Multi-factor authentication for Office 365

From WSU Technology Knowledge Base
Jump to navigation Jump to search

Multi-factor authentication for Microsoft 365 is available to all Winona State University students and employees for securing your access to our primary campus messaging, file storage, collaboration, and productivity system. MFA is the best way to prevent someone who steals your StarID password from accessing your Microsoft 365 account.

How it works: Once multi-factor authentication (MFA) is enabled, when you go to sign into your Microsoft 365 account you will be prompted to verify your StarID credentials with a notification sent to your cell phone or office phone. This is setup with an Authenticator app.

Enable MFA

Enabling MFA on your Microsoft 365 account is a two-step process:

  1. Turn on MFA in your Microsoft 365 settings and specify your preferred verification method
  2. Browse to the Multi-factor Authentication Request page and select the Enable MFA button.

Your initial verification options

MFA for Microsoft 365 uses your phone as a second step to verify your Microsoft 365 credentials. When you first enable MFA, your three verification options are:

Authentication phone

Choose this option to receive a one-time password (e.g., a random sequence of digits) via a robocall or text message sent to a phone number you provide. Although this does not need to be a smartphone, the text messaging option does require a compatible phone. Text messages will arrive via your phone's default messaging app (e.g., Apple iMessage).

Office phone

Choose this option to receive a confirmation request via a robocall to the Winona State University office phone assigned to you in the campus directory.

Mobile app

Choose this option to use the Microsoft Authenticator app to approve access. You can decide whether to receive a notification from the app that you can tap to approve access or use one of the rolling, one-time passwords generated by the app. Use any device on which the Microsoft Authenticator app is installed, including your mobile phone, tablet, or smartwatch.

Personalize your MFA settings

Once you have completed the initial setup, you can edit your MFA settings at any time to:

Add an alternate phone

Add a third phone as a verification backup, in case you cannot access your primary authentication phone, office phone, or any device with the Microsoft Authenticator app configured. If you enable this option, you choose to receive a confirmation request via a robocall to an alternate phone number (e.g., your home phone).

Enable multiple backup verification methods

Enable any of the other verification methods as fail-safes. If your default method fails or is unavailable (e.g., your mobile phone's battery is dead), you can use a different method instead.

Change settings

Change phone numbers, choose a different verification default, or enable/disable the other verification methods.

Pair or remove Microsoft Authenticator devices

Pair other devices running the Microsoft Authenticator app with your Winona State University Microsoft 365 account or unpair existing devices.

Our recommendation

Winona State University Information Technology Services strongly recommends using the Microsoft Authenticator app as your default verification method, while enabling the other three methods as fail-safes. Install the app on any Apple or Android mobile phone or tablet to which you have continuous access and that is connected to the Internet via your cellular data plan or WiFi service.

More wiki articles

External links