Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is a security method that requires users to provide two or more types of proof to confirm their identity when accessing the M365 account. By requiring multiple factors of authentication, MFA adds an extra layer of security and makes it more difficult for unauthorized individuals to gain access to sensitive information or accounts. 

Rollout Schedule

18 February 2024
18 February 2024

  • Mandatory for all staff
  • MFA will be required for staff members accessing HKU Portal from outside of the campus.
  • MFA will be required for Staff members accessing Personnel File under HCMS
  • Remote access to the Virtual PC (VPC) support the authentication with 2FA and MFA in parallel
1 April 2024
1 April 2024

Mandatory for all departmental accounts

May 2024
May 2024

Mandatory for all student accounts
Sep 2024
Sep 2024

  • HKUVPN support the authentication with MFA ONLY
  • Fortinet 2FA will be retired

To ensure enhanced account protection and prevent unauthorized access, we strongly recommend enabling MFA as soon as possible

Registration

Staff

Departmental account holders (@hku.hk)

Students

Departmental account holders (@connect.hku.hk)

Option(s) to receive the token code

It is recommended that you have alternative methods to confirm your identity with MFA in case your primary way of access is unavailable. For instance, you can use a different phone number or a code produced by an authenticator app.  

(VPN and VPC only can support the Authenticator App to receive token code.)

Authenticator App

Install

Reset

Reset is needed when the Mobile device for receiving the token is changed or lost. Please contact the ITS Help Desk at ithelp@hku.hk.