Two-Factor Authentication (2FA)
What is 'Two-Factor Authentication (2FA)'?
Two-factor authentication (2FA), or multifactor authentication (MFA), provides an extra layer of security to protect your account. 2FA increases the safety of online accounts by requiring two types of information to log in, such as a password and an approval code from a phone in your possession. The first factor is the password; the second factor is the additional item. If a hacker has stolen your password, the second factor can prevent the hacker from logging in.
- To register when you are at computer and have your phone available: http://aka.ms/mfasetup
- If you are often in areas of poor cell phone coverage, IT recommends the Microsoft Authenticator app which can even work in absence of internet access. https://www.microsoft.com/en-us/account/authenticator
- To reset or change existing 2FA settings: https://account.activedirectory.windowsazure.com/Proofup.aspx
Detailed setup instructions listed below the table
| Verification Method | Description |
|---|---|
| Phone Call | An automated call is placed to your telephone asking you to verify that it is you signing in. Press the # key on your phone to complete the verification process. |
| Text Message | A text message is sent to your mobile phone with a 6-digit code. Enter this code to complete the verification process. |
| Mobile app notification (requires download of Microsoft Authenticator App on your phone) | A verification request is sent to your mobile phone asking your complete the verification by selecting Verify/Approve from the mobile app. This occurs if app notification is the primary verification method. If you receive this notification when you are not signing in, you can report it as a fraud. |
| Verification code with mobile app (requires download of Microsoft Authenticator App on your phone) | The mobile app on your device generates a verification code. This occurs if you selected a verification code as your primary verification method. The method even works when the device lacks internet connectivity. |
| Secondary Email | A second email account you have; must be different from @mymail.eku.edu or @eku.edu |
Two-Factor Authentication (2FA) Setup
- Open a browser on your computer and go to http://aka.ms/mfasetup, then sign in.
- You will see the screen below. Click Set it up now
- In 'Step 1: How should we contact you' choose a Mobile app from the dropdown
- Make sure 'Received notifications for verifications' is selected then click Set up
- A 'Configure mobile app' screen should appear. Follow the directions on this screen.
- After you install the Microsoft Authenticator app, scan the QR code with the app to add the account. There is also a 'Code' listed that you can type in manually if you prefer. NOTE: If you are already using the Microsoft Authenticator app, open it, click the + sign in the upper right-hand screen, choose 'Work or school account' then scan the QR code.
- Click Next on the screen on your computer. NOTE: If you don't do these steps quickly enough it may say that authentication failed. Just do it again but be ready to click the Next button quickly.
- On 'Step 2: Let's make sure that we can reach you on your Mobile App device' you will need to approve the notification on the app
- In 'Step 3: In case you lose access to the mobile app' screen, add a phone number with country or region code that you will have access to then click Next.
- In 'Step 4: Keep using your existing applications' screen click Done.
- On the web login page, you will probably need to type in your password again. Click Sign in.
- The next screen on your computer will look like the left picture but on your mobile app, you will see a screen like the right picture. Click Approve on the app.
- On your computer, you will see this screen. We do not recommend staying signed in but that is up to you.
