Multi-factor authentication for Office 365

From WSU Technology Knowledge Base
Jump to: navigation, search

Multi-factor authentication for Office 365 is available to all Winona State University students and employees for securing your access to our primary campus messaging, file storage, collaboration, and productivity system. Once multi-factor authentication (MFA) is enabled, you will verify your StarID credentials using a second step available to you only (e.g., respond to a notification sent to your phone) when signing in to your Microsoft Office 365 account. MFA is the best way to prevent someone who steals your StarID password from accessing your Office 365 account.

How to enable MFA

Enabling MFA on your Microsoft Office 365 account is a two-step process:

  1. Turn on MFA in your Office 365 settings and specify your preferred verification method
  2. Inform the Technical Support Center (TechSupport@winona.edu, 507-457-5240, Somsen Hall 207) that you are ready to use MFA.

Your initial verification options

MFA for Office 365 uses your phone as a second step to verify your Office 365 credentials. When you first enable MFA, your three verification options are:

Authentication phone

Choose this option to receive a one-time password (e.g., a random sequence of digits) via a robocall or text message sent to a phone number you provide. Although this does not need to be a smartphone, the text messaging option does require a compatible phone. Text messages will arrive via your phone's default messaging app (e.g., Apple iMessage).

Office phone

Choose this option to receive a confirmation request via a robocall to the Winona State University office phone assigned to you in the campus directory.

Mobile app

Choose this option to use the Microsoft Authenticator app to approve access. You can decide whether to receive a notification from the app that you can tap to approve access or use one of the rolling, one-time passwords generated by the app. Use any device on which the Microsoft Authenticator app is installed, including your mobile phone, tablet, or smartwatch.

Personalize your MFA settings

Once you have completed the initial setup, you can edit your MFA settings at any time to:

Add an alternate phone

Add a third phone as a verification backup, in case you cannot access your primary authentication phone, office phone, or any device with the Microsoft Authenticator app configured. If you enable this option, you choose to receive a confirmation request via a robocall to an alternate phone number (e.g., your home phone).

Enable multiple backup verification methods

Enable any of the other verification methods as fail-safes. If your default method fails or is unavailable (e.g., your mobile phone's battery is dead), you can use a different method instead.

Change settings

Change phone numbers, choose a different verification default, or enable/disable the other verification methods.

Pair or remove Microsoft Authenticator devices

Pair other devices running the Microsoft Authenticator app with your Winona State University Office 365 account or unpair existing devices.

Our recommendation

Winona State University Information Technology Services strongly recommends using the Microsoft Authenticator app as your default verification method, while enabling the other three methods as fail-safes. Install the app on any Apple or Android mobile phone or tablet to which you have continuous access and that is connected to the Internet via your cellular data plan or WiFi service.

More wiki articles

External links