improve your login security?  Get started!

Need more info? Visit the FAQs.

Back to top