Multi-Factor Authentication (MFA) refers to an additional layer of security that is added to the login process.
MFA relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you can be a mobile device or hardware token. This means that even if your password is hacked, your account will remain secure.
Learn more about Microsoft’s Multi-Factor Authentication on their Overview Page.
For now, MFA impacts all faculty and staff using GlobalProtect VPN. Additional offices besides ITS are being onboarded to use MFA full time. In the future, MFA will be implemented for all faculty and staff.
Future plans include rolling MFA out to faculty, staff and student employees.
Review our MFA Frequency Settings Guide to review all applications effected.
The current settings require reauthentication for GlobalProtect VPN every 7 days. Other applications have varying amounts of time, please review our MFA Frequency Settings Guide for a full list.
You will need to re-authenticate on each device and each browser you use.
Prior to May 2021, select offices will be onboarded to use MFA due to the secure data they work with. After May 2021 ITS will communicate how to enroll through MFA voluntary enrollment followed by future, yet to be determined, mandatory waves.
You will be able to choose a primary authentication method when you register, which you can change or update at any time. Current options are outlined below:
|Mobile Notification (Microsoft Authenticator Required)||A push notification is sent to the authenticator app on your smartphone asking you to Authenticate your log in.|
|Verification Code (Microsoft Authenticator Required)||The Mobile Microsoft Authenticator app will generate a verification code that updates every 30 seconds. You will be asked to enter the most current verification code in the sign-in screen.|
|Text Messages||A text message with a 6-digit code is sent to your mobile device that you will input to complete the authentication process|
|Phone Calls||A call is placed to your mobile phone asking you to verify you are signing in. Press the # key to complete the authentication process.|
You will also be asked to set up a backup authentication method. ITS recommends that you use your office phone as a backup, to help you access your account in case you forget or lose your mobile device.
If you need to update the office phone we have on record, you can do so by filling out the Directory Update form.
Use our MFA First Time Set Up Guide or watch Microsoft’s How to register for Azure Multi-Factor Authentication. For questions regarding the Microsoft Authenticator App, please refer to Microsoft's Authenticator page.
Yes, ITS encourages faculty and staff to use their personal device for MFA.
Yes, you will be prompted to enroll in Microsoft MFA for each account you own, including elevated accounts.
If you forget your mobile device at home, you can use your backup authentication method. If that doesn't solve the problem, please contact the Service Desk at email@example.com or 206-296-5571.