Skip to main content Skip to local navigation
Home » Student Services » Two Factor Authentication (2FA) & Report Phishing

Two Factor Authentication (2FA) & Report Phishing

Information Security provides resources and services to help keep student information and data safe and secure. All students are required to set up 2FA. Please check out the Information Security website for additional help and more information

Featured Services

Overview:

2FA is required for all active student, staff, faculty, sponsored affiliates accounts and retirees to promote a safer online environment and to help safeguard York and the community's information security and privacy. Two-factor, two-step, or multi-factor authentication (MFA) is a security process that requires you to use two different authentication factors (methods) to verify your login. Think of your first factor as the lock on the front door of your house and the second factor as the door's deadbolt. The first factor is your Passport York password, and the second factor is a push notification, a code or call sent to your cellphone or a physical security key inserted into your computer. Two-factor authentication is the most effective way of protecting both your credentials and the resources you access with those credentials. With two-factor authentication, you can ensure that all your data remains safe, even if your password is compromised.

How do I Access it?

UIT recommends enrolling your smartphone with the Duo app for ease of use and best experience. If you don't have a smartphone, you can order your Duo hardware token at the YorkU Bookstore. When completing your Duo token order, please use your York University email address.

For more information on Duo 2FA set-up, instructional videos, and general issues and troubleshooting, please visit the Duo 2FA page on the Information Security website:

Overview:

York University community members are frequent targets of phishing attacks. You—the user—have an important role to play in keeping your data safe from compromise. The “Report Phishing” button on your Gmail or Outlook will automatically report suspicious messages to the Information Security team.

How do I Access it?

Instructions on how to report phishing on email, can be found on the UIT Information Security website:

Learn More

Not finding what you are looking for or need technical assistance? We are here to support you!