Multi-Factor Authentication

multi-factor authentication image

 

DoIT has made it easier than ever for you to add more security for your credentials. Multi-factor Authentication, or MFA, is a security enhancement that allows you to present two pieces of evidence when logging in to an account. Your credentials fall into different categories, like something you know (like a password or PIN), something you have (like a mobile device). Your credentials must come from two different categories to enhance security. Simply entering two different passwords would not be considered multi-factor. Entering a password and using something in your possession like a mobile phone is a good example of MFA.

UNCP requires Multi-Factor Authentication (MFA) for your account when logging in while you are on campus as well as away from campus. The available second factor options include: 

  • Microsoft Authenticator mobile app 
  • Small USB device can be purchased as an alternative hardware token method 

How to Register or Make Changes for MFA 

  1. Login to your Office 365 account. 
  2. Click your profile icon in the upper right. 
  3. Choose View Account (or My Account). 
  4. Choose Security info. 
  5. Choose + Add Method. 
  6. Set your default sign-in method. 

You may also go through this process to add or change an authentication method.

 

How Will MFA Authentication Work? 

When you first sign-in to Office 365 in your browser from a device while away from campus, you will be required to use MFA. 

  • Authenticator app – an approval request will be sent to your mobile device. 
  • Small USB device can be purchased as an alternative hardware token method. The token requires no software installation or battery so just plug it into a USB port and touch the button, or tap-n-go using NFC for secure authentication. 

 

Will I Be Required to Use MFA With Each Sign-in? 

Once you have successfully signed-in, you will not be required to use MFA for every subsequent sign-in attempt from the same device. Security tokens stored in the background ensure a safe login and help reduce the number of times you must actively approve a sign-in.  

 

Alternative MFA Method

A small USB device can be purchased as an alternative hardware token method for users who do not have a smart device. DoIT recommends the Yubikey 5 series tokens which have been successfully tested.