Timeline for UTM staff

Over November and December 2020, the Office of the Chief Information Security Officer will be rolling-out University of Toronto’s new multi-factor authentication (MFA) service, UTORMFA, to all U of T staff. This provides a significant improvement to the protections for user accounts.

The UTORMFA roll-out for faculty will take place at a later time.

How does this affect UTM staff?

The enrollment process for UTORMFA is quick, only taking a few minutes with using a personal or work cell phone or a hardware token (available through the UTM Service Desk).

UTORMFA adds a second step to the login process when accessing certain U of T systems, requiring either approval through the Cisco Duo app for cell phones or a code from an assigned hardware token.

All systems behind U of T's weblogin will require UTORMFA.

University of Toronto weblogin screenshot

UTORMFA is mandatory for all U of T staff.

What is MFA?

If you’ve ever banked or shopped online, you may already be familiar with MFA, also known as two-factor authentication (2FA) or two-step verification. MFA is a security enhancement that requires two different verification methods before granting users access to an account (e.g., your password paired with a code sent to your mobile phone). At U of T, MFA is currently in use in the form of an eToken to access HR and financial systems.

Why is this important?

Services such as MFA are part of a holistic information security program and help support the University’s mission to protect user accounts and data. This layer of security provides extra assurance for users and creates an additional barrier for anyone trying to gain unauthorized access.

Looking for more information?

For more information on the UTM UTORMFA roll-out, bookmark this page regularly and check back regularly for updates.

For more information on the institution-wide roll-out, visit the UTORMFA page.