Protecting your data

Single sign-on (SSO) is an authentication solution that enables you to access password-protected services, applications, websites, and datasets using a single set of credentials - College ID and Password.

Multi-factor authentication (MFA) is when two or more different types of actions verify your identity to add an extra layer of protection.  

MFA adds an extra layer of protection by requiring an additional authentication method beyond just a password. This ensures that even if someone steals your password, they won’t gain access without the additional code. MFA defends against the majority of password-related cyber attacks.

• Acceptable Use of ICT Resources Policy
• ANZCA Privacy Policy
• ANZCA Information Security Policy

Follow our step-by-step guide to install and use MFA.

These instructions relate to the Microsoft Authenticator app as this app is supported by the college and is free to download and use. You can choose to use an alternative authentication app, like Google Authenticator, however there are no college-made resources to support the app set-up. There will still be support for troubleshooting if there are problems with MFA and logging in.

We recommend when setting up MFA on your mobile device, you do so while you have access to ANZCA platforms on a desktop or tablet device.

Yes. When MFA is first enabled for an application, there will be a period of 3-8 weeks you can ‘opt-in’ and choose to set up and start using MFA, or wait to set it up later.

Once MFA becomes mandatory, you will not be able to access MFA enabled applications until MFA is set up.

Once MFA is set up, you will need to continue using MFA and cannot opt-out again.

When MFA is first enabled for an application, there will be a period of 3-8 weeks a user can ‘opt-in’ and choose to set up and start using MFA, or wait to set it up later.

Once MFA is set up, you will need to continue using MFA and cannot opt-out again.

At a later advertised date, MFA will become mandatory. At this point, you will not be able to access MFA enabled applications until MFA is set up.

You can add multiple organisations (accounts) to the MS Authenticator app. Each account’s MFA settings are separate and the app doesn’t share data between accounts. A list of added accounts is visible in the app and after you have set up MFA, you can update the account name to whatever name is most meaningful to you. For example, if your college id was automatically used to create the account name, you can change the account name to 'ANZCA' or a different meaningful name. 

When you log in to an application/site from an account, the app shows the MFA challenge (eg, code). There are no separate processes to follow just because you use the app for multiple accounts or organisations, the app handles this seamlessly.

Ensuring good lighting, cleaning the camera lens, force-quitting and re-launching the camera app, or updating the camera app to the latest version are some suggestions to fix issues with scanning.

We are also aware of a more recent issue with some android devices when scanning QR codes using the Google Authenticator app. If you are experiencing this issue, we recommend that you copy-paste the ‘secret code’ on your mobile to set up MFA. This will get you going in no time and reduce the likelihood of manual entry errors.

ANZCA appreciates your cooperation while we work to resolve all issues as quickly as possible.

There are 3 common reasons the 'Wrong code entered' message displays while you are setting up MFA. Consider if any of these may apply to you. 

1. The code timed out after 30 seconds and the code updated, so the cody you entered is now incorrect. Retrieve a new code from the app and try again. 

2. After MFA has been set up, the first time you log in you will be prompted for a second, new code. Consider whether this applies to you. You may need to enter a new code. 

3. If MFA was set up with the security key (instead of QR code), consider whether the security key was entered incorrectly. Remove the account from the MFA app; Click on the account, click the settings cog, click remove account). Then go through the steps again to add the ANZCA account. 

No, there isnt after-hours support. We hope the information on this page will answer your question.

If required, additional support is available during business hours, our friendly college staff would be happy to help. Contact information is available here.

Follow your normal process for transferring apps to your device, including your Authenticator app.

You will need to send an email to [email protected] for us to reset your ANZCA Authentication account.

Then follow the steps to set up your MS Authenticator.

If you have changed your email address, please let us know. This notification can be escalated to the service desk as the email address will need to be updated in the system.
 
Changing phone number will not impact MFA unless the authenticator app has been removed and need to be reactivated.

You can find your college ID yourself by clicking “Forgot username?” Or, please contact us during normal bussiness hours fro assistance.

Contact us and we’ll help you to de-register your device from MFA and register your new device once you have a replacement.

Yes, you will need to re-install the app and go through the set up process again.

The Microsoft website contains lots of information to help you, including FAQs and troubleshooting.

Mobile data may work without wifi at a location, and therefore the authenticator app may work with mobile data.

Note, MFA is not required on all occasions, especially when mobile phones are used.

The Microsoft Authenticator app is designed to work globally.

Passwords for ANZCA networks/applications should not be shared, and MFA will prevent someone from logging in to an account that is not their own.

We understands there are some instances where a form or task will be completed by an ‘external’ user, and processes for this may be accommodated within the program and application processes.

For example, in the ePortfolio used by many training programs, forms can be set up to be sent to the email address of an ‘external’ user. Where there are administrative forms where we know hospital staff other than a supervisor can complete the form, they are set up to enable completion by external users.

Overall, the core functionality of Microsoft Authenticator remains consistent across Apple iOS and Android devices, but there may be some nuanced differences based on the platform-specific capabilities and design guidelines.

The MFA method of authentication via an app was selected after careful consideration of the data security best practices, operating costs and user experience.

The Microsoft Authenticator app is recommended and supported by the college, and is free to download. You can choose to use a different authentication app. 

As a part of the MFA method of authentication via an authenticator app, a code must be retrieved from the app and entered in the log in screen. Biometrics or facial recognition has not been enabled at this time. 

If you see prompts or pop ups related to biometrics or facial recognition, this is likely driven by your device's operating system or a the chosen authentication application itself.