Skip to main content

Setting up Multi-Factor Authentication for Students

Screenshot of BCIT MFA Lock only

BCIT has implemented multi-factor authentication (MFA) for students. This added layer of security helps safeguard your information and reduces the risk of unauthorized access. Find out which BCIT systems require MFA.

In order to use MFA, you will need to register at least one MFA method. There are two options:

Note: We recommend using the Microsoft Authenticator mobile app whenever possible. It offers stronger security, easier sign-ins, and features like number matching and biometric verification. Hardware tokens are more limited, require manual entry, and are easier to lose. The app also makes account recovery and management much simpler.

ITS Support with MFA

IT Services supports only the two recommended MFA methods: the Microsoft Authenticator app on a mobile device and the SafeID token. If you choose other options (e.g., Authy, Google Authenticator, YubiKeys, or password manager tools), you’ll need to manage them independently.

If any issues arise with the supported options, please feel free to request IT support from our service catalogue.

Setting up MFA on your mobile device

Step 1 – Install app on your mobile device

Step 2 – Set up app on your mobile device

Follow the instructions below, either by watching the video or reviewing the steps in the next panel.

This process may take up to 30 minutes. Please set aside uninterrupted time to complete it from start to finish.

Registering your SafeID token

safeID token showing red power button and LCD screen displaying an example passcode

SafeID tokens are available for purchase at the BCIT bookstore. SafeID tokens are small, handheld devices that display a rotating six-digit code used to sign in with Multi-Factor Authentication. When the button is pressed, the screen displays a passcode that can be used to confirm your login. The internal battery typically lasts 3 to 5 years, depending on usage — and because the tokens are sealed for security and durability, the entire unit must be replaced once the battery is depleted.

Once you’ve purchased a SafeID token, you can register it yourself:

Managing your MFA methods