Multi-Factor Authentication

Multi-factor authentication (MFA), also referred to as two-factor authentication (2FA), is a method of confirming your identity when signing in, by requiring something in addition to your password.

This is usually done using any combination of several factors

1. Something you know (your password)
2. Something you have (your phone)
3. Something you are (your fingerprint)

Self-Service Password Reset

The self-service password reset feature allows users to reset their password, or unlock their account without contacting IT.

Multi-Factor Authentication

Signing into your account on a personal device or external network will have an additional step that requires you to present an additional piece of identification.
 

• Step 1 - You'll enter your password

You'll enter your username and password as usual
 

• Step 2 - You'll be prompted for additional verification

This will depend on the verification methods that you've set up, and which one is set as your default.
Either approve a notification on your phone from the Microsoft Authenticator app, enter a verification code sent to you by text message, or answer a phone call.

Self-Service Password Reset

When visiting the self-service portal, you will be prompted to verify your identity using 2 forms of authentication instead of your password.

After verifying your identity, you will be able to change your password, or your account will be unlocked.

Set up my MFA Verification Methods During my First Sign-in

1. After signing in to an application, you may see a popup that asks you to provide more information. Click Next.

2. A Keep your account secure wizard will appear, instructing you on how to set up the Microsoft Authenticator app on your phone.

3. Follow the remaining instructions on the screen to complete the registration.

4. After successfully registering your first method, you will need to register a second method by following the on-screen instructions.


5. You have now successfully set up your verification methods. Select Done to continue signing in.

Add a New MFA Verification Method

1. Go to the Security info page.


2. You will be prompted to verify your identity using one of your existing methods.


3. You will be taken to the Security info page. Click Add method.

4. Select the verification method that you want to add using the dropdown menu.

5. Click Add.

6. Follow the remaining instructions on the screen to complete the registration.

Set up my MFA Verification Methods During my First Sign-in

1. After signing in to an application, you may see a popup that asks you to provide more information. Click Next.

2. A Keep your account secure wizard will appear, instructing you on how to set up the Microsoft Authenticator app on your phone.

3. Follow the remaining instructions on the screen to complete the registration.

4. After successfully registering your first method, you will need to register a second method by following the on-screen instructions.


5. You have now successfully set up your verification methods. Select Done to continue signing in.

Set up my MFA Verification Methods when Prompted

1. After signing in to an application, you may see a popup that asks you to provide more information. Click Next.

2. A Keep your account secure wizard will appear, prompting you to register an additional verification method.

3. Follow the remaining instructions on the screen to complete the registration.

4. After registering your other verification method, you will see a screen letting you know that you have successfully set up your verification methods. Select Done to continue signing in.

Add a New MFA Verification Method

1. Go to the Security info page.


2. You will be prompted to verify your identity using one of your existing methods.


3. You will be taken to the Security info page. Click Add method.

4. Select the verification method that you want to add using the dropdown menu.

5. Click Add.

6. Follow the remaining instructions on the screen to complete the registration.

Add a New MFA Verification Method

1. Go to the Security info page.


2. You will be prompted to verify your identity using one of your existing methods.


3. You will be taken to the Security info page. Click Add method.

4. Select the verification method that you want to add using the dropdown menu.

5. Click Add.

6. Follow the remaining instructions on the screen to complete the registration.

Change the Phone Number or Email Address I have Registered for MFA

1. Go to the Security info page.


2. You will be prompted to verify your identity using one of your existing methods.


3. You will be taken to the Security info page. Beside the verification method you want to change, click Change.

4. Follow the remaining instructions on the screen to complete the registration.

Delete a MFA Verification Method

1. Go to the Security info page.


2. You will be prompted to verify your identity using one of your existing methods.


3. You will be taken to the Security info page. Beside the verification method you want to change, click Delete.

4. You will be prompted to confirm that you want to delete this verification method. Click Ok.

Change my Primary MFA Verification Method

1. Go to the Security info page.


2. You will be prompted to verify your identity using one of your existing methods.


3. You will be taken to the Security info page. Beside Default sign-in method, click Change.

4. Select the verification method that you want to use from the dropdown menu.

5. Click Confirm to finish changing your primary verification method.

Register MFA using the Microsoft Authenticator App

The Microsoft Authenticator app is the recommended method for verification, as it is easy to use, and more secure than other methods. It provides several methods for verification, such as:
 

• Notification

The Authenticator app sends a notification asking you to Approve sign-in

• Verification code

The Authenticator app generates a time-based passcode, similar to the SMS verification method

Download and Install the Microsoft Authenticator App

Install the latest version of the Microsoft Authenticator app, based on your operating system:

• Google Android

On your Android device, go to Google Play to download and install the Microsoft Authenticator app.

