Multi-factor authentication for Office 365
Multi-factor authentication for Office 365 is available to all Winona State University students and employees for securing your access to our primary campus messaging, file storage, collaboration, and productivity system. MFA is the best way to prevent someone who steals your StarID password from accessing your Office 365 account.
How it works: Once multi-factor authentication (MFA) is enabled, when you go to sign into your Microsoft Office 365 account you will be prompted to verify your StarID credentials with a notification sent to your cell phone or office phone. This is setup with an Authenticator app.
Enabling MFA on your Microsoft Office 365 account is a two-step process:
- Turn on MFA in your Office 365 settings and specify your preferred verification method
- Browse to the Multi-factor Authentication Request page and select the Enable MFA button.
Your initial verification options
MFA for Office 365 uses your phone as a second step to verify your Office 365 credentials. When you first enable MFA, your three verification options are:
Choose this option to receive a one-time password (e.g., a random sequence of digits) via a robocall or text message sent to a phone number you provide. Although this does not need to be a smartphone, the text messaging option does require a compatible phone. Text messages will arrive via your phone's default messaging app (e.g., Apple iMessage).
Choose this option to receive a confirmation request via a robocall to the Winona State University office phone assigned to you in the campus directory.
Choose this option to use the Microsoft Authenticator app to approve access. You can decide whether to receive a notification from the app that you can tap to approve access or use one of the rolling, one-time passwords generated by the app. Use any device on which the Microsoft Authenticator app is installed, including your mobile phone, tablet, or smartwatch.
Personalize your MFA settings
Once you have completed the initial setup, you can edit your MFA settings at any time to:
Add an alternate phone
Add a third phone as a verification backup, in case you cannot access your primary authentication phone, office phone, or any device with the Microsoft Authenticator app configured. If you enable this option, you choose to receive a confirmation request via a robocall to an alternate phone number (e.g., your home phone).
Enable multiple backup verification methods
Enable any of the other verification methods as fail-safes. If your default method fails or is unavailable (e.g., your mobile phone's battery is dead), you can use a different method instead.
Change phone numbers, choose a different verification default, or enable/disable the other verification methods.
Pair or remove Microsoft Authenticator devices
Pair other devices running the Microsoft Authenticator app with your Winona State University Office 365 account or unpair existing devices.
Winona State University Information Technology Services strongly recommends using the Microsoft Authenticator app as your default verification method, while enabling the other three methods as fail-safes. Install the app on any Apple or Android mobile phone or tablet to which you have continuous access and that is connected to the Internet via your cellular data plan or WiFi service.
More wiki articles
- How to install the Microsoft Authenticator app
- How to enable multi-factor authentication on your Office 365 account
- How to change your Office 365 multi-factor authentication settings
- How to enable multi-factor authentication on your personal accounts
- Frequently asked questions about Office 365 multi-factor authentication
- What's a one time password?
- Verizon 2019 Data Breach Investigations Report
- No doubt about it: Your password has been stolen
- Google data shows 2-factor authentication blocks 100% of automated bot hacks - The Next Web
- Why You Should Start Using Two-Factor Authentication Now - Heimdal Security
- How to Secure Your Accounts with Better Two-Factor Authentication - Wired.com