Difference between revisions of "Multi-factor authentication for Office 365"
| Line 25: | Line 25: | ||
==Our recommendation== | ==Our recommendation== | ||
| − | {{WSU}} Information Technology Services recommends that you use the Microsoft Authenticator app as your default verification method | + | {{WSU}} Information Technology Services recommends that you use the Microsoft Authenticator app as your default verification method and enable all three other methods as fail-safes. Install the app on any Apple or Android mobile phone or tablet to which you have continuous access and that is connected to the Internet via your cellular data plan and/or WiFi service. |
==Change your settings== | ==Change your settings== | ||
Revision as of 04:55, 13 February 2020
Multi-factor authentication (MFA) for Office 365 is available to all Winona State University students and employees for securing your access to our primary campus messaging, file storage, collaboration, and productivity system. Once you enable MFA, you will verify your credentials using a second method only available to you (e.g., respond to a notification sent to your phone) when signing in to your Winona State University Microsoft Office 365 account. You can change your default verification method any time. MFA is the best way to prevent someone who steals your StarID password from accessing your Office 365 account.
How to enable MFA
Enabling MFA on your Microsoft Office 365 account is a two-step process. First, turn on MFA in your Office 365 settings and specify your preferred verification method. Second, inform the Technical Support Center (TechSupport@winona.edu, 507-457-5240, Somsen Hall 207) that you are ready to use MFA. Within 15 minutes of receiving an email confirmation from the TSC, you will be prompted to sign in to your Office 365 account using MFA.
Understand your verification options
MFA for Office 365 makes use of your various phones and other mobile devices to verify your Office 365 credentials. When you first enable MFA, your three verification options are:
Authentication phone
Choose this option to receive a one-time password (e.g., a random sequence of digits) via a robocall or text message sent to a phone number you provide. Although this does not need to be a smartphone, the text messaging option does require a compatible phone. Text messages will arrive via your phone's default messaging app (e.g., Apple iMessage).
Office phone
Choose this option to receive a one-time password via a robocall sent to the Winona State University office phone assigned to you in the campus directory.
Mobile app
Choose this option to use the Microsoft Authenticator app to approve access. You can decide whether to receive a notification from the app that you can simply select to "Approve" or use one of the rolling, one-time passwords generated by the app. This method allows you to use any device on which the Microsoft Authenticator app is installed and configured to verify access. This includes your mobile phone, tablet, or even an Apple Watch.
Add an alternate phone
Although this option is not available until after you enable MFA, you can then edit your Office 365 security settings and add an alternate phone as a backup, just in case you cannot access your authentication phone, office phone, or any device with the Microsoft Authenticator app configured. In such cases, you can opt to receive a robocall with a one-time password on an alternate phone of your choosing (e.g., your home phone).
Enable multiple verification methods
When your initial configuration is complete, you can enable multiple verification methods. This way, if your default method fails or is unavailable (e.g., your mobile phone's battery is dead), you can use a different method instead.
Our recommendation
Winona State University Information Technology Services recommends that you use the Microsoft Authenticator app as your default verification method and enable all three other methods as fail-safes. Install the app on any Apple or Android mobile phone or tablet to which you have continuous access and that is connected to the Internet via your cellular data plan and/or WiFi service.
Change your settings
Once you have enabled MFA on your Winona State University Office 365 account, you can change your default verification method and edit your phone numbers.
More wiki articles
- Frequently asked questions about Office 365 multi-factor authentication
- How to enable multi-factor authentication on your Office 365 account
- How to change your Office 365 multi-factor authentication settings
Downloads
External links
- What's a one time password?
- No doubt about it: Your password has been stolen
- Google data shows 2-factor authentication blocks 100% of automated bot hacks - The Next Web
- Why You Should Start Using Two-Factor Authentication Now - Heimdal Security
- How to Secure Your Accounts with Better Two-Factor Authentication - Wired.com