Multi-Factor Authentication

Multi-Factor Authentication (MFA) is a secure authentication method that prevents malicious access to an account by using multiple methods of authentication. This secure authentication can be configured to use one of the following methods:

Method 1 – Microsoft Authenticator App
This is the recommended method for MFA and includes two options

Option 1 – Receive notifications for authorization
This option allows you to simply accept or deny the authorization when you are notified through the Authenticator App.
Option 2 – User verification code
This option requires you to submit a random authorization code generated through the Authenticator App.

Method 2 – Authentication Code via text
This method will provide an authorization code via text which you will then submit for authentication.

Method 3 – Authentication Code via Phone call
This method can be used if you would prefer to receive a phone call to approve the authentication. This requires you to be near the phone in order to complete the process. It is recommended that you use a cell phone. Using an office or home phone will prevent authentication if you are not at the location when authentication is requested.

FAQ

Am I required to use MFA?

Once the MFA security protocols are implemented, SRU users will be prompted when logging into their accounts to set up their preferred second step of verification. The process will be first implemented for SRU staff who access confidential information beginning Nov. 11. After that, other faculty and staff will begin to see these prompts, followed by students.

When will I be asked for additional authentication?

When SRU students, faculty or staff attempt to log into their SRU email, MySRU, D2L or any other SRU online system, for the first time from a particular location or device, they will be prompted by a separate method to confirm that they are attempting to log in. The second step of verification can be completed through an automated phone call, submitting a verification code received via text, or by downloading and using a Microsoft Authenticator app.

Why can’t I access email on my phone after setting up MFA?

If you are no longer able to access email on your phone after setting up MFA, try removing your account in the email app and then re-adding it.

What email app should I use?

We recommend downloading and using the Microsoft Outlook app which fully integrates with your SRU account. Other apps cannot be guaranteed to provide reliable access. You will continue to use the Outlook client on your SRU devices.

IOS – When setting up the Outlook app, it is important that you choose “Exchange” otherwise it will not work.

How can I reduce the number of times I am asked to authenticate?

After setting up Multi-Factor Authentication (MFA), you will be prompted to authenticate each time you sign in on a device/browser. You should be asked to “Stay signed in.” If you click No, you will be asked to authenticate each time in the current browser. If you click Yes, you will not be asked to authenticate each time you go to portal.office.com.

Should I sign out of Office 365 or can I just close the browser?

If you are on a shared device, best practice for security purposes is to sign out. To sign out, click on the Account profile icon in the upper right-hand corner and click sign-out.

NOTE: Closing the browser does not sign out of a session.

What if I am checking multiple accounts in Office 365?

You can only be signed into one (1) account that uses O365 at a time in a browser. If you want to be signed into multiple accounts at once, you will need to use different browsers. For example: your SRU account is signed into Chrome and your other account is signed into Firefox.

What can I try before calling the Help Desk?

Browser cache – try clearing the cache, close the browser and then try again. To clear the browser cache:

PC: CTRL+SHIFT+DELETE
MAC Chrome & Firefox: CMD+SHFT+DEL
MAC Safari: CMD+OPT+E

Incognito mode – you can try incognito mode by pressing Ctrl-Shift+N on a PC or CMD+SHFT+N on a Mac

Multi-Factor Authentication Tip Sheet

Method 1 Setup – Authenticator App

Method 1 Setup Instructions – Authenticator App (recommended)

This is the recommended method for MFA and includes two options:

Option 1 – Receive notifications for authorization. This allows you to simply accept or deny the authorization when notified through the Authenticator App.
Option 2 – User verification code. This method requires you to submit a random authorization code generated through the Authenticator App

Printer friendly instructions

1. On your computer, navigate to https://portal.office.com
2. Log in with your SRU email address and password
3. You will receive the following message. Click "Next".

4. Under "How should we contact you?" select Mobile app from the drop down menu.

Contact Method

5. Select the desired option and click on "Setup".

Opt out image

6. You will receive a QRC code. Leave this open on your browser screen. You will need to scan the QRC code with your phone during the Authenticator App installation.

QRC image

7. Install Microsoft Authenticator onto your phone

Auth App window

8. Open Microsoft Authenticator on your phone.

9. At the data privacy screen, click OK

10. You will see several screens with different application options. Click Skip until you get to the screen that says “Let’s add your first account!”

11. Click on Add Account

12. Select Work or School Account

13. Click on Allow when asked to allow Authenticator to take pictures and record sounds

14. Using your phone, scan the QRC code which is shown in the browser on your computer.

15. If you receive a message that App Lock has been enabled, click on OK. This option requires you to enter the screen lock password on your phone whenever you receive a notification

16. Once the code has been accepted on your phone, click on Next on the QRC screen on your computer

17. You will receive a notification on your phone that requires your response. Click on Accept in the Authenticator app (you will need to enter your phone screen lock password)

18. You will receive verification that the setup was successful.

Congrats image

Method 2 Setup - Code via text

Method 2 Setup Instructions - Authentication code via text message

Log into the Office 365 portal using your SRU user name and password
You should see a screen asking for more information. If you do not, either your account is not enrolled in Multi-factor Authentication or you have already configured MFA.
Click on "Next"
From the drop down, select "Authentication Phone"
Select the country and enter your cell phone number in the space provided
Select “Send me a code by text message” and click "Next"
You will receive a SMS text message from Microsoft with an authorization code
Enter the authorization code in the setup web site and click Next
Once login has completed, click "Done"

Method 3 Setup - Code via call

Method 3 Setup Instructions - Authentication code via phone call

Log into the Office 365 portal using your SRU user name and password
You should see a screen asking for more information. If you do not, either your account is not enrolled in Multi-factor Authentication or you have already configured MFA.
Click on "Next"
From the drop down, select "Authentication Phone"
Select the country and enter your phone number in the space provided
Select “Call me” and click "Next"
You will receive a phone call from Microsoft asking you to press the # key on your phone
Once the # key is pressed, login will continue on the setup screen
Once login has completed, click "Done"

Account Maintenance

Multi-Factor Authentication

Account Maintenance

Contact Information