Skip to main content
Start of main content


Multi-Factor Authentication (MFA)

Easy and secure access to IT services at CDU

Multi-factor authentication (MFA) is a security measure that requires two or more proofs of identity to grant you access. It is one of the most effective ways to protect your valuable information and accounts against unauthorised access. 

Setting up MFA

How to set up MFA with mobile device - video


I have a mail client (iOS or Mac or other application) that does not support MFA. How can I connect to it?

The preference is to use the Outlook App on these devices which is MFA aware, and then you need to remove and add your CDU email account again.

For specific instructions on how to setup mail on your own device, see connect your personal device to your CDU email account.

Why we use MFA

CDU is obliged to manage a greater cybersecurity threat than ever before. Increasing the authentication factor options, means that the greatest threat of password compromise is vastly diminished. But we know this can't just be about security.

We need to seek the right balance between security and usability matched to an aspirational goal of a password-less future. ​We envision that one day it may be as simple as entering a pin or using your face or fingerprint to authenticate to all your services.

What authentication methods are available?

Methods available include:

  • authenticator application - application on your smartphone where you get a prompt to either approve or deny the login or a six digit pin
  • security key - a security fob key, such as a YubiKey
  • app password - a special password to allow applications, that can't handle MFA, to connect with such as an older email application, these need to be requested from ITMS. There is a limit of 40 app passwords per person.
Which method is more secure?

Generally application authentication is seen as a more secure option due to the encryption of the application and challenge/response system, particularly for overseas travellers.

What data is collected and what does the Microsoft Authenticator do on my phone?
  • It has no other function than enabling authentication.
  • It does not store or read data from your phone or otherwise report on, or provide third party information about you or your phone to Microsoft or ITMS.
I left my phone at home (or it's flat), how can I use MFA?

Please contact the ITMS Service Desk on (08) 7943 6600

Is Learnline login affected?

For students there will be no additional login steps required. The Learnline portal will still provide the same login rules as before, however the login window does look a little different.

For CDU Staff who access Learnline via the portal, theyhave to set up their new MFA preference before it can be accessed.

More information about app passwords

An app password needs to be requested from ITMS.

  • There is a limit of 40 app passwords per person.
  • App passwords aren't automatically revoked when a user account password is revoked/reset. The user should delete existing app passwords and create new ones.
  • It is recommended to create one app password per device, rather than one app password per application. Have a desktop app password or a laptop app password, then anything on a device shares the same app password. If the device is lost, then any app that uses the same password can be revoked at the same time.

All campuses contacts

We are your first point of contact for assistance with computers, the internet, telephones, printers and associated information technology equipment and services.

Service Desk
T:  08 7943 6600
Internal: Ext 6600
+618 7943 6600

Opening hours
Mon - Thu: 7:30am - 6.00pm
Friday: 7.30am - 5.30pm 


In-person (kiosk)
CDU Library, Red Building 8, Casuarina campus
Casuarina campus map (PDF, 0 bytes)

ITMS would love to hear from you.
Provide feedback

Back to top