Password Change & Multi-factor Authentication

August 05, 2021

Password Changes

Vanier College’s updated password policy will go into effect on 18th August 2021 for all employees.
Government mandated cybersecurity standards now require a stronger password format and obliges the College to ensure that you change your password every 60 days.

Vanier Pass

If you have not already done so, go to Vanier Pass and set two security questions to ensure that you can get back into your email if you forget your password.

Once you have set your security questions, Vanier Pass allows you to change  your password to the recommended format. It must be done before 18th August 2021 or the email system will automatically lock your account.

The recommended password format:

  • three words (at least one uppercase word and one lowercase), separated by dashes;
  • a minimum of 15 total characters;
  • must not contain your account name;
  • must contain at least one non-alphabetic character (0-9 or characters e.g.: -, !, $, #, %, etc);
  • must not be a password you have used before.

Example: word1-WORD2-word3#

Visit the ITSS website for additional information about your account and security questions at Vanier College ITSS

 

Multi-factor Authentication (MFA)

Multi-factor authentication (MFA) is a security technology that requires multiple methods of authentication from independent categories of credentials to verify a user’s identity for a login or other transaction. The goal of MFA is to create a layered defense that makes it more difficult for an unauthorized person to access a target, such as a physical location, computing device, network or database.

 

Setting up Two Factor Authentication

If at any point you require assistance with setting up Multifactor Authentication, refer to this video offered by Microsoft: https://www.youtube.com/watch?v=uWbkLuI4g30

 

1. Download the Microsoft Authenticator application on your smart phone. You can do so by going to the Google Play Store or App Store, and searching for Microsoft Authenticator, and then tapping your finger on the install button.

2. While you wait for the Microsoft Authenticator app to install, go to the following website on your computer or laptop: https://aka.ms/MFASetup

3. You will be asked to login, do so with your Vanier email account.

4. Afterwards, you will be prompted with a message stating, “More information required”, click on “Next” to setup Multifactor Authentication.

5. On the next page, under “Step 1” you will see a dropdown. Click on it and select “Mobile app” from the list. Under this dropdown menu, there are two options, select the option “Receive notifications for verification”. Double check that “Mobile App” is selected from the drop down menu and that you have checked off the “Receive notifications for verification” option. Once verified, click on the “Set up” button. Refer to the screenshot below if needed.

6. You should now see a popup titled “Configure mobile app”. Leave this popup open, we will come back to this page later. Now, grab your smartphone, (the one we installed the Microsoft Authenticator application on back in step 1). Open the Microsoft Authenticator app on this phone. This app may ask you for your pin, this pin is the same pin you enter to unlock your phone. Once the app is open, you will be asked to read and agree to Microsoft’s privacy statement, do so now.

7. After agreeing to the privacy statement, the phone screen will display a couple options for adding your Vanier account to the app, select the option labeled “Scan a QR code”. You may be asked to Allow Microsoft Authenticator to access your phone’s camera. Click on “Allow” to proceed to the next screen.

8. Your camera should now be on. Your phone’s screen should also display a clear box in the center of the screen with a red horizontal line passing through its center.
Make sure your computer’s screen is still displaying the “Configure mobile app” popup we saw in step 6. Aim your phone’s camera at the QR code in this popup. Hold your phone steady and make sure the QR code fits within the square of your phone’s camera. Refer to the image below if needed.

If you have any trouble with scanning the QR code or if your phone’s camera does not work, you can choose to enter the code manually. To do so, select “OR ENTER CODE MANUALLY” at the bottom of your phone’s screen. You will be asked to enter a code and a URL. These two pieces of data can be found at the bottom of the “Configure mobile app” popup. Refer to the image below, specifically the blue rectangle outlining where to find the Code and URL.

9. After scanning the QR code or entering the code manually, you will be asked to specify which account you will be adding, select the top option, “Work or School account”.

10. On your computer, click “Next” at the bottom right of the “Configure mobile app” popup. A new page will load, click “Next” at the bottom right of this page too.

11. You will be asked to approve your sign in using the mobile app. Your phone will receive a notification regarding your sign in with an Approve / Refuse button. Grab your smartphone and tap on approve. Once approved you may also be asked to input your pin. Again, this pin is the code you use to unlock your phone. Once you enter your pin and approve the sign in, look back at your computer screen and click on the “Verify” button at the bottom right.

12. On the next page, you will have to enter your phone number. Your phone will only receive a call or text to verify your identity if you lose access to your Microsoft Authenticator app. Enter your phone number and country code, and then click on next.

13. This next step is very important, on your computer you will be presented with an “App password”, take note of this password. In order to login to any Microsoft applications installed on your computer (example, Outlook, Teams, Word, etc…), you will need to enter your “app password” in place of your Vanier email password. Click “Next” at the bottom right of the webpage.

14. On this new page, you can change your Multifactor Authentication method, if you prefer to just receive text messages instead of using the app, you can change that preference by selecting “Text code to my authentication phone” from the dropdown menu.

You can also generate and delete app passwords by selecting the “App Passwords” tab at the top of the screen. Remember, when you open Outlook after having setup Multifactor Authentication, you will need to use your app password to login instead of your Vanier password. You will not need to use any App Passwords if you access Outlook and the Microsoft Office Suite through Vanier’s Office 365 website, http://mail.vaniercollege.qc.ca

Congratulations! You’ve setup Multifactor Authentication and secured your account from unauthorized access. Please note, that due to Microsoft’s synchronization, you may need to wait upwards of an hour after creating an App Password for it to be accepted when logging into a Microsoft application.

To manage your multifactor authentication settings, change your contact preferences and create/delete App Passwords, visit this page: https://account.activedirectory.windowsazure.com/Proofup.aspx