Multi-Factor Authentication (MFA) refers to an additional layer of security that is added to the login process.
MFA relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you can be a mobile device or hardware token. This means that even if your password is hacked, your account will remain secure.
Learn more about Microsoft’s Multi-Factor Authentication on their Overview Page.
MFA is required for select offices, but anyone can self enroll for added security benefits. The only application MFA is enabled for all users is the GlobalProtect VPN.
Students can self enroll for added security benefits and is not required.
Review our MFA Frequency Settings Guide to review all applications effected.
The current settings require reauthentication for GlobalProtect VPN every 7 days. Other applications have varying amounts of time, please review our MFA Frequency Settings Guide for a full list.
You will need to re-authenticate on each device and each browser you use.
Use the Self Enrollment Form to sign up for MFA's added security benefits. Over the course of 2022 ITS will communicate, yet to be determined, mandatory waves for faculty and staff.
You will be able to choose a primary authentication method when you register, which you can change or update at any time. International users should use the Microsoft Authenticator Application via their phone. Current options are outlined below:
|Mobile Notification (Microsoft Authenticator Application Required)||A push notification is sent to the authenticator app on your smartphone asking you to Authenticate your log in. (This option is recommended for international users)|
|Verification Code (Microsoft Authenticator Application Required)||The Mobile Microsoft Authenticator app will generate a verification code that updates every 30 seconds. You will be asked to enter the most current verification code in the sign-in screen.|
|Text Messages||A text message with a 6-digit code is sent to your mobile device that you will input to complete the authentication process|
|Phone Calls||A call is placed to your mobile phone asking you to verify you are signing in. Press the # key to complete the authentication process.|
You will also be asked to set up a backup authentication method. ITS recommends that you use your office phone as a backup, to help you access your account in case you forget or lose your mobile device.
If you need to update the office phone we have on record, you can do so by filling out the Directory Update form.
Anyone who is traveling abroad should use the Microsoft Authenticator Application on their device. Text message and phone calls may not be accessible during travel. Wi-Fi is required to authenticate.
Use our MFA First Time Set Up Guide or watch Microsoft’s How to register for Azure Multi-Factor Authentication. For questions regarding the Microsoft Authenticator App, please refer to Microsoft's Authenticator page.
Yes, ITS encourages the use of a personal device for MFA.
Yes, you will be prompted to enroll in Microsoft MFA for each account you own, including elevated accounts.
If you forget your mobile device at home, you can use your backup authentication method. If that doesn't solve the problem, please contact the Service Desk at firstname.lastname@example.org or 206-296-5571.