Multi-Factor Authentication
Multi-Factor Authentication for All
Multi-factor Authentication (MFA) is a way of verifying that people logging into our systems are indeed the people we think they are. In these times when malicious and phishing email attacks are a daily occurrence, MFA provides a way to limit the impact of these attacks and help ensure that only authorized people are accessing our systems.
Getting Started
Pre-Requisites
In order to use multi-factor authentication with your Central Methodist University account, you will need to ensure the following pre-requisites are met:
- You have a device that can receive SMS texts and/or download the Microsoft Authenticator app
Setup Multi-Factor Authentication
First, verify that you meet the pre-requisites above. Then, you will need your mobile phone, a computer, and Internet access to complete the setup.
1. Select Your Multi-Factor Verification Option
When you sign into your O365 account, an additional verification request is sent to you. The following are a list of methods that can be used for this second type of verification.
Tech Services recommends the Microsoft Authenticator App method - while it takes a bit longer to set up, it is the fast verification option allowing you to just tap approve on your phone.
Verification method | Description |
Phone call | A call is placed to a your mobile phone asking you to verify that it is you signing in. Press the # key on your phone to complete the verification process. |
Text message | A text message is sent to a your mobile phone with a 6-digit code. Enter this code to complete the verification process. |
Mobile app notification (requires download of Microsoft Authenticator App on your phone) | A verification request is sent to your mobile phone asking you to complete the verification by selecting Verify/Approve from the mobile app. This occurs if app notification is the primary verification method. If you receive this notification when you are not signing in, you can report it as fraud. |
Verification code with mobile app (requires download of Microsoft Auntenticator App on your phone) | The mobile app on your device generates a verification code. This occurs if you selected a verification code as your primary verification method. |
2. Download the Microsoft Authenticator App on your Mobile Phone
iPhone:
- Go to App Store
- Search for Microsoft Authenticator
- Tap on the Microsoft Authenticator app to download
- Click "Get" to begin installation
- Once the app is installed, click on Open.
- Tap Allow on the “Authenticator would like to send you notifications screen"
- On the Accounts screen, tap ADD ACCOUNT
- Under “What kind of account are you adding?” Select Work or school account.
- A pop up box will appear asking, “Authenticator” Would Like to Access the Camera?”
- Tap OK (You will need to take a picture of the QR code found in the next step of setup instructions).
- Your camera will turn on and is ready to record the QR code. Set your phone down temporarily and go to your computer.
Android:
- Go to Apps, select Play Store
- Search for Microsoft Authenticator
- Click Install
- Once the app is installed, click on Open.
- On the Accounts screen, click on ADD ACCOUNT
- Under “What kind of account are you adding?” Select Work or school account.
- A pop up box will appear asking, “Allow Authenticator to take pictures and record video?”
- Tap ALLOW (You will need to take a picture of the QR code found in the next step of setup instructions).
- Your camera will turn on and is ready to record the QR code. Set your phone down temporarily and go to your computer.
3. MFA Setup in Office 365 using the Mobile App (Note: if you previously set up MFA and have a new phone/lost your phone see the FAQs for instructions)
Complete the remainder of the setup process in Office 365 at a computer. You will also need your mobile phone near you for the following steps.
Setup Multi-Factor Authentication in Office 365
Note: These instructions are for the first time/initial setup of MFA. If you want to change your verification method from what you are currently using, follow the instructions in the FAQs Section at the bottom of the page - "How do I to change my verification method?"
- Make sure you have already downloaded the Microsoft Authenticator App on your phone.
- Go to portal.office.com
- Sign into Office 365 on your computer with your Eagle mail account & password. Click on the blue box under your name that says “Set it up now”
- In the drop down box next to Step 1: How should we contact you? choose Mobile App
- Next to How do you want to use the mobile app? Choose “Receive notifications for verification”.
- Click on Set up.
- You will see the Configure mobile app dialog box on your computer. (You should already have the app installed on your smartphone). On your mobile phone open the Authenticator app
- Scan the QR image displayed in your browser.
- Once you have successfully scanned the image, your account will be added automatically to the Authenticator app on your phone, and it will display a six-digit code.
- On your computer, Choose Contact Me in your browser on the Office 365 page.
- Next you will verify that Office 365 can reach your mobile phone.
- You should receive a push notification on your mobile phone. Tap Approve/ Verify (Android/iPhone)
- On your computer you will next see the follow screen. O365 sets up an initial app password for you to use with other applications so these other apps can connect to your Office 365 account. If you're using other apps like the default email on an android mobile hone, you'll need to create an app password so these other apps can connect to your Office 365 account.