• Apple iOS

On your Apple iOS device, go to the App Store to download and install the Microsoft Authenticator app.

If you're not currently on your mobile device, you can send yourself a download link from the Microsoft Authenticator page.

Set up the Microsoft Authenticator App

1. Select Next on the menu that pops up.

2. Select Next again.

3. You should see a page like below, with a QR code.

4. Now on your mobile phone, open the Microsoft Authenticator app.

• For iOS: In the upper-right, click the + icon.

• For Android: In the upper-right, click the More options icon (the 3 vertical dots), and select Add account.

5. Select Work or school account.


6. Use your phone camera to scan the QR code (the square barcode) from your browser from step 6.


7. Review the Accounts screen of the Authenticator app on your mobile phone, you should see your account added, and a 6-digit code. For additional security, the verification code changes every 30 seconds preventing someone from using a code multiple times.


8. Back on your computer, click Next and you will be prompted to verify that your account was successfully added.


9. On your mobile phone, open the Authenticator app and you should see a notification similar to below. Select Approve to complete authentication.

Register MFA using Text Message

You can set up your mobile phone to use a text message as your verification method.

1. Select your phone number's country code from the dropdown.

2. Enter your phone number in the Enter phone number field.

3. Ensure Text me a code is selected.

4. Click Next.

5. A text message will be sent to the phone number you entered, containing a 6-digit verification code.

6. Enter the 6-digit code into the Enter code field.

7. Click Next.

8. You should see a message letting you know that the text message (SMS) was verified. Click Next to complete the text message registration.

Register MFA using Phone Call

You can set up your mobile phone to use a phone call as your verification method.

1. Select your phone number's country code from the dropdown.

2. Enter your phone number in the Enter phone number field.

3. Ensure Call me is selected.

4. Click Next.

5. A phone call will be made to the phone number you entered.

6. Press the "#" key on your phone's dial pad.

7. You should see a message letting you know that the phone call was verified. Click Next to complete the phone call registration.

Register MFA using your Office Phone

You can set up your office phone to use a phone call as your verification method.

1. Go to the Security info page.


2. You will be prompted to verify your identity using one of your existing methods.


3. You will be taken to the Security info page, and you should see your office phone number listed as a registered method.

4. Select Enable two-step verification. If you do not see this option, your office phone has already been registered and enabled for MFA.

5. You should no longer see the Enable two-step verification option, and you can now use your office phone as a method of MFA.

Register MFA using Email

You can set up your personal email account to use an email as an verification method.

1. Enter your email address in the Enter email field.

2. Click Next.

3. An email will be sent from msonlineservicesteam@microsoftonline.com to the email address number you entered, containing a 6-digit verification code.

4. Enter the 6-digit code into the Enter code field.

5. Click Next.

6. You should see a message letting you know that the email was verified. Click Done to complete the email registration.

Use the Self-Service Password Reset Feature

1. Go to passwordreset.microsoftonline.com.


2. In the User ID field, enter your TransAlta email address (e.g. John_Smith@transalta.com).


3. Complete the CAPTCHA verification by entering the characters you see on the screen, and then click Next.

4. You'll be presented with 2 options:

1. If you forgot your password and need to reset it, select I forgot my password.
2. If you know your password, and your account is locked, select I know my password, but still can't sign in.

5. You will be prompted to verify your identity using 1 of the methods you have previously registered.

6. After the 1st successful verification, you will need to verify your identity with a 2nd verification method.


7. If you chose to reset your password, you will be prompted to enter a new password.

8. After following all the above steps, you should now be able to login to your TransAlta account.

Change Your Password From a TransAlta Computer

1. You must be logged into your TransAlta computer, and connected to the TransAlta network, either directly or through the VPN.


2. Press the Ctrl + Alt + Del keys together on your keyboard.


3. Select Change a password.

4. Type your old password, and then create and confirm your new password.

First Name **	Last Name **
Email Address ***	Phone Number *
Preferred Contact Method * Email Phone

Tell us about your problem **

Generate a new imagePlay the audio code

Enter the code from the image