Am I required to use MFA?
Yes, Slippery Rock requires multi-factor authentication (MFA) to comply with its legal, contractual, and ethical obligation to safeguard the security and privacy of its systems and data. MFA cannot be avoided or opted out of. Users can manage authentication methods at https://mysignins.microsoft.com/security-info
When will I be asked for additional authentication?
When SRU students, faculty or staff attempt to log into their SRU email, MySRU, D2L or any other SRU online system, for the first time from a particular location or device, they will be prompted by a separate method to confirm that they are attempting to log in. The second step of verification can be completed through an automated phone call, submitting a verification code received via text, or by downloading and using a Microsoft Authenticator app.
Why can’t I access email on my phone after setting up MFA?
If you are no longer able to access email on your phone after setting up MFA, try removing your account in the email app and then re-adding it.
What email app should I use?
We recommend downloading and using the Microsoft Outlook app which fully integrates with your SRU account. Other apps cannot be guaranteed to provide reliable access. You will continue to use the Outlook client on your SRU devices.
IOS – When setting up the Outlook app, it is important that you choose “Exchange” otherwise it will not work.
How can I reduce the number of times I am asked to authenticate?
After setting up Multi-Factor Authentication (MFA), you will be prompted to authenticate each time you sign in on a device/browser. You should be asked to “Stay signed in.” If you click No, you will be asked to authenticate each time in the current browser. If you click Yes, you will not be asked to authenticate each time you go to portal.office.com.
Should I sign out of Office 365 or can I just close the browser?
If you are on a shared device, best practice for security purposes is to sign out. To sign out, click on the Account profile icon in the upper right-hand corner and click sign-out.
NOTE: Closing the browser does not sign out of a session.
What if I am checking multiple accounts in Office 365?
You can only be signed into one (1) account that uses O365 at a time in a browser. If you want to be signed into multiple accounts at once, you will need to use different browsers. For example: your SRU account is signed into Chrome and your other account is signed into Firefox.
Can employees (faculty/staff) have the MFA code sent to their campus office phone?
To receive a call from Microsoft MFA to a digital desk phone, you must have your office phone listed as an authentication method https://mysignins.microsoft.com/security-info
During the MFA process you will select your office phone. You will then receive a call to your office phone, answer the call, then press the down arrow on your phone to access menu options, then select “Send DTMF”, then press the # key as prompted.
Note: Not all office phones are capable of this service. If your office phone does not have the above capabilities, submit an IATS request
What can I try before calling the Help Desk?
Browser cache – try clearing the cache, close the browser and then try again. To clear the browser cache:
- PC: CTRL+SHIFT+DELETE
- MAC Chrome & Firefox: CMD+SHFT+DEL
- MAC Safari: CMD+OPT+E
Incognito mode – you can try incognito mode by pressing Ctrl-Shift+N on a PC or CMD+SHFT+N on a Mac
Multi-Factor Authentication Tip Sheet
