To: University of Waterloo Students
From: Student Financial Services
Date: May 13, 2019
Subject: Two-Factor Authentication for banking information in Quest
What is happening?
Passwords are increasingly easy to compromise. They can often be stolen, guessed, or hacked - you could be locked out of your account, or you might not even know someone is accessing it.
Two-factor authentication (2FA) adds a second layer of security to your University accounts, keeping your account secure even if your password is compromised. With 2FA, you'll be alerted right away (on your phone) if someone is trying to log on as you.
For this reason, students can now activate 2FA on their mobile device to challenge them when making changes to their banking information in Quest.
When is this happening?
Beginning May 15, 2019.
What does this mean to me?
Previously, students who were off campus were not able to add or change their banking information. As of May 15th, students who are off campus will be permitted to view or edit their banking information in Quest by opting-in and using 2FA.
Students who do not want to opt-in to 2FA at this time can still change their banking information from an on campus location. Please note that later this year security changes will be made such that all students who have enrolled in 2FA will get a 2FA challenge when they log into Quest.
Instructions on how to enable 2FA are available on the IST 2FA website. Enroll once to protect all of your supported services and take an active role in keeping you and your information secure. Currently 2FA is active for Office 365, and other services will be coming online over the next year. Visit https://uwaterloo.ca/two-factor-authentication/ to get started - it's as easy as 1-2-3.
What if I have questions?
For assistance with Quest or making changes to your banking information, please contact Student Financial Services at email@example.com. Please do not send banking information via email.
For assistance with 2FA, please contact the IST Service Desk or submit a ticket at firstname.lastname@example.org.