Multi-Factor Authentication
MUNI Unified Login offers a more secure way of authentication on top of passwords – the so-called Multi‑Factor Authentication (MFA). Once activated, an additional form of authentication is required in addition to the password required, for example in the form of a verification code. This function makes it more difficult for potential attackers to misuse someone else’s account. It also means that you will need one of your registered devices for every new login, and to type in a verification code or confirm the use of a security key.
Multi-Factor Authentication as described here applies only to services that use MUNI Unified Login. To activate Multi‑Factor Authentication for the IS, you must separately enable it in the Information System using this guide.
How to set up Multi-Factor Authentication
Within Masaryk University, it is necessary to register verification codes. This authentication method is available on any device where you might need to sign in. Subsequently, you may also register security keys, which provide better security and user experience, e.g. Windows Hello and TouchID. More information about the supported authentication methods is available on a separate page.
Adding the first token automatically sets up Multi-Factor Authentication for all IT services under MUNI Unified Login. Managing for which services multi-factor authentication is enabled is possible in the User Profile at account.muni.cz.
As a part of the initial set up of Multi-Factor Authentication, a set of backup codes is generated. These are used in case all registered devices are lost and access has to be restored. We strongly recommend that you save the codes securely or print them out, otherwise you might lose access to your account.
What should I do if I have lost my tokens?
During the initial setup of Multi-Factor Authentication, a set of backup codes is generated, which can be used to recover account access, e.g. in case of a lost mobile phone. You just need to type in one of these codes during login and then register a new token in the token management at mfa.id.muni.cz.
In case you do not have any of your devices with verifications codes, no security keys nor backup codes, contact the user support.
Multi-Factor Authentication Settings
Redirects you to the Token Management Interface.
Access Settings for MUNI Services
Follow the instructions linked below on this page.
If you are unable to sign in to the service support portal, send an e-mail to it@muni.cz with the following information:
- which UČO you are signing in with,
- which service you are signing in to (web link),
- time when the problem occurred,
- the error message you received,
- the version of your browser and operating system.