MFA Self help
Frequently asked questions and troubleshooting for students
General queries
Multi-Factor Authentication (MFA) is being implemented in response to the threat of Cyber criminals targeting educational institutions to obtain identity details and access confidential data and intellectual property. MFA ensures that our accounts are highly secured with not just one, but multiple layers of security. MFA never uses or sees your password.
Do I have to use MFA each time I access a Griffith app through a new browser window?
For the most part, you will only need to use MFA once a day when you first login to a Griffith application using Single-sign on. However, if you clear your cache, open an incognito/guest window you will need to use MFA.
Yes, each separate device requires authentication with MFA. Once authenticated, the session will last for 12 hrs when accessing applications from a browser.
Do I need to use MFA when accessing the network with VPN?
VPN currently does not require MFA authentication to use, however this will be activated in the near future.
No, think of MFA as an add-on to the Griffith Single Sign-On page where you enter your sNumber and password. Whenever you do this you will then be prompted to authenticate using MFA. For most people that will be once or twice a day in the web browser, maybe more if you change computers or browsers.
Devices
How long does it take to setup a device for MFA?
It should take between 5 and 10 minutes to set up a device with MFA.
I am using a device with an old Windows Operating System. Will MFA work?
Supported Windows operating systems:
- Microsoft Windows 8, 8.1 and 10 - 64bit
- Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, and 2019 (desktop) - 64bit
Note: Windows XP, Windows 7 and all Windows 32bit versions are not supported for the PINGID desktop application
Why do I need to setup an additional device?
It is recommended that you set up an additional device (mobile device and/or computer) in the event that your primary device is forgotten, lost or not working. This way you can use another device to login to Griffith applications.
What devices can I use to access PingID?
- Windows
- Mac
- Android - requires Android 5.0 or later
- iOS - Requires iOS 9.0 or later. Compatible with iPhone, iPad and iPad touch.
- Yubikey
How many devices can I use for MFA?
You can have up to 5 devices/authentication methods. It is recommended that you pair as many devices as possible during the initial set up. This means if you do not have access to your primary device (i.e. forget/lose your device) you are able to use another device without having to contact the IT Service Centre.
How can I find out what devices MFA is set up on?
- Login from a browser to myGriffith, or any Griffith app using Single sign-on > enter your Snumber and password.
- When the authentication screen opens for your second form of identification > click Settings.
- The My Devices page opens, showing the devices you currently have paired with your account. Your primary device is shown in green.
How do I unpair my device from PingID?
Ensure your device has access to the internet and is not offline.
- Open the PingID app on the device you want to unpair.
- Tap Settings cog > tap Unpair Device. You'll see a confirmation message.
- Tap Unpair.
The device is no longer paired and will not be able to be used to authenticate.
Can I set up the same PingID app on a shared mobile device with different user accounts?
Yes. Once the PingID app is set up with one user, you can add additional users using the same install instructions. Refer to Multi-factor Authentication for information.
Can I set up a device for MFA from off-campus?
Yes, you can set up your devices for MFA from any location with internet connectivity.
I am a device free student, how do I access Griffith applications requiring MFA authentication?
You can purchase a YubiKey to use for authentication. For information on how to purchase a YubiKey, visit MFA for Students.
Using your mobile
I do not have my phone with me, how do I authenticate?
If you have not registered an additional device, contact the IT Service Centre for general IT Support or Tech Assist for assistance.
If you have set up an additional device you can use this device to login as follows:
- Login from a browser to myGriffith, or any Griffith app using Single sign-on enter your sNumber and password.
- You will be prompted for your second form of identification. You will see a similar screen as below depending on the device that you previously set up with MFA > Choose Change Device.
- A list of devices you have previously paired with MFA will appear similar to below screen
- Choose an alternative device and click Sign On.
- Authenticate from your chosen device as prompted.
- If you do not have access to any device previously set up with MFA, contact the IT Service Centre or Tech Assist for assistance.
What if I change my phone number?
This will not impact your authentication via mobile app as you registered your device and not the phone number.
If you have your old mobile device with you
- On your new mobile device go to the App Store > Download and install PingID.
- On your old mobile device (the one you want to unpair) > open PingID App > click Settings > click Change Device. A QR Code and Pairing Key will display.
- On your new mobile device > Open PingID App > scan the QR Code or enter the Pairing Key from your old device. A green checkmark indicates pairing is complete and your mobile device has been added.
- Next time you log onto your account or app you will be prompted to authenticate on your new mobile device.
If you don't have your old mobile device with you
- Contact IT Service Centre to unpair your old mobile device.
- Once unpaired, you need to set up your new mobile device.
* If your old mobile device was the only device set up with MFA, see
* If you have already set up another device with MFA, see
You can use your computer as your primary authentication device. For instructions on how to set up MFA for your device, visit MFA for Students.
