Passwordless
About
Passwordless authentication methods are more convenient because the complex password is removed from the authentication flow. Instead, you sign in with something you have, and verify with something you are or something you know.
Students at UNW can leverage passwordless authentication with Phone Sign-in on the Microsoft Authenticator app or FIDO2 security keys as described in this article.
Something you know | Something you have | Something you are |
---|---|---|
|
|
|
When will I need to use my UNW password?
A password may be required on certain systems that have not yet been converted to use passwordless methods. Some examples include:
Registering a device on the UNW Wi-Fi (rx.unwsp.edu)
Printing through Papercut (print.unwsp.edu)
Accessing UNW Windows & Mac computer labs
Accessing virtual machines within VMware Horizon (vws.unwsp.edu)
Accessing virtual machine terminals (located in library & dorms)
Important security reminders
Never approve a login request you did not initiate.
Always confirm you are at a UNW login page before entering a password. The most important one to remember is: login.microsoftonline.com
UNW staff will never ask for your account password.
If you suspect your account is compromised, such as repeatedly requesting codes/approval: decline the requests and contact IT immediately.
Microsoft Authenticator: Phone Sign-in
Prerequisites for Phone Sign-in
Install and setup the Microsoft Authenticator app: Getting started with Microsoft Authenticator (MS MFA App)
Your phone must have a screen lock PIN or biometric (fingerprint or face) enabled to secure the device.
No mobile phone?
You can also use a FIDO2 security key or an iOS / Android tablet that supports Microsoft Authenticator.
Turn on Phone Sign-in
Open the Microsoft Authenticator app.
Tap your UNW account to view more details.
Choose the option Enable phone sign-in.
Tap Continue to register the device with UNW.
Enter your password, tap Sign in.
Tap Register.
Once the registration completes, tap Continue.
Registering your mobile phone does not allow UNW or Microsoft any control over the device.
The registration records information about the device software version, who it is registered to, and establishes secure information to be used for sign-ins.
First time login process
Enter your username if it is not already populated, choose Next.
If you are prompted for your password, choose Other ways to sign in.
Select the option Approve a request on my Microsoft Authenticator app.
Open the Microsoft Authenticator app to enter the number displayed, then tap Yes.
Security Keys (FIDO2)
Fast Identity Online (FIDO) represents hundreds of organizations from various industries on a joint mission to replace passwords with an easy-to-use strong credential. The resulting FIDO2 hardware security key reduces the ability of attackers to complete phishing attacks and is shown to both reduce sign-in complexity and increase security. It provides a streamlined user sign-in experience by replacing passwords with strong multifactor authentication. The security key holds your credential and is protected with a second factor such as a fingerprint or PIN.
Setup a Security Key
Managing Security Keys
Supported Security Keys
FIDO2 WebAuthN
FIDO U2F Only
Look for Microsoft Entra (Azure) support in your key provider's documentation. A list of compatible manufacturers is available from Microsoft here: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-fido2-hardware-vendor#current-partners
Supported Browsers
| Chrome | Edge | Firefox | Safari |
---|---|---|---|---|
Windows | ✅ | ✅ | ✅ | N/A |
macOS | ✅ | ✅ | ✅ | ✅ |
ChromeOS | ✅ | N/A | N/A | N/A |
Linux | ✅ | ❌ | ❌ | N/A |
iOS | ✅ | ✅ | ✅ | ✅ |
Android | ✅ | ✅ | ❌ | N/A |
Learn more about FIDO2 compatibility here: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-fido2-compatibility