What is MFA
MFA is short for Multi Factor Authentication. This means that your ITU account is being protected by not only your username and password but an extra factor as well – this can be an SMS code, a phone call or with a mobile app like Microsoft Authenticator.
You may already know MFA from using the ITU VPN or services like Google or Facebook.
Most security breaches today involve compromised usernames and passwords. One factor authentication (a simple password) is not adequate to protect university data and personal information. Implementing MFA will help prevent anyone but you from accessing your account and data, even if they know your password.
In time MFA will be mandatory for all faculty, staff and students to gain access to their accounts and most system.
Which systems are protected by MFA?
We are enabling MFA for your Office 365 / Azure profile which means that especially Cloud based services are being protected since these are reachable from around the world. More systems will be covered by MFA in time but currently it will protect services like LearnIT, E-mail, Teams, Adobe CC, TopDesk and more.
Why can’t I connect with my mail app?
Enabling MFA requires deactivating older insecure login methods like IMAP4 and POP3. These are also known as “Legacy” or “Basic” authentication. Old login methods do not support MFA and keeping them active means keeping an open insecure backdoor for attackers to exploit.
If you are using unsupported mail apps you may experience problems connecting. We recommend that you use one of these supported mail apps:
· Outlook for Windows
· Outlook for Mac
· Outlook for Android & IOS
· Nine Mail for Android & IOS
· Evolution for Linux (see guide here)
· Mac Mail (requires Mac OS X 10.14 Mojave or newer)
For a period of time we offer to enable Legacy authentication (IMAP4 and POP3) if you are experiencing issues connecting with your apps. You can request this by contacting firstname.lastname@example.org.
Bear in mind that basic authentication can only be offered temporarily as Microsoft will end support for this by October 2020: https://developer.microsoft.com/en-us/office/blogs/end-of-support-for-basic-authentication-access-to-exchange-online-apis-for-office-365-customers/