Multi-Factor Authentication

Multi-Factor Authentication (MFA)

Keep the bad guys out

The college requires all users to enable Multi-Factor Authentication (MFA) when accessing George Brown College resources. MFA is a cybersecurity best practice widely adopted by organizations worldwide to protect users and their systems and data. To provide an extra layer of security, you will be prompted to authenticate using the Microsoft Authenticator app on your mobile phone or tablet in addition to logging in to college applications using your username and password. The college has introduced an MFA policy which can be located here.

Follow the steps below to set up MFA. Have questions? Please refer to our FAQs below or email mfa@georgebrown.ca.

Set up MFA using the steps below:

Step 1: On your phone:

  1. Download and install the latest version of Microsoft Authenticator app from the Google Play Store for Android (georgebrown.ca/android) or the App Store for iOS (georgebrown.ca/apple).
     
  2.  Open the Microsoft Authenticator app.
    Within the app, choose + Add account and then choose 'Work or school account'
     


     

  3.  Select Scan a QR code:
     

Step 2: On your laptop or desktop computer:

  1. Go to georgebrown.ca/begin.
     
  2. If you are not already signed in, select your account and log in as usual using your regular, numbered GBCID@georgebrown.ca and password.

     

  3. Select + Add sign-in method:
     

     

  4. Select Authenticator app and then click Add:
     

     
  5. Click Add to progress to the next screen, and then Next to reveal your QR code.

Step 3: On your phone:

  • Scan the QR code visible on your computer from Step 2. You will need to allow your phone to take photos while using the app to scan the QR code.
  • If you are having trouble scanning the QR code, click on the Can’t scan image option under the QR code to manually enter the code and URL in the app.

Step 4: On your computer:

  • Select Next. A notification is sent to the Authenticator app on your phone to test the account.
     

Step 5: On your phone:

  • Approve the notification in the Authenticator app by entering the number shown on your computer, and then select Next.

You are now set up for Multi-Factor Authentication.

Frequently Asked Questions

General Information

Why does the college require Multi-Factor Authentication (MFA)?

Multi-factor authentication (MFA) is used by many organizations worldwide to protect their systems and user data. Implementing MFA makes it more difficult for a threat actor to gain access to college premises and information systems, such as remote access technology, email, and billing systems, even if passwords or PINs are compromised through phishing attacks or other means. The college is adopting it as part of its ongoing efforts to ensure the safety and security of our community.

Who is required to use Multi-Factor Authentication (MFA)?

All users of George Brown College, including students, faculty, staff, contractors, and other affiliates, must enable and use Multi-Factor Authentication (MFA) to ensure the security of college resources and data. This requirement applies regardless of the individual’s role or employment status.

Are exceptions to MFA allowed?

Exceptions may be granted only in cases of significant demonstrated need (not preference) after weighing the associated risks and costs. Exceptions are typically time-limited and designed to provide individuals additional time to comply. If you believe you qualify for an exception, you may request one by completing the exception form. Approved exceptions may include alternatives such as a hardware token for MFA.

If I'm using a personal computer, can I still use MFA?

MFA is setup on your phone and can be used to authenticate you whether using a personal or GBC-issued computer, tablet or phone.

I have concerns about using MFA. How should I raise them?

MFA is essential to ensure the Cyber Security of GBC systems and users. The Microsoft Authenticator app is solely used to authenticate your GBC account, and GBC has no access to your personal device(s) after you install the app. If you have any Cyber Security-related questions or non-technical concerns (e.g., AODA, etc.) please email us at cybersecurity@georgebrown.ca

What does using Multi-Factor Authentication mean for using apps such as Outlook and MS Teams?

Upon setting up MFA, you will be prompted to use it once a month or whenever you log in from a new location. This security measure is essential for accessing Microsoft Outlook, Teams, and STU-VIEW applications. Please be aware that additional applications will also require MFA in the near future.

Can I opt out of using MFA?

NO. To protect GBC systems and our users, we require all employees and students to use MFA when accessing designated college applications. MFA is being implemented to secure your data and accounts from malicious actors.

How can I learn more about cybersecurity?

If you'd like to learn more about cybersecurity best practices, please visit georgebrown.ca/it-resources.