You can also purchase a YubiKey to use for authentication. For information on how to purchase a YubiKey, visit MFA for Students.
What if my mobile device is lost or stolen?
- Contact IT Service Centre to unpair your old mobile device.
- Once unpaired, you need to set up your new mobile device.
Are there any privacy issues created due to installing the PingID app on my mobile device?
Refer to Ping Identity's privacy policy.
What do I do if I get a new mobile device?
If you have your old mobile device with you
- On your new mobile device go to the App Store > Download and install PingID.
- On your old mobile device > open PingID App > click Settings > click Change Device > a QR Code and Pairing Key will display.
- On your new mobile device > Open PingID App > scan the QR Code or enter the Pairing Key from your old device > a green checkmark indicates pairing is complete and your mobile device has been added.
- Next time you log onto your account or app you will be prompted to authenticate on your new mobile device.
If you don’t have your old mobile device with you
- Contact IT Service Centre to unpair your old mobile device
- Once unpaired you need to set up your new mobile device (see instructions for setting up devices on the MFA for students web page)
What if I need to change my sim card?
If you are replacing the sim card in a device set up with MFA: you do not need to do anything. The new sim card does not affect MFA.
Yes, the PingID app on your mobile device can generate a passcode even without an internet connection and you can use this passcode to complete the login process as normal.
Will I have to open the app on my mobile device every time I want to authenticate?
Not if you have configured push notifications for authentication. You only need to open the PingID app if you want to authenticate with the passcode.
My mobile phone has no coverage in a lab area, how will MFA work?
You can still use your mobile device to authenticate with MFA, even without internet access.
The MFA prompt sent to the mobile tries to reach the phone, but fails and times out. A message then appears on the login screen of the application:
'Your device couldn't be reached. Use the PingID app to get a one-time passcode and enter it here to authenticate.'
User can then enter the passcode shown in the PingID app and authenticate with MFA.
It is not allowed to use a mobile phone in a restricted area - how do I authenticate using MFA?
Discuss with the Lab Manager as devices in this location may be exempt from MFA and therefore will not require authentication from your mobile phone.
Yes, you can log into Griffith applications from your mobile device and also authenticate using the same mobile device.
Troubleshooting
The mobile device needs to be unpaired properly with MFA. Because you have already reset your phone to factory settings, you need to contact IT Service Centre or Tech Assist to get your mobile device unpaired now.
Once unpaired, set up MFA on your mobile device again as per the instructions.
Why don’t I get asked to authenticate using MFA for Office 365 every day?
The Griffith email including all the O365 applications are secured with MFA and hence should prompt you for MFA everyday upon login. However, Office 365 also asks you during login if you would like to stay signed in which reduces the number of times you are asked to sign in.
If you select Yes, O365 does not sign you out for a long time, and hence no MFA.
We recommend selecting No and setting Don’t show this again on this prompt to be able to enforce MFA on O365 login every day.
If you have already said Yes to this prompt before, follow the steps below to be able to reset it:
1. Sign out of your Griffith email or Microsoft suite application by clicking on your name icon on the top right corner of the browser window and selecting Sign out from the options.
2. Close all the browser windows and launch a new one
3. Access https://portal.office.com from the new browser window
4. Provide your Griffith email ID as username
5. It will redirect you to Griffith SSO login page. Provide your Griffith sNumber and password, click Login
6. You will be prompted to authenticate using your device as set up for MFA. Provide that authentication by swipe/password as required
7. Check Don’t show this again checkbox and click on No on the Microsoft’s Stay Signed in prompt.
8. Once signed in, select the Microsoft application that you would like to access from the deck..
What if I don't get the notification or passcode through my selected method?
Occasionally this can occur. Wait for 5 mins then retry.
If this does not work please contact the IT Service Centre or visit Tech Assist
How do I uninstall the PingID app from my mobile device?
Android:
- On your device > press and hold PingID application.
- Drag to Uninstall at the top right-hand corner of your screen.
- The PingID app is deleted and all associated data is removed.
iOS:
- On your device > press and hold PingID application until all icons appear with an X on the top left.
- Tap X on the PingID application.
- Tap Delete to confirm.
- The PingID app is deleted and all associated data is removed.
I use Linux, is there an MFA client?
The University does not have a preferred MFA client for Linux. You can use the third-party Authenticator App Twilio Authy available at
I can not set up MFA on my Android, I enter the pairing code and nothing happens.
To install MFA on your Android device, you must turn on the Location Service on your Android device. On your Android device go to Settings > Privacy > Location Services > move the Location Services slide to on/green.
Contact us
General enquiries
multifactor-auth@griffith.edu.au
Or you can ask our friendly staff about IT products and services, contact us by phone, email or chat.
