Multi-factor Authentication (MFA) & Single Sign-On (SSO)

 

What is MFA and SSO?

Multi-factor authentication (MFA) offers an added level of security by granting access to a website or application only after successfully presenting two or more pieces of evidence (or factors).

How do I enroll?

Upon your first login using your SUnet credentials after the MFA service is activated, you will receive a call or text to the phone number you have associated with your account. 
 

After following the prompt given in the call or text, navigate to your My Sign-Ins Security Info page by going to https://mysignins.microsoft.com/security-info

 

 

On the My Sign-Ins Security Info page, you can change the default sign-in method from call to text (if preferred) as well as adding additional sign-in methods (secondary email, authenticator app, alternate phone number).
 

This video will provide you with a walkthrough of this process.
 

If interested in using an authenticator app, please see this guide for setting-up the Microsoft Authenticator app.

When will I be prompted with my second factor?

You will be prompted for your second factor when you log in from a new device, new browser, or after 30 days has passed since your last MFA prompt. 
 

If using VPN, you will be prompted for your second factor each time you connect.

Why does OIT do this?

To enhance SU user account security while also simplifying the login process.

What if I don’t want to use my cell phone?

If you choose not to use your cell phone, you can elect to use an alternative phone number (office or home phone) to receive a call with authentication instructions.

Where can I learn more about phishing scams?

Check out this video provided by SANS Security Awareness: Email and Phishing