- Go to your mobile phone and open up your default email account (Note: iPhone users - if you are using iOS 11 on your phone you will not need to use the app password for the default mail app). You will need to change your password to the app password provided by Office 365 (like the one shown on the screenshot above).
- Your mobile phone should now be able to access Office 365. Go to your computer, click Done in your browser.
MFA Authenticator setup without two devices
How to setup the MFA authentication app without having a second device.
You are now set up to use Multi-Factor Authentication on Office 365 and on your mobile phone default email application.
Frequently Asked Questions
What is Multi-Factor Authentication (MFA)?
MFA is a security method for your account that helps verify that you are actually the person who is logging into your account.
How it works:
- You log into your account with your Eagle mail username & password.
- You will then get the notification via the method you chose during set up (a text, phone call, or mobile app verification) to verify it is you logging into your account.
How does MFA make my account safer?
MFA adds an additional layer to the login process.
MFA is more secure than just a password, because it relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you is a phone or device that you commonly have with you. When your account is protected with two-step verification, that means that a malicious hacker can't sign in as you if they get your password somehow because they don't have access to your phone, too.
Here is an example: Let's say a unscrupulous person in Antarctica steals your Eagle mail username and password. When that person attempts to log into your account they will be prompted to verify who they are with MFA (either with a text, phone call, or through the mobile app). Since you have your mobile phone in your possession, when the notification is sent they will not be able to provide this verification and are less likely to be able to access your account.
You will be alerted that someone tried to access your account. Since you know it isn't you, you can then make sure to change your password and thwart the cyber criminal.
What do I do if I don't receive the MFA notification?
On the log in screen there is a link to "sign in a another way".
Depending on how you have set up MFA you can choose one the following:
- Text
- Phone call to your mobile phone
- Phone call to an alternate phone (only available if you have added another number in MFA)
- Approve a request (only for Microsoft Authenticator App users)
- Verification code from mobile app (only for Microsoft Authenticator App users)
Note: You can add an alternate phone number at any time by going to the security settings in O365 for MFA
How do I use a different verification option (one time)?
If you didn't receive the notification on your phone you can choose to have the verification resent or choose a different method of verification.
To try signing in with a different method, follow these steps:
- On a computer, go to https://outlook.com/owa/centralmethodist.edu
- Sign into Office 365 with your username@centralmethodist.edu and your associated password.
- When the two-step verification page opens, choose Use a different verification option.
- Select the verification option you want to use.
- Continue with two-step verification.
How do I Change My Verification Method?
If you want to change how you receive your verification through Office 365, there are several options you can choose from:
- Calling your authentication phone
- Text a code to your authentication phone
- Notify you through a push notification on the Microsoft Authenticator app - (If you want to use the Microsoft Authenticator App download the app first, then follow the instructions below.)
- Enter a code from the App
Instructions:
-
You can follow this link to open the Additional security verification page. You can get to the Additional security verification page by following these steps:
- Sign in to the Eagle Mail portal.
- Under Security info select Update info.
What if I get a new phone (with the same phone number) and need to update the Microsoft Authenticator App?
Instructions:
- On a computer, go to: https://account.activedirectory.windowsazure.com/proofup.aspx?proofup=1\
- You will be prompted to verify with MFA - select "Having trouble? Sign in another way" and select the text option to verify.
- Under "what's your preferred option?" click on the drop down arrow and make sure Notify me through app is selected.
- Make sure the box next to Authenticator App is checked, then click on Configure.
- Install the Microsoft Authenticator app on your new mobile phone.
- In the app, add an account and choose "Work or school account"
- Scan the QR code on your computer then click Next.
- The 6 digit verification code should then appear on your phone. You will then be prompted to verify using the app. Once you have successfully verified you can close out of O365.
How do I change my phone number or add a second number?
It is important to set up a second/ backup phone number. Because your primary phone number and your mobile app are probably on the same phone, the secondary phone number is the only way you will be able to get back into your account if your phone is lost or stolen without having to contact the Technology Services help desk.
Note: If you don't have access to your primary phone number, and need help getting in to your account, contact helpdesk@centralmethodist.edu
To change your primary phone number:
-
You can also get to the Additional security verification page by following these steps:
- Sign in to the Eagle Mail portal.
- Under Security info select Update info.
What if I lost my phone or get a new phone number?
There are two ways to get back in to your account.
- Sign in using your alternate authentication phone number, if you previously set one up.
- If you didn't set up an alternate authentication phone number you will need to contact the tech desk for assistance.
What if I don't have a mobile phone?
Download the Microsoft Authenticator App on any mobile device, one example would be an iPad. Please contact the helpdesk to discuss your options.
Please contact the help desk to discuss your options if you do not have a phone.