Multifactor Authentication is Coming This Month

As you may be aware, we are updating Multifactor authentication (MFA) across campus to incorporate ctcLink and Canvas.

MFA will be enabled for all Students for access to BOTH ctcLink and Canvas.

This means that you will be required to enter your ctcLink ID and ctcLink password, PLUS an additional verification in order to sign in.

The projected date for the activation of student accounts is: January 18th, 2024

To make sure that your MFA activation goes smoothly, please log into your ctcLink account BEFORE Jan. 18 to verify that your correct mobile phone number is listed.

 

What is multifactor (MFA) authentication?

MFA is a method for signing in to something using more than one “factor” to prove your identity. This can include things such as usernames/passwords, security questions, one time codes sent to a mobile device or email, and other “factors” available to prove you are the right person associated with the account.

Why do we need MFA?

SBCTC requires MFA for additional security to protect Personally Identifiable Information (PII) contained in ctcLink. Some colleges have already implemented MFA and employees who work at those colleges already have MFA enabled on their accounts.

How do I set up MFA?

The good news is MFA in ctcLink uses the information you already have stored in your ctcLink account. This means the setup process is fairly seamless.  If you have a mobile phone number already associated with your account, you will see the following screens:

Input your username & password:

This is a picture of the ctcLink log in screen

Click “Receive a code via SMS to use the texting option on your mobile phone:

This is a picture of the ctcLink screen where you can request an SMS code.

Enter the code sent to your mobile device:

This is a picture of the ctcLink screen where you enter your SMS code.

If you prefer to use other “factors”, you can click “Verify with something else” on the second screen.  You will see a screen similar to this:

This is a picture of the ctcLink screen where you can request verification methods other than an SMS code.

If you need additional assistance with options on managing your MFA, read and follow the steps in this knowledge base article: Setting Up Your Multi-Factor Recovery Options

Will my personal device be subject to Public Records Requests if I use it for authentication?

No, these messages are transitory and serve no useful purpose after the one-time code expires. Employees are encouraged to delete these messages as soon as possible.

I am frequently signed out of ctcLink. How often will I have to enter MFA in order to sign in?

If you check the “keep me signed in” box (located in 1st screenshot above) when you sign in, your MFA code will be remembered for 16 hours. This setting needs to be checked for each device that you use. Once this is done, you should only have to enter MFA once each day (per device that you use throughout the day).

Thank you for your attention and compliance in this very important update.

If you have further questions or issues during this process, please fill out a support ticket at https://support.shoreline.edu or send an email to Support@Shoreline.edu.

January 5th, 2024 by