Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
Multifactor authentication information session will be hosted in G140 on November 1 at 4:00PM. |
About
Multifactor authentication (MFA) is all about protecting your account from unauthorized access. Because passwords can be easily stolen or ‘phished’, it’s important to add layers of protection through the use of multiple forms of account verification.
If you haven’t already, check out the Getting started with Microsoft Authenticator (MS MFA App) and Passwordless articles to help you secure your account and sign in without a password.
Table of Contents | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
Frequently Asked Questions
What are my options for multifactor authentication?
Expand | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Microsoft Authenticator appThis is the best option for most students, and it is recommended by UNW IT. Using your mobile phone or tablet, you can easily sign in without a password, use multifactor codes when you don’t have Wi-Fi or cell coverage, and reset your password if needed, all from the app!
Authenticator Lite (Outlook Mobile)If you already have Outlook Mobile installed on your mobile device, you can use it to approve sign in attempts similar to the Microsoft Authenticator app. Authenticator Lite does not support sign in context information (application name or location), passwordless phone sign-in, or push notifications for password reset. You can learn more about setting up Authenticator Lite here: https://support.microsoft.com/en-us/topic/authenticate-with-outlook-mobile-a57026c0-26af-4d17-bf84-d9ec637efda1 Third party authenticator appIf you prefer to use another authenticator app that supports standard multifactor codes (a.k.a. time-based one-time password or TOTP), these are also supported for UNW accounts. Here are a few examples, though there are many others: /wiki/spaces/IKB/pages/279445639. You can register these methods by choosing the Authenticator app option when you are setting up your authentication methods, then selecting I want to use a different authenticator app during the setup process. Visit https://mysigninsaka.microsoft.com/security-infoms/mysecurityinfo to get started. Examples: Google Authenticator Authy Bitwarden Authenticator Security keySecurity keys (i.e. FIDO2) provide an easy-to-use sign-in experience by replacing passwords with strong multifactor authentication. The security key contains your sign-in credential and is protected with a second factor such as a fingerprint or PIN. These USB or NFC devices can be transported and connected to the device you are signing into when needed. If you already own one, you can set it up as a UNW authentication method detailed here: https://unw.atlassian.net/wiki/spaces/ITSKB/pages/205029635/Passwordless#FIDO2-Security-Keys. Hardware tokenHardware tokens are dedicated devices that generate codes like authenticator apps. As an alternative to security keys, hardware tokens may be issued by UNW IT to students who do not have a mobile device that supports authenticator apps or where FIDO2 security keys are otherwise not supported. |
What about voice call or SMS methods?
Expand |
---|
Multifactor methods that use voice call or SMS text messages are certainly better than no MFA; however, these methods are considered weaker than those listed previously. Support for voice/text methods is also decreasing from vendors in favor of stronger MFA or passwordless methods. At this time, UNW IT will only grant the use of these methods when no other option is available. |
What is the backup email used for?
Expand |
---|
The backup email is only used for receiving a one-time code during self-service password reset (SSPR). Registering a backup email allows you to reset your UNW password in case you also lose your primary multifactor authentication method, or the primary method is not supported for SSPR (such as FIDO2 Security keys). The backup email must be a non-UNW email address. It should be protected with a strong passphrase and multifactor authentication (or passwordless) wherever possible. |
I forgot my multifactor today, what do I do?
Expand |
---|
If you get to class and realize you left your multifactor method at home, the IT Service Desk can help! Stop by Riley or call in to get a temporary access code for the day. |
My multifactor device was lost/broken, help!
Expand | ||
---|---|---|
If you have a second multifactor method available, login to https://mysignins.microsoft.com/security-info to remove the lost/broken method from your list. You can also add your replacement method while you are there, just click + Add a sign-in method. If you don’t have any multifactor methods available, contact the IT Service Desk to get a temporary method to help you login and setup your replacement. |
I just got a new device, how do I set it up?
Expand | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
If you have a second multifactor method available, login to https://mysignins.microsoft.com/security-info to remove the old device from your list, if you haven’t already. Then, add your new device by clicking + Add a sign-in method. If you don’t have any multifactor methods available, contact the IT Service Desk to get a temporary method to help you login and setup your new device. |
I’m going to be without cell service, can I still login?
Expand |
---|
If you are on a plane (in-flight Wi-Fi) or in a country where your cell carrier is not supported, all default methods can verify your account without cell carrier service. Microsoft AuthenticatorIf you already have the Microsoft Authenticator app as a registered method, the TOTP codes are already generated and can be used without cell service. Simply tap the account in the app to reveal the code. Software/Hardware codes or Security keysAny of these methods can be used without cell service. SMS/Voice callIf your only multifactor authentication method requires cell service, contact the IT Service Desk to get a temporary method setup before you leave. |
Why don’t I see a notification when I’m trying to sign in?
Expand |
---|
In order to reduce the risk of fraudulent sign-in attempts, the Microsoft Authenticator app will not notify you when signing into your account from an unusual location. Additional checks, such as notifications settings are outlined in https://support.microsoft.com/en-us/account-billing/troubleshoot-problems-using-microsoft-authenticator-a3a74493-566b-4c2e-b949-a2789bac0fd3 |
Someone else changed my password or multifactor authentication.
Panel | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
Contact the IT Service Desk right away if you suspect unauthorized access to your account. |
Tip |
---|
Not finding the answer you’re looking for? Contact the IT Service Desk for support and advice on multifactor authentication.
|
Additional Microsoft Authenticator questions may be answered here:
https://support.microsoft.com/en-us/account-billing/common-questions-about-the-microsoft-authenticator-app-12d283d1-bcef-4875-9ae5-ac360e2945dd