
BCIT has implemented multi-factor authentication (MFA) for students. This added layer of security helps safeguard your information and reduces the risk of unauthorized access. Find out which BCIT systems require MFA.
In order to use MFA, you will need to register at least one MFA method. There are two options:
- The first option is to download the app, and then enroll an Authenticator app on your mobile device. BCIT recommends and can support you to use the free Microsoft Authenticator app.
- The second option is to set up a SafeID hardware token (available for purchase only from the BCIT bookstore).
Note: We recommend using the Microsoft Authenticator mobile app whenever possible. It offers stronger security, easier sign-ins, and features like number matching and biometric verification. Hardware tokens are more limited, require manual entry, and are easier to lose. The app also makes account recovery and management much simpler.
ITS Support with MFA
IT Services supports only the two recommended MFA methods: the Microsoft Authenticator app on a mobile device and the SafeID token. If you choose other options (e.g., Authy, Google Authenticator, YubiKeys, or password manager tools), you’ll need to manage them independently.
If any issues arise with the supported options, please feel free to request IT support from our service catalogue.
Setting up MFA on your mobile device
Step 1 – Install app on your mobile device
Step 2 – Set up app on your mobile device
Follow the instructions below, either by watching the video or reviewing the steps in the next panel.
This process may take up to 30 minutes. Please set aside uninterrupted time to complete it from start to finish.
Registering your SafeID token

SafeID tokens are available for purchase at the BCIT bookstore. SafeID tokens are small, handheld devices that display a rotating six-digit code used to sign in with Multi-Factor Authentication. When the button is pressed, the screen displays a passcode that can be used to confirm your login. The internal battery typically lasts 3 to 5 years, depending on usage — and because the tokens are sealed for security and durability, the entire unit must be replaced once the battery is depleted.