Skip to main content

How you log in to Stonefish is changing

Multi-Factor Authentication is coming to Stonefish, the University's e-Recruitment System you use to manage your vacancies and apply for jobs at Bath.

What Stonefish is used for and who will be affected

Stonefish is the University's e-Recruitment System.

You'll most likely use it via the Jobs at Bath portal for:

  • recruiting staff to vacancies within your area or department
  • shortlisting candidates for interview if you are a panel member
  • viewing and applying for jobs at the University either as a current student or member of staff.

What is happening and when

A laptop with a lock and log in screen.
Layering up our cyber security with Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) will be applied to Stonefish (e-Recruitment System) in the coming week to further protect our sensitive information and data, and provide extra security controls to reduce the impact of a cyber attack.

In addition, the Jobs at Bath Log in page will be updated, so that the appropriate controls to protect Stonefish and our University data can be applied.

What you need to do to prepare

It is important to check in advance that:

  • your security information, such as your phone number, is up to date
  • you have suitable MFA methods set up

Suitable methods

Only the phone (text/sms), alternative phone, and authenticator app are suitable to authenticate your University M365 account when signing into University systems.

If you've previously selected the security question or email options, these are suitable for resetting your password, but will not work as an MFA factor.

Changing or adding verification methods

To check, change, or add additional authentication methods:

What will be different

Log in sections for different types of users

Once MFA has been applied, you will need to log in via the relevant category:

  • a New/Registered Applicant if you do not work for the University
  • a member of University of Bath staff if you are currently on the University payroll, including if you are a Bath student who works at the University.

Verifying your identity

If you are logging in with your University account, your login experience will be similar to when you sign in to other University services, such as Outlook. Simply:

  • enter your University username (e.g. and password
  • follow the Microsoft instructions to verify your identify using your chosen authentication method

How frequently you’ll need to authenticate your login

Due to the nature of the data in the Stonefish e-Recruitment System, you will need to authenticate your identity every day.

As MFA across our University systems is set up with Conditional Access, you will usually only need to authenticate once per day, even if you:

  • log in and out of Stonefish throughout the day
  • use more than one University system within the same day

You would only need to re-authenticate more often if there are login behaviours that have increased risk, such as logins from a different location or device.

Further help and support

Visit the Layer up your account security with Multi-Factor Authentication (MFA) webpage to find out more about Multi-factor Authentication, including a summary of which methods are suitable for which activities.

If you experience difficulties setting up MFA or accessing your account, please contact the IT Service Desk at

Check or change the Security Information for your University Microsoft 365 account

My Account

On this page