What is Multi-Factor Authentication (MFA)?

Multi-factor authentication is a process where you are asked to provide multiple forms of identification, such as a password and a code from your cellphone.

The use of multiple forms of identification protects your account in case your password is leaked or hacked, because the hacker does not have your additional forms of identification.    

Setup MFA with Authenticator App                               Setup MFA with SMS            

Troubleshooting MFA with Apple

MFA.png

Multi-Factor Authentication works by requiring two or more of the following authentication methods:

  • Something you know, typically a password.
  • Something you have, a trusted device like a phone or hardware key.
  • Something you are, biometrics such as a fingerprint or face scan.

MFA registered accounts are up to 99.9% less likely to be compromised.

All faculty, staff, students, and university partners/contractors who receive a university account must use MFA.

Microsoft Authenticator (Preferred Method)

  • Microsoft authenticator is the preferred solution for approving MFA requests. It provides simple push notifications so the user does not have to enter codes into the authentication dialogue, and can generate 6 digit TOTP codes if needed.

SMS Codes

  • Users can receive text messages / SMS containing codes they an enter to approve the authentication.

Phone Calls

  • Users can register a cell or landline phone number to receive call that prompts them to approve the authentication.

Trusted devices and Locations

To make MFA rollout as smooth as possible, we have created two scenarios where your location or device will act as the additional authentication factor for MFA:

  • Logins from on-campus will not receive an additional MFA challenge (satisfied with something you know and somewhere you are).
  • Logins from University owned and managed machines will not require an MFA challenge (please contact security@uakron.edu to use this option).

Other Time-based One-time Password algorithm (TOTP) Authenticators

MFA works with any 3rd party authenticator that uses the TOTP protocol. This allows users to use an existing TOTP authenticator they may already have for their bank, personal email account, or video game service. While the University allows the use of third party applications as an MFA factor, we cannot provide support due to the variety of solutions out there.

  • Mobile TOTP Applications: Authenticator apps such as Google Authenticator, Last Pass, DUO, and Authy are all compatible with Microsoft MFA. Several authenticator apps are also available for Android Wear and the Apple Watch.

  • Desktop TOTP Applications: Desktop applications such as WinOTP Authenticator for Windows, Step Two for MacOS, and KeePassXC for Linux (and other platforms).

  • Web Based TOTP Applications: Web services such as Authy can provide TOTP generation. Some of these web services also have companion apps for mobile and desktop devices.

  • Hardware TOTP Tokens: Stand-alone TOTP authenticators are generally available and will work with Microsoft MFA. YubiKeys are also supported, though they require use of the Yubico Authenticator to generate TOTP codes.

Single Factor only Applications (POP, IMAP, SMTP)

  • Microsoft MFA can support application passwords to allow users to continue to use legacy mail applications that communicate using POP, IMAP, and SMTP. Clients using these protocols were not created to handle a multi-factor authentication dialogue, so application specific passwords (single factor passwords that are only usable for POP, IMAP, and SMTP) are required. To use application passwords, please contact security@uakron.edu . This configuration will require you to always use two factor for all new authentications (with a 90 day renewal frequency), regardless of location or device management.

You can update your authentication methods here.

Click on "Add Method" and add whichever method you wish.

If you still have your old phone, sign in here.

Click on "Add Method"

Choose "Authenticator App"

Follow the instructions.

If you do not have your old phone, contact the IT Service Desk at support@uakron.edu or 330-972-6888.

You will not need to have your second factor to authenticate while on Campus, the University network will act as the second factor.

If a user is in need of special accommodation, please contact security@uakron.edu. We are happy to work with you to get your personal device or adaptive technology configured to seamlessly support MFA.

Contact IT Security      Contact IT Service Desk