Your account, password and data

Multi-Factor Authentication (also known as 'MFA' or 'Two Factor Authentication') is an important security feature used to protect access to your CCCU computing account, and to recover access to your account if you forget your password.

This feature stops people from accessing your account without your permission, by sending you a security code or smartphone notification to approve when you log in. Only you can approve access to your account by following the prompts on the login screen and on your phone.

You will be required to set up at least one authentication method when you activate your CCCU computing account during your registration - this process cannot be skipped.

To be safe, we recommend that all students set up the following authentication methods:

• The Microsoft Authenticator app – download the app onto your smart phone and you verify your identity by approving a request sent to the app.
• Mobile or landline number – you will receive an access code via text or automated phone call.

Any personal information you enter into the Microsoft Account Recovery system will only be stored and used for the purpose of account recovery and access.

More details on adding authentication methods can be found below.

Please note that you need to have set up at least one other authentication method (such as the Authenticator app) to access the link below:

1. Visit: https://account.activedirectory.windowsazure.com/securityinfo
2. Login with your CCCU username and password (username@canterbury.ac.uk)
3. Click ‘Add method’
4. Select ‘Phone’ from the drop-down list and click ‘Add’
5. Enter your recovery phone number and select your preferred method of verification
6. Enter the code sent to your recovery phone
7. If you have followed the steps correctly, you will see a message to confirm that you have successfully registered your recovery telephone number

If you need assistance with these steps, you can ask the i-zone for help. 

A recovery email address can only be used to recover your password, and not to approve access to your CCCU account. You must still set up the Authenticator app or a phone number using the other advice on this page.

Please note that you need to have set up at least one other authentication method (such as your phone number or the Authenticator app) to access the link below.

To add a recovery email address for password recovery, please visit:

https://account.activedirectory.windowsazure.com/securityinfo

1. Login with your CCCU username and password (username@canterbury.ac.uk)
2. Click ‘Add method’
3. Select ‘Email’ from the drop-down list and click ‘Add'
4. Enter a recovery email address (this cannot be your CCCU address), and click ‘Next’
5. Enter the code sent to your recovery email address
6. If you have followed the steps correctly, you will see a message to confirm that you have successfully registered your recovery email address

If you need assistance with these steps, you can ask the i-zone for help.

To set up the Microsoft Authenticator app:

Please note that you need to have set up at least one other authentication method (such as your phone number) to access the link below.

1. Visit: https://account.activedirectory.windowsazure.com/securityinfo
2. Login with your CCCU username and password (username@canterbury.ac.uk)
3. Click ‘Add method’
4. Select ‘Authenticator app’ from the drop-down list and click ‘Add’
5. Download the Microsoft Authenticator app from the iOS App Store or Google Play 4
6. Once you have installed the app, select ‘+’ in the top right-hand corner and select ‘Work or school account’
7. Using the app, scan the QR code displayed on the screen, or choose to enter a code manually
8. You should now see Microsoft Authenticator in your recovery information. You should also see your username@canterbury.ac.uk listed in the app.

If you need assistance with these steps, you can ask the for i-zone for help.

If you have already added recovery information, please use the “Forgotten my password” link on the login screen and follow the prompts. 

Choose the “I’ve forgotten my password” option. Remember your password needs to be 14 characters or more. 

If you haven’t already added your recovery information, you can ask the i-zone for help.

If you have already added recovery information, please use the “Forgotten my password” link on the login screen and follow the prompts. 

Choose the “I know my password, but still can’t sign in” option.

If you haven’t already added your recovery information, you can ask the i-zone for help.

Your account will stay open for the time you are with us at Christ Church.

A month, a week and three days before your account is due to be deactivated, you will receive an email reminding you to save your work from places such as BlackBoard, PebblePad and any emails that you may wish to keep. 

Your account will not be deleted on this date and if you were to return to the University within a year of this date, your account would be returned to you.

Password tips

It is important that you never share your password with anyone, including friends, partners, children or guests who come to visit you on campus, and no one at the university will have a need to ask you for your password. When creating a new password, you should avoid using any data that can be easily guessed, such as family names or your date of birth.

You should also try to mix in capital letters, and include numbers and special characters to add to your security. You could, for example, consider using numbers to replace certain letters or phrases in your password (4 instead of ‘for’, 3 instead of ‘E’, 0 instead of ‘O’).

What if I’m stuck for ideas?

One really good tip is to form your password out of a sentence that only you will remember. This can be anything from a common phrase to a life event that means something specific to you.

For example:

• Il2w4IT@C3u (I love to work for IT at CCCU)
• mdniP4TCH (My dog’s name is Patch)
• E5G1wcq01 (England 5 Germany 1 world cup qualifier 2001)
• AC02jun16 (Alice Cooper, O2, June 2016)

If you feel you must write down your password, never write down the password itself, but rather a hint that will trigger your memory. So for example, the word ‘gig’ might remind you of your password AC02jun16, and the word ‘work’ might remind you that Il2w4IT@C3u.

Here are our top tips on how to keep your information safe.

• Change your password regularly. Use secure passwords that combine capital letters, numbers and symbols. 
• Do not share your account details with anyone. This includes family, friends, colleagues or even your manager. Always lock your computer or log out of your account when you spend time away from your desk or if you are using a hot-desk location. To lock your Windows machine use the keyboard shortcut “Windows + L”. Guidance on how to lock Apple products can be found here. Always set a lock code on your mobile devices. Do not share this code with anyone and do not use your DOB.
• Be careful when clicking on attachments or links in emails. If you’re not sure about a link do not click on it! Be wary of any communication that asks for your personal details.
• Save your work regularly. Always store your work on your N: drive to keep it safe. If you are working on shared OneDrive documents, remember that once the “owner” of the document deletes a shared document from OneDrive, this file will no longer be accessible to any user. (CCCU IT cannot recover files deleted from OneDrive).
• Make sure your personal anti-virus software is up-to-date. Regularly update the antivirus and the operating system on your own PCs and mobile devices. The university provides free Sophos anti-virus for home use to all members of staff. If you experience any issues please contact our Service Desk for further advice.
• Be careful of what you share online. Never share confidential or privileged information. Also check your social media privacy settings. 

We also have Social Media Guidelines to help protect and support students who contribute to and engage with social media.

While we take every step possible to filter out spam and other suspect communications, sometimes scam emails do slip through the net. Things to look out for include:

• Impersonal greetings.
• Probing questions.
• Urgent warnings.
• Bad spelling and formatting.
• Threats.
• Password requests.

What else can I do?

We recommend that you always treat emails with a degree of caution – especially when they ask for personal information and look like they come from an official source.

• If you receive a suspect email, do not open any file attachments.
• If you have concerns, contact the sender directly via trusted channels such as the organisation’s official website, or their customer service line.
• Beware of links in email. If you see a link in a suspicious email message do not click on it.

Phishing Scam Targeted at University Students

Remember, no legitimate organisation, be it your bank, Student Finance Company or the University will ask for personal details such as your username and password by email. If you are ever unsure about such a request, contact the organisation directly via trusted channels such as a customer service line, or the official website.

What if I'm still unsure?

If you are unsure about any email you have received, or about anything relating to online security, then please contact the i-zone.