Skip to main content

Two-Factor Authentication

Two-factor authentication provides an additional level of security for your Ryerson account. After you enter your username and password to log in, you’ll be asked to enter a pass code. The pass code is generated by an application on your mobile device.

CCS recommends using two-factor for all applications. If you've already set up two-factor for required applications only, learn how you can enable two-factor for all applications.

Setting up two-factor authentication

To enable two-factor authentication, you’ll first need to set up your device and then update your Ryerson account.

Set up your device

Download and set up the Google Authenticator app for:

If you don't have a supported device, consider asking your department to purchase a one-time verification (OTV) code generator.

Update your Ryerson account

  1. Log into the my.ryerson portal with your username and password.
  2. Look for the Self Service module and click Personal Account.
  3. Under the Security section, click Two-Factor Authentication.
  4. Under Set up two-factor authentication for your account, click the Set up link next to Mobile Device and follow the onscreen instructions.

    If you’re using an OTV code generator, click the Set up link next to One-Time Verification Code Generator and follow the onscreen instructions.
  5. Click the type of device you’re using. Instructions will display - follow the steps starting from the Now open and configure Google Authenticator section.

    If you’re using an OTV code generator, follow the steps for registering your assigned one-time verification code generator.
  6. Now, you’ll have the option of enabling two-factor for:
    • All applications
    • Only applications that require two-factor authentications
    CCS recommends selecting all applications for more security across all your accounts.
  7. Enter the six-digit code from Google Authenticator or the secret key in the Code field, click Verify and Save.

    If you’re using an OTV code generator, turn it on and enter the number displayed into the Code field, click Verify and Save.
  8. At this point, you’ll see a link to Show/Generate Backup Codes. These can be used once in the event you’re unable to access your mobile device. We recommend keeping a hard copy with you in your wallet.
Using two-factor authentication

Once two-factor authentication is enabled, you’ll notice a new Ryerson Authenticator screen come up after logging into your Ryerson account with your username and password.

This screen prompts you for a one-time verification code, which is the code generated by the Google Authenticator app you’ve installed on your mobile device or from your assigned one-time verification code generator.

One-time verification code screen

Note the option to select I trust this browser on this device. Don’t ask for codes for 30 days. Checking this box means you trust the browser on the device you’re using and the authenticator will only prompt you for a verification code once every 30 days.

Revoking two-factor authentication - Android

To revoke two-factor authentication use on your Android device, you’ll need to update your Ryerson account as well as your mobile device. Some of the reasons you might want to do this include:

  • you no longer trust a device
  • you clicked the trust option out of habit on a shared device and need to undo it
  • your device is no longer in your possession either because it’s lost or you’ve lent it to someone else

Update your Ryerson account

  1. Log into the my.ryerson portal with your username and password.
  2. Look for the Self Service module and click Personal Account.
  3. Under the Security section, click Two-Factor Authentication.
  4. Under Two-Factor authentication is set up for: you can click Revoke next to the Mobile Device listing.

At the bottom of the screen, you’ll find a listing of all your trusted browsers and devices. If you need to clear your entire list, click the Revoke all trusted devices link.

Update your Android device

  1. On your android device, open the Authenticator app.

    Google Authenticator App icon

  2. Tap and hold on the verification code until you see menu options appear at the top of the screen.

    verification code

  3. Tap the garbage bin icon to remove the code and your account.

    press garbage bin icon

  4. Next you’ll find a confirmation screen. Read the warning and if you’d like to proceed, tap the Remove Account option.

    confirm account removal

  5. Close the app.

Revoking two-factor authentication - iOS

To revoke two-factor authentication use on your iOS device, you’ll need to update your Ryerson account as well as your mobile device. Some of the reasons you might want to do this include:

  • you no longer trust a device
  • you clicked the trust option out of habit on a shared device and need to undo it
  • your device is no longer in your possession either because it’s lost or you’ve lent it to someone else

Update your Ryerson account

  1. Log into the my.ryerson portal with your username and password.
  2. Look for the Self Service module and click Personal Account.
  3. Under the Security section, click Two-Factor Authentication.
  4. Under Two-Factor authentication is set up for: you can click Revoke next to the Mobile Device listing.

At the bottom of the screen, you’ll find a listing of all your trusted browsers and devices. If you need to clear your entire list, click the Revoke all trusted devices link.

