Multifactor authentication doesn’t have to be scary
Published on
October is a month filled with ghouls and ghosts, but it’s also a perfect time to conjure up protection for your university account! Don’t let unauthorized access haunt you – take steps this Cybersecurity Month to secure your account and keep digital goblins at bay.
The simplest and most secure way to protect your university account is with multifactor authentication (MFA). Setting up MFA doesn’t have to be scary, though.
Some employees and students may be using MFA through a code sent via text message to their cell phone when they try logging in. While this is a common practice, text message authentication is a less secure method of authentication and should be avoided, Cater said.
“Scammers have found ways to circumvent the authentication process by intercepting the text messages,” Cater said. “Authenticator apps like Microsoft Authenticator are more secure and reliable than text messages, so we recommend switching from text messages to an authenticator app. Contrary to what you may have heard or experienced in the past, setting up the app doesn’t have to be scary.”
Demystifying the authenticator app
The Microsoft Authenticator app sends a notification to your phone with a code for logging in with your university credentials. It’s safer than receiving a code via text message because it’s harder for scammers to intercept.
Nervous to set up the authenticator app? Don’t be, Cater says.
“Setting up the Microsoft Authenticator app can be done in just a few minutes,” Cater said. “Don’t let these steps scare you off. Once the app is set up, it’s a quicker, more secure and more reliable way to access your account.”
How to download the Microsoft Authenticator app:
On your mobile device, search your app store for “Microsoft Authenticator.” It’s available on Apple, Android and Blackberry devices. The easiest way to register the mobile app is by using your computer and your mobile device.
Once the app is downloaded, follow these instructions:
- Open the app and follow the prompts on the installer. Note: To use some of the authorization features, you must have your notifications enabled for the application on your device.
- Click Add Account (+)
- Select Work or School Account – This will ask to allow the use of your camera so it may scan a QR code
- Go to https://mysignins.microsoft.com on your computer
- Select + Add Method
- Choose Authenticator App
- Select Confirm
- It will prompt to set up your account – Select Next
- The QR code should appear on the screen where you can scan it from the app
- If you cannot scan the image, you can select “Can’t scan image” below the QR code, which will show you a URL you will need to enter on the app.
- If you are working solely from your phone, you can visit https://mysignins.microsoft.com from a mobile browser window and look for the “Pair your account with the app by clicking this link” option in blue to set up the app.
- Once the code is scanned, click “Next” on your computer
- The computer will send a notification to your mobile device – Select Approve
- If you’d like your app to be the default method, choose “Change” next to Default Sign-in Method to Microsoft Authenticator – Notification under “Security Info” at https://mysignins.microsoft.com.
- Enter the passcode you received and click submit
Call the IT Help Desk or check with your IT Pro if you have trouble or need one-on-one assistance.
While the authenticator app is recommended for most users, some employees or students may benefit from other MFA options, like a security key instead of the authenticator app. A security key is a physical device that must be plugged in to log in. Visit the secure authentication toolkit for more information on MFA and security keys.