Secure Password Criteria
When you log in the first time, you will be prompted to change your password. You will need to change your password every 12 months.
All Passwords MUST:
- Equal to or greater than 12 characters
- Contain both upper case and lower-case letters, as well as numbers and special characters (#,$,% etc)
- NOT contain any part of your first or last name or login name
- NOT be set to any well-known or knowingly compromise password
- NOT a previously used password
Setting good passwords
A good password is one that you can remember without having to write it down.
A good method of setting passwords is known as “Pass Phrases” where your password is set to a full sentence.
Password Expiry NotificationYou will receive a password expiry notification with instructions to update your password 7 days, and 1 day before your password expires.
I know my password and want to set a new one
Click on the “Know your password and want to set a new one?” button above and then fill out this form:
I do not know my password
Click on the "Don’t know your password?” button above and then fill out this form:
Select “I forgot my password”
Select a verification method, then follow the steps as prompted.
Setting up Self-Service Password Reset and Multi-Factor Authentication
Most of the college systems can be accessed with your Condor ID, which is authenticated by Microsoft. So even though you are signing in as firstname.lastname@example.org, it is a Microsoft based server that is validating who you are and what you can access. Because of this partnership, we are able to use Microsoft's robust multi-factor authentication system and their self-serve password reset.
To enable this, you first have to log in and set up your security settings through Microsoft.
Step 1: Logging in to Microsoft Security
(a): Go to https://mysignins.microsoft.com/security-info and login with your Conestoga email and Password
(b): It does not matter if you choose to stay signed in or not
Step 2: Configuring your authentication methods.
This means the ways in which Microsoft will confirm that you are you when you try to reset your password.
You will have to add at least 2 methods of authentication, though using more is encouraged if possible. You cannot set Email as a primary method and it is only used for SSPR and Account Recovery.
(a): You will be brought to a page asking you to add a method. In this step, we will look at the Authenticator App.
(b): Click on "Add method" outlined in red in the previous screenshot. The default option is "Authenticator app", click "Add".
(c): Follow the instructions in the pop-up to download the Authenticator app. You can also click on the "Download now" link to get step-by-step instructions.
(d): Continue following the steps, in the app, choose to allow notifications, then click the + button in the top right corner of the app, and select "Work or School" account.
(e): You will be shown a QR code on your display, you have to scan this QR code with your phone's camera within the Authenticator app. If you are having issues scanning the QR code, you can select "Can't Scan Image" which will provide you information to enter into the Authenticator app.
Note: The QR code reader is built into the Authenticator app, do not download a third-party QR code app.
Alternative - Manual Authenticator Setup
If you are having trouble scanning the QR code, select "Or enter code manually" on your phone, and on the pop-up on the computer screen, select "Can't Scan Image", where you will be shown a URL and Code to enter on your phone.
(a): Phone Screen
(b): Computer Screen
(f): You will see your account listed in the app.
(g): Click “Next” on your desktop to verify the setup. Then you will be prompted to approve the notification in the app.
(h): The pop-up on the desktop will show that the notification is approved, click “Next”.
(i): You will see the Authenticator app added as a method.
(a): Add a second method by clicking on the "Add method" button, then choosing "Phone".
(b): Select Canada as the country, and then enter your cellphone or landline/desk phone number. If you are using a cellphone, you can select "Text me a code" or "Call me", if you are using a landline or your desk phone, select "Call me", and click “Next”.
(c): Enter the code that was sent to your phone.
(d): You will be notified that adding the phone was successful.
Using a Security Key
Looking for a Security Key?
Here are the security keys that we recommend:
Setting up your Security Key
https://mysignins.microsoft.com/security-info and login with your College Email and Password
Select “Add method” and select “Security key”
You may be prompted to sign in with two-factor authentication, this usually just results in the page reloading.
Select the type of security key you have, in most cases this will be USB.
- There is some information provided about what to do to set up the security key, namely, having it ready to plug in and then touching the button on the key.
On the page that opens, a pop-up will inform you that your security key will be set up to login to your Microsoft account, click “Ok”
You will be provided some more information about setting up the security key, the information collected by Microsoft, and the information stored on your security key. Click “OK” to continue
You will be prompted to create a security key PIN or enter an existing PIN if there is already one on your device. Make sure they PIN is something you will remember. If you lose this PIN, the security key becomes unusable.
After entering the PIN you will be prompted to touch the contact on your security key, this is usually a gold spot on the key, see your key manufacturer’s instructions for more information.
Once the setup is complete, you will be prompted to give your security key a name, this can be anything you want.
You will receive a message informing you that the key was successfully set up, and you can now log into your Microsoft account with your security key rather than your password or other 2FA method.
Using the Security Key to log in
- When logging into any Microsoft page to access your Conestoga College account, enter your full email address as normal, then on the password prompt page, select the option "Sign in with Security Key". Alternatively, if you have previously selected to sign in with a security key, you will be sent directly to the page asking you to touch the contact on your security key. You can also select another option if needed, such as a text message or app notification.
Enter the security key pin
Touch the contact on your key
You will be prompted if you want to stay signed in, just as if you had signed in with a password and second factor.
(a): Add another method, "Email", then click "Add". (b): Enter your personal email address, then click “Next”. (c): Enter the code that was sent to your email, it may take a few minutes to show up, then click "Next". (d): You will see that your email address was added to the list of authentication methods.
(a): Add another method, "Email", then click "Add".
(b): Enter your personal email address, then click “Next”.
(c): Enter the code that was sent to your email, it may take a few minutes to show up, then click "Next".
(d): You will see that your email address was added to the list of authentication methods.