Skip to content
Apply Now 13 8827 Staff Students MyLO Library Webmail
Study Research Life
Profile Search Menu

Multi-Factor Authentication

Multi Factor Authentication (MFA) is now essential for everyone with a University of Tasmania account. This enables you to log in using single sign-on (SSO) into services, including Outlook, MYLO, and the Student Portal.

You'll find easy steps below on setting up Microsoft Authenticator on your phone. Plus, there's some advice if you've recently got a new phone.

UTAS has adopted the Microsoft Authenticator app to enhance security, ensuring both the University and your account stay safe from unauthorised access. To get this extra protection, you'll need to download the app on your smartphone and then go through the MFA setup on your computer.

If you're new around here, either as a student or staff, you'll be guided to set up MFA as part of your welcome aboard routine. And yes, this also goes for anyone holding a UTAS account.

MFA is all about layering up security by combining something you know (like your password) with something you have (like the Microsoft Authenticator app on your phone). The aim here is to build a tougher barrier, making it harder for the bad guys to get their hands on the University's stuff through your UTAS account.

Once you log in with your UTAS ID and password, you might get a notification from the Microsoft Authenticator app asking for verification. You'll see a 2-digit number on your device, like your computer, which you need to punch into the app on your phone. Hit Yes (or Done) to confirm your identity, and you'll be taken to the University's single sign-on (SSO) application.

  1. Open a SSO application such as MyLO
  2. Login with your UTAS credentials
  3. Get a push notification to your smart phone

If your phone buzzes with a login attempt that wasn't you, just hit No, It’s Not Me. You'll see an option to report suspicious activity. Go ahead and report it, and our UTAS IT Cyber Security Operations team will take over. Don't worry about false alarms; it's better to be safe!

  • Our multi-factor authentication (MFA) is pretty smart and might ask for verification at unexpected times if it senses something off or due to other security policies.
  • Make sure to have your authenticator (your phone) handy whenever you're using university SSO applications.
  • And remember, keep the Microsoft Authenticator app installed.

To start, you'll need to download the Microsoft Authenticator app on your phone and then proceed with the MFA setup on your computer. For a quick overview, check out this short video and Follow the Step-by-step guide (PDF 1.0 MB).

Just a heads-up, if you're switching to a new phone, simply moving your data and photos or doing a backup and restore won't get your MFA account up and running on the new device. Even though you might see the Microsoft Authenticator app and your account on your new phone, they won't be functional.

This process involves 3 stages

  1. Generate a Temporary Access Pass
  2. Sign into the Microsoft Sign in Page and review MFA methods
  3. Register new MFA Method

Check out this short video and Follow the Step-by-step guide () PDF 1.5 MB.

MFA activation is specific to a Utas ID and is required when accessing any UTAS SSO Application. This includes services like Office 365 (Outlook, Teams), MYLO, and the Student Portal.

Typically, you will need to complete MFA verification once every 30 days on each device they use to access an SSO application. However, for applications deemed higher risk, like the VPN, MFA prompts occur more frequently, about every 12 hours. You'll be asked to verify again if you:

  • switch to a new browser,
  • clear your browser's cookies/cache,
  • log in from a different computer, like those on a lectern,
  • change your work location,
  • connect to a new Wi-Fi network, or
  • if our MFA system detects a potential risk-based event.

Hardware Token

A Hardware Token is a physical security device you can use instead if:

  • Your job or studies require environments where smartphones aren't allowed,
  • You don't own a smartphone,
  • Your smartphone's OS can't be updated to run the Microsoft Authenticator app, or
  • You prefer not to use your personal smartphone for work or school.

Please note the following restrictions:

  • Tokens provided by UTAS are owned by the University, and there may be a charge for replacing lost devices.
  • It's important to always have your Token with you when using any University single sign-on applications.
  • When no longer needed or if you are leaving UTAS, please return any UTAS-issued Hardware Tokens to the IT Service Centre.

Requesting a Hardware Token

Staff and students should call the IT Service Desk at (03) 6226 1818 to inquire about alternatives or to understand the full limitations and conditions of using a Hardware Token

To request a token please fill out the forms below.

Multi-Factor Hardware Token Request

If you need further assistance contact the IT Service Desk on 13 UTAS (13 8827) or +613 6226 2600

Home
Colleges
Specialist Institutes

We acknowledge the palawa/pakana peoples of lutruwita upon whose lands the University of Tasmania stands.

Authorised by the Chief Information Officer. © 12 November, 2024 University of Tasmania, Australia. ABN 30 764 374 782. CRICOS Provider Code 00586B