Update your iOS device

  1. On your iOS device, open the Authenticator app.

    verification code

  2. Tap the pencil icon in the top-right corner to edit.

    click pencil icon to edit

  3. In the Ryerson University tile, tap on the circle on the far-right of the screen to select it and then tap the Delete option that pops up at the bottom of your screen.

    tap on delete

  4. Next you’ll find a confirmation screen. Read the warning and if you’d like to proceed, tap the Remove Account option.

    account removal confirmation screen

  5. Close the app.

Revoking two-factor authentication - One-time verification code generator

To revoke two-factor authentication use on a one-time verification code generator device, you’ll need to update your Ryerson account. Some of the reasons you might want to do this include:

  • you no longer trust a device
  • you clicked the trust option out of habit on a shared device and need to undo it
  • your device is no longer in your possession either because it’s lost or you’ve lent it to someone else

Update your Ryerson account

  1. Log into the my.ryerson portal with your username and password.
  2. Look for the Self Service module and click Personal Account.
  3. Under the Security section, click Two-Factor Authentication.
  4. Under Two-Factor authentication is set up for: you can click Revoke next to One-Time Verification Code Generator listing.

At the bottom of the screen, you’ll find a listing of all your trusted browsers and devices. If you need to clear your entire list, click the Revoke all trusted devices link.

Frequently Asked Questions

How do I find my one-time verification code?

On mobile devices

Open the Google Authenticator app that you installed on your mobile device to use the one-time verification code it displays.

On one-time verification code generators

Turn on the device and use the one-time verification code it displays. The device will turn itself off once the code expires.

Isn't it a nuisance to get my phone and type in the code every time I log in?

If you’re using a computer you control (as opposed to someone else’s computer or a shared machine), you can tell the authentication service to not ask again for 30 days. Look for and select the “I trust this browser on this device” check box after entering your one-time verification code.

How does "trust this browser" work?

This feature uses a cookie to remember your device. The cookie itself doesn’t contain any information about you or the device you’re using. Instead, it verifies that you’re using a device you previously registered.

Remember to only use this feature for browsers on devices that are not shared with other people such as a personal workstation, laptop or mobile device.

Adding trusted browsers

You can add your browser to the trusted list by selecting "I trust this browser on this device. Don't ask for codes again" after entering your verification code.

Removing trusted browsers from your list

To remove devices from your set of trusted devices:

  • Delete all browser cookies from your device, or
  • Log into my.ryerson.ca. Select Self Service > Personal Account > Security > Two-Factor Authentication > Revoke all Trusted Devices.
The "trust this browser" option isn’t working. What should I do?

If you’re prompted to enter a verification code despite having selected “I trust this browser on this device. Don’t ask for codes again”, try the following solutions:

Make sure cookies are enabled on your browser.

The “trust this browser” option will not work if your browser doesn’t have cookies enabled, is set to delete cookies after a certain period of time or is set to delete cookies every time you quit the browser.

Designate different browsers and devices as “trusted” browsers/devices one-by-one.

If you use different browsers or devices, each one needs to be designated as a trusted browser or device the first time you sign in on it. For example, trusting Chrome on your desktop does not automatically mean Chrome is trusted on your laptop or mobile device - you must select “I trust this browser on this device. Don’t ask for codes again.” for Chrome on every device you sign in from.

Check if you’re browsing in incognito or privacy mode.

Incognito or private browsing windows can't access existing cookies from other browser sessions on your device, so it won’t know if you’ve previously designated the browser as trusted. If you want to use the “trust this browser” option, sign into CAS using a regular browsing window.

What if my cell phone doesn’t handle messaging, data or wifi?

Ryerson’s two-factor authentication system does not use text messaging, mobile data or wifi when you access the authenticator app. You’ll just need to set up the authenticator app and you’re good to go.

What if my cell phone runs out of power or my phone is stolen?

At the time of two-factor authentication setup, you can opt to receive a set of one-time backup codes that you can print and keep in your wallet.

What if two-factor does not work with my POP or IMAP email software?

Some email clients support two-factor with IMAP. Check your email software to see if OAuth 2.0 is an option in your software’s IMAP configuration. If it isn’t, then use an application-specific password, which is more secure than your regular password - we call it a Google token. For help setting this up, see our page on how to Get a Google Token.

I am a Ryerson employee and don’t have a smartphone, what can I do?

Ryerson employees can order a $30 one-time verification (OTV) code generator device from CCS. In many cases, departments will pay for the device. Check with your department first.

 

CONTACT THE HELP DESK

Students

Phone icon416-979-5000 x6840

Email iconhelp@ryerson.ca

Maps iconKerr Hall West, Room 71

Faculty/Staff

Phone iconx6806

Email iconhelp@ryerson.ca


More iconMore help options

 

CCS SERVICE ALERTS