New two-factor authentication (2FA) enhancements
Over the next few months, we will introduce enhancements for those of you that use Microsoft Authenticator for two-factor authentication (2FA), and make it much easier for you to report suspicious emails in Outlook.
Progressively, we will increase the number of times you will receive an authentication prompt depending on the sensitivity of the data in the system you are accessing. If you sign into systems that host sensitive or confidential data, you may have to authenticate on a daily or weekly basis. To mitigate this, we’re improving the sign-in prompts, so you’ll have less to click on.
Over the summer, we will also deploy new features that give you more context for why you are receiving a 2FA prompt.
App: This tells you which McGill application or service is triggering your 2FA authentication prompt, so you have an extra way to verify if it’s a legitimate request.
For example, if you get an “Are you trying to sign in” prompt for Workday after you entered your username and password, click “Yes”.
Location: This shows the general geographic location of the network where the 2FA request is coming from, and helps to determine if it is legitimate by providing a visual cue. Note that it does not use your device’s GPS.
Please note: If you are using a Virtual Private Network (VPN), you will see the general location of the VPN server, which may not match your current physical location.
If you receive a 2FA prompt from an app that you are not currently using, take a moment to think and question if it is legitimate before clicking “Yes”.
Not already enrolled in 2FA? To benefit from additional protection against cyber threats, start using Microsoft Authenticator now!