If you have a cybersecurity-related question, please email us at cybersecurity@georgebrown.ca

Do I need to set up MFA if I am a student, alumni, or about to graduate?

All users who require access to George Brown College resources, including students, alumni, and those about to graduate, must have Multi-Factor Authentication (MFA) set up to access GBC resources.

Technical Support & Privacy Information

How can I access technical support for MFA?

Technical support is available by calling the Help Desk at 416-415-5000, ext. 4357 and selecting option 1 for the Helpdesk.

Which device can I install the Microsoft Authenticator app on?

The Microsoft Authenticator app is free and available for download from the Apple App Store and Google Play Store. If your phone or tablet can access one of these stores, you should have no issues downloading the app. To use the Microsoft Authenticator app, you must have a compatible device that meets the following minimum requirements:

  • Apple Devices
    • iPhone: Requires iOS 15.0 or later. 
    • iPad: Requires iPadOS 15.0 or later. 
    • iPod touch: Requires iOS 15.0 or later. 
    • Apple Vision: Requires visionOS 1.0 or later. 
  • Android Devices:
    • Require Android 8.0 or later.*

*Some Android devices, such as Huawei phones without Google Mobile Services, may not support the installation or proper functioning of the Microsoft Authenticator app. If your device does not meet the minimum requirements or you cannot download the app, please contact the Helpdesk at (416) 415-5000 x4357 or helpdesk@georgebrown.ca first to confirm the issue. If the Helpdesk confirms that your device is incompatible, you may request an exception by completing the exception form. Approved exceptions will include the provision of a hardware token for MFA. Please note that opting out of MFA is not permitted.

Note: Technical exceptions may only be granted to users who joined George Brown College before April 2023. Approved exceptions will include the provision of a hardware token for MFA. 

What if my mobile phone or tablet does not support the Authenticator app?

The Microsoft Authenticator app is free and available for download from the Apple App Store and Google Play Store. If your phone or tablet can access one of these stores, you should have no issues downloading the Microsoft Authenticator app. If your devices are unable to download the app, please seek an exception by completing the exception form. If your exception request is approved, you will be granted a hardware token to use for MFA. You cannot opt out of using MFA.

I’m trying to sign in and I need to select the number in my app that’s displayed on the sign-in screen, but the notification prompt from Authenticator is blocking the screen. What do I do?

Select the 'I can’t see number' option on the notification so you can see the sign-in screen and the number you need to select. The prompt reappears after 3 seconds, and you can select the correct number then.

How can I scan the QR code?

Click "Verified IDs" at the bottom right of the MS Authenticator app, then select "Scan a QR code".

How is my location information used and stored?

The Authenticator app collects your GPS information to determine what country you are located in. The country name and location coordinates are sent back to the system to determine if you are allowed to access the protected resource. The country name is stored and reported back to the college, but your actual coordinates are never saved or stored on Microsoft servers.

Is registering a device agreeing to give George Brown College access to my device?

Registering a device gives your device access to the college's services and doesn't allow the college to access your device.

Do I have to provide TouchID or FaceID when opening the Authenticator app?

No. You can turn off TouchID or FaceID for the Authenticator app by taking the steps listed here.

Why can't I use text messages or voice calls to authenticate?

SMS and voice calls are not encrypted. This makes them easier to intercept and both are vulnerable to phishing attacks. Attackers can also trick the phone company's employees into transferring a phone number to the attacker’s SIM card, thus the SMS codes being sent to them instead of you. Authentication apps such as Microsoft Authenticator can work offline despite any outages by your phone carrier. The recent Rogers outage is one example where text messages or voice calls would not have been possible. Also, attackers usually target the weakest link in security and with MFA, SMS is the weakest link.

How can I learn more about the Authenticator app?

Please visit Microsoft's Authenticator app webpage for more information.

How often will I be prompted to authenticate?

Once you have successfully registered for MFA, you will be prompted to authenticate when logging in to your GBC accounts once a month, or whenever you are in a new, unrecognized location. 

Faculty/Staff:

  • Any Location outside of George Brown College Campus:
    • Compliant GBC device: No challenge
    • Non-compliant GBC device: 30 days sign-in frequency
  • George Brown College Campus:
    • Compliant GBC device: No challenge
    • Non-compliant GBC device: 30 days sign-in frequency

Students:

  • Any Location:
    • 30 days sign-in frequency.
What if an employee does not want to use MFA, but they don't qualify for an exemption?

