Multi-factor authentication (MFA) is an electronic authentication method which requires you to log in using two different mechanisms. In UCT's case, this would mean using your UCT network password along with authenticating via an app on your smartphone (or a verification code sent to you via SMS).
Cybersecurity attacks are on the rise, and universities are a huge target, given the amount of personal and sensitive data they hold. With email and other online communication methods (e.g. Teams) being so critical in how we operate – especially during remote working and learning – MFA is essential to keep your UCT account, your data, and UCT's network safe.
Consider how banks require you to use MFA to access your account online and make payments. Just like your banking data or medical data is seen as private, sensitive, and requiring maximum protection, your work data – your UCT account, email, and other data – must also be considered sensitive, and needs similarly strong protection.
Unfortunately, in today’s times, passwords alone may not be enough to secure user accounts. The rise in data breaches, along with poor password practices (such as reusing passwords), means that stronger security measures are needed.
Using a mobile phone as well as a password means that, to access your account and your data, a cybercriminal would need know your password and have physical access to your phone.
When the University of Surrey implemented the same MFA platform we are using, there was a 76% reduction in compromised accounts.
Yes. UCT's Risk Management Executive Committee (RMEC) has supported the implementation of MFA as a necessary mechanism for enhancing the university's digital security.
As such, UCT’s information security policies require all individuals with UCT network accounts to make use of MFA.
For further information, please read the following policies on the ICTS website:
- UCT policy and rules on Internet and email use (specifically sections 4 & 6)
- Account and Password Policy (section 1.2)
- Information Security Policy
No. As explained earlier, MFA is mandatory for all UCT users.
At present, MFA applies to UCT email as well as other Microsoft 365 services and data used by staff – including Teams, OneDrive, and more. It also applies to ServiceNow, Mimecast, LinkedIn Learning, and the UCT VPN. It may later be expanded to many other UCT services.
No. Each time you authenticate, the app uses a few kilobytes of data – a miniscule amount in comparison to almost every other app on your smartphone.
Once I set up the authenticator app, why do I have to set up my phone number as a backup option? Isn't the app enough?
It's not mandatory to set up your phone number as a secondary option, but we highly recommend it because if you ever experience unexpected issues with the app - e.g. you accidentally delete it - you will not be able to set it up again yourself as you will be asked to authenticate, which is obviously not possible. You will then need to contact the IT Helpdesk and verify your identity before the issue can be resolved. This might also cause additional inconvenience given that support is available only during office hours.
However, if you simply set up your phone number as a backup option, if you run into issues with the app, you will still receive an SMS verification, and you can then install and set up the app yourself without the inconvenience of the additional steps. Follow these instructions to set up SMS verification as a backup.
Yes. Follow the instructions provided to set up MFA using SMS verification.
No. Please contact the IT Helpdesk so that alternate arrangements can be made for you.
If you use a Huawei phone that runs HarmonyOS rather than the Android operating system, please use SMS authentication for now. The authentication app method is not yet supported on HarmonyOS. Huawei phones released in 2021 or later may fall into this category.
Please contact the IT Helpdesk so that alternate arrangements can be made for you.
If you have a smartphone, we recommend installing the authenticator application as a backup option. This will allow you to still authenticate when connected to WiFi.
If you cannot install the application, please contact the IT Helpdesk so that alternate arrangements can be made for you.
If you are using an application that uses legacy authentication protocols, you can no longer access your UCT data via these applications. Examples include accessing your UCT email via the Gmail app, Outlook 2010, or older versions of Apple mail. See a comprehensive list of applications below.
This is because the applications use outdated authentication protocols which put the UCT network and your UCT account at risk.
Read our MFA web article to find out how to resolve this issue.
The following platforms have been identified as incompatible with MFA:
- Android (Google) Mail
- Gmail (web)
- Samsung Mail (some versions work, but there is no definitive list or way of checking. Most do not)
- Office 2010 (service pack 2 version 14.0.7182.5000 or later supports app passwords)
- iOS versions before 11
- Outlook for Mac 2011 (will work with app passwords)
- Contact our Service Desk by logging a call online in the Service Portal
- Email us at firstname.lastname@example.org
- Call 021 650 4500
- Log a call via ICTS social media (Facebook | Twitter)
- Visit the ICTS Front Office on Cissie Gool Plaza or the ICTS-on-Main Walk-in Centre in Mowbray (see addresses and operating hours)