Multi-factor authentication (MFA)
Multi-factor authentication (MFA) is required to access all Parks Canada Microsoft 365 (M365) tools and services, such as Outlook and Teams.
By using MFA, we protect our M365 environment to make it safe for Protected B information.
Signing in with MFA
Once you have set up MFA, you will get a prompt to authenticate using your chosen method (for example, entering a code sent to your smartphone) once every 2 weeks.
You can change your verification method at any time by going to your M365 My Signs-Ins page.
If you don't respond to the MFA security prompt within a certain time, it will time out and you will see: Sorry, we're having trouble verifying your account. Please try again. Close the pop-up window and you will get another prompt immediately.
Setting up MFA
To set up MFA or add additional sign-in methods, go to your M365 My Signs-Ins page.
If you are asked to sign in to your account or to confirm your password at any stage during the MFA set-up process (for example, if your session times out), use your @pc.gc.ca email address and the password you use to log into your computer.
Parks Canada has 3 methods available for authentication:
- Authenticator app - use your work or personal mobile phone to receive an 'allow' notification through a mobile app
- Mobile phone - use your work or personal mobile phone to receive a text or phone call
- Landline or office phone - use a non-mobile phone to receive a phone call
Authenticator app
Choose mobile app (or Authenticator app) from the drop-down menu, click Add and follow the instructions.
You will be prompted to install the Microsoft Authenticator app on your mobile device. Download it from the Play Store (Samsung devices) or App Store (iPhone). For Samsung users, download it to your 'Personal' workspace.
You will need a Google account to download the app from Google Play Store. Tip: Use the Google account (first.lastPCA@gmail.com) you set up to use Google Meet for Parks Canada work.
If you don't have a government-issue mobile device, you can use your personal device.
Once you have installed the mobile app on your phone, you must add an account. Choose 'Work or School account' and then return to the instructions on your computer screen.
If you are using the Authenticator app as your verification method, you can use your fingerprint scan to approve instead of typing in a passcode. It's a lot easier!
Need more help? Follow these step-by-step instructions provided by Microsoft:
Mobile phone
Choose mobile phone from the drop-down menu, click Add and follow the instructions.
You can then choose a contact method - receive a 6-digit verification code by text or phone call.
If you don't have a government-issue mobile device, you can use your personal device.
Need more help? Follow these step-by-step instructions provided by Microsoft:
- How to set up a mobile device as your verification method - text
- How to set up a mobile device as your verification method - phone call
Landline or office phone
Choose Office phone from the drop-down menu, click Add and follow the instructions.
You'll receive a phone call from Microsoft, asking you press the pound (#) sign on your office phone to verify your identity.
Need more help? Follow these step-by-step instructions provided by Microsoft:
Multi-factor authentication FAQ
What is multi-factor authentication?
Multi-factor authentication is a way of protecting our online accounts against cyber criminals. It is a security system that requires users to use a second form of identity to prove they are who they say they are in order to use Government of Canada services (e.g., Outlook email). For example, you provide your network password (first authentication) and then you receive a passcode via a text message to your mobile device (second authentication).
Is MFA mandatory at Parks Canada?
Yes. You will have to set up multi-factor authentication to access your Parks Canada Outlook email, and other M365 apps and tools when they become available, like Microsoft Teams.
When will I be prompted for MFA?
You will be prompted for multi-factor authentication once every two weeks.
What if I don't have a work mobile phone and I am not near a landline?
You can use your personal mobile device for MFA, either by downloading the Authenticator app (available for Android and iOS), or via a text message or phone call to your phone.
What if I don't want to use my personal device?
Multi-factor authentication is required for accessing your Parks Canada email and other M365 tools and apps. If you do not have a work mobile device or phone line you can use, please talk to your manager to discuss other options.
Available option: We have Samsung Galaxy A11 and A12 phones available. These devices cost approximately $130. On a plan costing $12 per year, they will be enabled to receive text messages and calls, which is sufficient for MFA. These devices can be ordered from the Parks IT Service Desk and users will usually receive them within 2 weeks of ordering.
What if I don't have an internet connection and want to access my Outlook email or other M365 services?
If there is no internet access for your phone, you can use the "verification code" generated in the Authenticator app to verify your identity. This is a code that is auto-generated by the app and updates every 30 seconds. Note: you will need internet access for the initial setup of the Authenticator app.
Can I use more than one method of authentication?
Yes! We recommend that you set up any of the available methods of authentication. You will select your primary authentication method that will automatically be contacted when you attempt to login. If your primary option is not available, you can choose to use any of the other authentication options you have set up at any time.
What happens if I change my phone number or mobile device?
You can change your authentication methods at any time by going to your M365 My Signs-Ins page. Here you can add or delete MFA methods, and change your primary authentication method at any time. You will need to have an existing authentication method available to make changes.
Can I use an alternative email address as a method of MFA?
No. Email cannot be used for MFA. Email can only be used for password reset authentication.
What happens if I get an authentication request and I am not trying to connect to my Parks Canada email?
If you get an unexpected request to authenticate a login to your account do not allow access. If you are notified through the Authenticator app or receive a phone call use the options for denying access. Report the attempted to access your account to the ParksIT Service Desk at the earliest opportunity.
Support
If you have any problems setting up or using multi-factor authentication, contact the ParksIT Service Desk (accessible only on the Parks Canada network).
Related links
Related links
- Date modified :