As with all college policies, procedures and guidelines, employees will be expected to abide by the college’s MFA policy as part of their employment with the college. Employees who do not comply and do not have an approved exception will be subject to sanctions/discipline, which could include cancellation of contracts, being placed on an unpaid leave and/or disciplinary action up to and including termination.

Does MFA use the data on my phone? What about roaming if I am out of town?

MFA uses a very small amount of data if data (cellular or Wi-Fi) is available. If you would prefer not to use data at all, especially when roaming or if your phone is in offline/airplane mode, you can still authenticate by clicking on “sign in another way” and using the 6-digit number provided in the Microsoft Authenticator app.

What should I do if I get a new phone?

Please set up MFA on your new device before resetting your old device. This can be done by following the same steps for setting up MFA by going to www.georgebrown.ca/begin and going through the setup. Once you have setup Microsoft Authenticator on the new device, you can remove the old phone from your account on the same ‘security info’ page. Now the authentication prompt will appear on your new phone.

My phone was lost, stolen or broken. What should I do?

If you have lost or a broken device, please reach out to helpdesk by calling 416-415-5000 ext. 4357. 

I am getting error messages for the QR code during set up. What should I do?

Please make sure that you’re installing Microsoft Authenticator on a supported device meeting the following requirements:

  • Apple Devices
    • iPhone: Requires iOS 15.0 or later. 
    • iPad: Requires iPadOS 15.0 or later. 
    • iPod touch: Requires iOS 15.0 or later. 
    • Apple Vision: Requires visionOS 1.0 or later. 
  • Android Devices:
    • Require Android 8.0 or later.*

*Some Android devices, such as Huawei phones without Google Mobile Services, may not support the installation or proper functioning of the Microsoft Authenticator app.

If the QR code is invalid on one of the supported devices, please close the browser window and restart that step of the process, as the QR code registration has to be completed within a few minutes of code generation. For any technical issues, please contact the HelpDesk at (416) 415-5000 x4357 or helpdesk@georgebrown.ca.

I know I am prompted when I sign into Microsoft accounts, does this also apply to signing into Blackboard, D2L-Brighstpace and STU-VIEW?

Currently, MFA only applies to all Microsoft 365 services such as Outlook and Microsoft Teams, however all GBC services will require MFA starting soon.

How do I back up/restore the Microsoft Authenticator app or transfer it to a new device?

For more information on how to back up and recover account credentials in the Authenticator app, please visit this Microsoft webpage.

Will I be required to use MFA when connecting to GBC resources over Virtual Private Network (VPN)?

Yes. MFA is essential to mitigate the risks associated with unauthorized remote access and potential breaches. MFA adds an additional layer of security, ensuring that only authorized users can access the GBC network and resources remotely.

What if I need assistance using MFA due to an accessibility issue(s)?

GBC is compliant with Accessibility for Ontarians with Disabilities Act (AODA) requirements, should you have concerns or feedback on our accessibility and compliance please email us at cybersecurity@georgebrown.ca.

Can I get an exception in person at the LLC or ITAC offices?

No. The Cyber Security team handles all decisions regarding exception approvals. You must first complete the exception form if you are eligible. Unless you receive an official approval email from Cyber Security, do not visit the LLC, ITAC offices, or any other location to pick up a hardware token. You will not be provided with a hardware token without prior exception approval from Cyber Security. 

The Cyber Security team strives to process exception requests as quickly as possible. However, there may be delays in approval depending on when an exception request is submitted — such as weekends or holidays. In the meantime, the Helpdesk can provide a temporary access code to grant requestors access to GBC resources for the day. Please contact the Helpdesk at (416) 415-5000 x4357 or helpdesk@georgebrown.ca for the temporary code.

 

Submit a Question

Have a question or concern not featured in our FAQs? Please submit it below for consideration and include your email should you wish to be contacted for follow up. Anonymous submissions are accepted. 

Land acknowledgement

George Brown College is located on the traditional territory of the Mississaugas of the Credit First Nation and other Indigenous peoples who have lived here over time. We are grateful to share this land as treaty people who learn, work and live in the community with each other.


Learn more about our land acknowledgment