Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Multi-factor authentication (MFA) is a method of authentication that requires the use of more than one verification method and adds a second layer of security to user sign-ins and transactions. The security of MFA lies in its layered approach. Compromising multiple authentication factors presents a significant challenge for attackers. Even if an attacker manages to learn a user's password, it is useless without also having possession of the additional authentication method. It works by requiring any of the following verification methods after you enter your password:

  • A one-time pass code generated by a token device

  • A phone call with a one-time pass code

  • A smartphone authenticator app with push-notification approval or a one-time pass code

Note

At Missouri State University, MFA can be is used with your Office 365 Education and Admin Banner accounts. Some As of September 24, 2019 all Admin Banner users must use MFA to login. Currently, only some departments currently require the use of MFA on these accounts. In with Office 365, but in the future , all Missouri State users will use MFA to keep their accounts secure.


Table of Contents
maxLevel3

Step-by-step guide

Step 1: Set Up your MFA Options

  1. Open your web browser and navigate to https://aka.ms/mfasetup.
  2. Sign in with your Office 365 username and password.


  3. You will be prompted about staying signed in. Choose No if you are on a public computer.

     
  4. You will be prompted to set up additional information. Click Next.


  5. You will be taken to the Additional security verification page. 


  6. On Step 1, choose how you would like to be contacted for authorization from the drop-down menu. The various options are explained below in Authentication Options.

Authentication Options

Authentication Phone

This can be your office phone number or your mobile phone number. We recommend entering a mobile phone number because you may not be in your office every time you need to authenticate your account.

  1. Enter the phone number where you want to be contacted.
  2. Choose an authentication method.
    1. Send me a code by text message: This option is for mobile phones only. You will receive a six-digit code via SMS text message that you must enter online to verify your sign-on.


    2. Call me: You will receive a voice call and must select the pound (#) key to verify your sign-on.
Office Phone

Your office phone number is auto-populated from the Missouri State University directory. If you select this option you will receive a voice call and must select the pound (#) key to verify your sign-on.

Mobile App

Tip

This is the preferred authentication option. Download the Microsoft Authenticator app to get started.

  You must have a mobile phone to use this option. 

  1. Select Mobile app from the drop-down menu.
  2. Choose an authentication method.
    1. Receive notifications for verification: You will be prompted to configure your authenticator app. Once configured, you will receive a push notification on your mobile device that you must approve to verify your sign-on.


    2. Use verification code: You will be prompted to configure your authenticator app. Once configured, you will open the authenticator app to retrieve a six-digit code that you must enter online to verify your sign-on.


  3. See How to Set Up the Microsoft Authenticator App for more information. 

Step 2: Set Up Additional MFA Options

  1. After you set up your first verification option in Step 1, you will be taken to the Additional security verification page. Here you can set up more verification options. It is highly recommended that you set up at least two (2) verification options in case your first option fails or you are unable to access the option you selected (such as an office phone). 

    Info

    You will see on the Additional security verification page that there is an option for an Authenticator app or Token.

    The Authenticator app refers to a mobile application like Microsoft Authenticator described above. A Token is a key fob-like device with a digital display that can be carried on your keychain. It generates authentication codes that you can use to verify your sign-on attempts. If you would like to use this as an authentication method, please email InformationSecurity@MissouriState.edu to request a token. The Information Security office will then assign you a token and associate it with your account. Once you receive your token, you can return to https://aka.ms/mfasetup and select the Authenticator app or Token option, and select Use verification code from app or token as your preferred verification method (step 3 below).

  2. In the below example, three (3) verification options have been set up: authentication phone with a Missouri State office phone number, authentication phone with a cell phone number, and authenticator app with an iPhone. Set up your options as desired.


  3. Once you have set up all of your desired verification methods, choose a preferred verification option at the top of the page. If you use a mobile authenticator app, Notify me through app or Use verification code from app or token should be your preferred choice.


  4. Once your preferences are set, click Save. Your account is now ready to use MFA. Information Security will contact you before MFA is turned on and required for your account. Until then, you will not need to use MFA.

How

it Works

to Login with MFA

Note

Your device Once MFA is activated on your Office 365 account, your computer must be updated to at least Office 2016 for MFA. If you are using an older version, such as Office 2013, you will not be able to sign in to Outlook or other applications with Office 365 MFA.


  1. Once MFA has been turned on for your

    account(s)

    Office 365 and/or Admin Banner, you will

    be prompted to approve your sign-on attempts with the

    login with your Office 365 email address. 
    Image Added

    Info

    Once MFA is activated on your Admin Banner account, you will no longer have a separate Banner username and password. You will login with your Office 365 username and password: abc123@missouristate.edu

  2. You will see a screen similar to the one below when logging in with MFA on both Office 365 and Admin Banner, depending on the preferred verification option you selected in Step 2 above. The example below uses the Microsoft Authenticator app as the preferred option.
    Image Added

    Info

    How often you are required to authenticate depends on several factors, including whether you are using a new device, a different browser, a browser in private/incognito mode, etc. You will be prompted to approve sign in requests for every device that you log in with, including your work computer, laptop, mobile phone, tablet, etc.


    Image Removed

    At minimum, you will be prompted to authenticate your logins to Admin Banner every seven (7) days and Office 365 every ninety (90) days. 

  3. If you are unable to authenticate with your preferred option you will be able to choose another authentication method from your selected options. Simply select Sign in another way to use a different method.


  4. Choose one of the available options to approve your sign-on attempt.
Note

Once MFA has been turned is activated on for your Office 365 account, your computer must be updated to at least Office 2016. If you are using an older version, such as Office 2013, you will not be able to sign in to Outlook or other applications with Office 365 MFA. You will also need to authenticate every instance where you are signed into an Office 365 application. This includes:

  • Outlook on your desktop
  • The Outlook app on your mobile device(s)
  • Office 365 online
  • Any Office 365 mobile apps or desktop applications, such as OneNote, Teams, Groups, OneDrive for Business, and the Word, Excel, and PowerPoint apps.
  • The native email client on your mobile device, such as Mail on iOS. (The native Android email client cannot be used with MFA. Please download the Outlook mobile app instead).

Please contact the Information Security Office if you have any questions or concerns: InformationSecurity@MissouriState.edu

Resources

How it works: Azure Multi-Factor Authentication

Plan for multi-factor authentication for Office 365 deployments

Set up 2-step verification for Office 365

Use Microsoft Authenticator with Office 365

Info
iconfalse

Related articles:

Content by Label
showLabelsfalse
max5
showSpacefalse
cqllabel = "security"
labelskb-how-to-article



For questions or comments, contact the Computer Services Help Desk
HelpDesk@MissouriState.edu
417-836-5891