Multifactor Authentication (MFA) is a second layer of account security that combines something you know (your password) with something you have (a device, security token, or one-time password) when attempting to log into a system. MFA generally involves a hardware token, smartphone app, or SMS message that provides a time-based one-time passcode that you provide along with your password that verifies that you are indeed authorized to access the account. 


Why do I need MFA?


It is relatively easy for your password to be stolen. Malicious software and emails are a constant threat to your account security. And if you use the same password for multiple accounts, you're password is even more vulnerable. 


If your password is compromised, attackers can gain access to any information that you have access to. Attackers often target your email account first to send more malicious emails to other targets, but could easily access other university data. 


MFA can help keep bad guys out of your account even if they have your password. 


How does MFA work?


When you enable MFA, you will set up a means to get a second form of authorization that depends on something you have. This is often a smartphone app or an SMS message that contains a passcode that is only valid for a short amount of time. The Microsoft Authenticator app can also provide a push notification when you try to log in 


When you log in to your account, you will provide your password and then you will be prompted for this second form of authorization. You can provide the passcode that appears in the app or in an SMS message, or with the Microsoft Authenticator app and Office 365, you will receive a push notification to simply approve the authentication. 


If you ever receive a push notification or SMS message when you are not trying to log into an account protected by MFA, it is recommended that you change your password immediately and retire the old password. 


How do I get started?


At this time, MFA is only available for your Office 365 account by request only. You can submit a request in our Service Catalog.