Multifactor Authentication (MFA)

What is Multifactor Authentication or MFA?

Multifactor authentication (or MFA) is the concept of requiring multiple types of authentication methods to sign into your account to prevent unauthorized access. These can be:

  • Something you know (a password)
  • Something you have (your phone)
  • Something you are (fingerprint, facial scan)

You have probably already experienced MFA through your work, online banking, or even personal logins such as Apple iCloud or social media. MFA greatly decreases the probability of your account being compromised.  An attacker who has gained access to your password would be unable to sign into your account without your phone or other authentication method.

Clarkson College requires MFA for all employee and student accounts to help protect against malicious threats such as phishing attacks.

How do I set up my MFA for the first time?

The first time you sign in to Microsoft 365 (previously Office 365) with your username and password, you will be prompted to add your MFA authentication methods.  Check out the video and the instructions below to set up your MFA:

  • Go to clarksoncollege.edu and select Resources -> Microsoft 365.  
  • Enter your email address and password.
  • After signing in, you will be prompted to set your verification methods. Click Next .

Office 365 - More Information Prompt

  • After clicking Next, you can choose from the following options:
    • Microsoft Authenticator App
      • Install an app on your smartphone that will provide a push notification or code.
    • Phone
      • Receive either a text message or phone call with a code.
  • The Authenticator app is the recommended option if you have a smartphone.  If you do not have a smartphone, choose “ I want to set up a different method” to pick the Phone method shown below.

MFAMethods.jpg

 


  • Follow the instructions to complete the setup.  The next time you sign in you will be prompted to use this verification method in addition to your password.

ApproveRequest4.jpg

 

I have lost/broken/replaced my phone.  How do I set up my MFA again?

Follow the video below to set up your MFA again.  To do so, you must have another MFA method (text, phone call) that is still working to complete the setup.  If you do not have any working methods, you will need to call the IT Help Desk at 402.552.3911.  

 

To sign in with your backup method and update your MFA, click the "I can't use my Microsoft Authenticator app right now" link after entering your username and password.

ApproveRequest5.jpg

You can then sign in to Office 365, navigate to the upper right-hand corner, and choose Account -> Security Info to update your methods (see next section for more details).  You can access this page directly from here:  https://aka.ms/mysecurityinfo

How do I update my MFA authentication methods or add a backup method?

It is extremely important to keep your MFA authentication methods up to date and have at least 2 working methods set for your account.  To update your methods, you can go directly to https://aka.ms/mysecurityinfo or follow the steps below:

  • In Microsoft 365, access your account in the upper right-hand corner of the screen:
ViewAccount.jpg

  • Find the Security info tile and click “Update Info”:
Securityinfo.png

  • From here, you can add your multiple authentication methods: Authenticator (app), text message, or phone call.  
    • If you do not have a smart phone, you will need to use the text and phone call options.

  • To set your default sign-in method, select Default sign-in method > Change.  Choose Authenticator – notification if you wish to receive the push notification from the app.

  • Clarkson College recommends setting Microsoft Authenticator as your default sign-in method and add a phone number as your backup method. 

MFA Tips

To decrease the number of times you are prompted for your MFA method on your laptop, you can click "Yes" to stay signed in when prompted.  Only click "Yes" on devices that are secure and not shared with others.  Do NOT choose this option on a public or shared computer.

StaySignedIn2.jpg


Do NOT approve any Microsoft Authenticator prompts on your phone unless you actively are signing into your account.  This could be a sign that your password has been compromised.  Please contact the IT Help Desk (402.552.3911) immediately if this occurs.

Be sure to set your default sign-in method.  This is the method that will be used each time you enter your password.  If you have forgotten your password, your MFA verification methods will be used to help you reset it.  This is why it is extremely important to keep your MFA methods up to date!

 ForgotPassword.jpg

 

Frequently Asked Questions (FAQs)

Who do I contact if I need help with my MFA?

  • You can contact the IT Help Desk at 402.552.3911.

What if I don't have a smartphone to download the app?

  • You can use text messaging or a standard phone call in place of the app.

What if I get a new phone?

  • If you no longer have your old phone and have not previously set a backup method on the Security Info page, you will need to contact the IT Help Desk (402.552.3911) before you will be able to sign in again.  

Should I allow MFA requests when I'm not signing in?

  • If you are not trying to sign in, you should not approve a request. Click “deny.”

My "approve" message went away or I didn't receive it. How do I get it back?

  • Open the Authenticator app on your phone. You can swipe down on the screen to check for new notifications.

What are the 6 numbers and the timer in the Authenticator app for?

  • The 6 numbers are an alternative way of authenticating. Every 30 seconds, these numbers change. You can ignore these numbers unless you have push notifications disabled.