Multi-Factor Authentication (MFA)

Last modified 4/18/2024

Multi-Factor Authentication

Multi-Factor Authentication (MFA) is used as additional security verification when logging into most of the the university online resources from an off-campus network. Illinois State University is taking extra steps to make sure you are who you say you are when you sign into your account. This extra verification, also known as two-step verification, is done through a combination of your user name, your password, and a mobile device or phone.

Multi-factor verification is more secure than just a password because it relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you is a phone or device that you commonly carry with you. Multi-factor authentication helps to stop malicious hackers from pretending to be you because even if they have your password, odds are that they do not have your device, too. Multi-factor authentication allows you to authenticate your log in from your mobile device so that only you can log into your account.


NOTE: Newly admitted freshmen and transfer students will not be required to use MFA until they receive access to their ISU email accounts, which will occur close to their Preview ISU or Transfer Day dates. However, it is recommended they set up MFA at the time of account activation to avoid having to do that step later.

  • What You Need to Know About Multi-Factor Authentication

Since Illinois State University is taking steps in ensuring the safety of all faculty, staff and students, here are some important concepts about multi-factor authentication:

  • Multi-factor authentication is required for all faculty, staff, annuitants/retirees, and students.
    • Note: Newly admitted students will NOT be required to set up MFA until they receive access to their ISU email accounts, which occurs shortly before their scheduled Preview or Transfer date.
  • Enabling multi-factor authentication is required first before choosing your method of authentication. Methods of authentication include: phone call, text message, or the Microsoft Authenticator application notification.
  • Multi-factor authentication mostly applies to off-campus logins.
  • Multi-factor authentication protects more than just your email account.
  • You can set your multi-factor authentication in a way so that you are only asked for authentication every 60 days instead of constantly being prompted for it.
    • Note: Authenticating via MFA will be required every time you log into the university VPN service.

If you want to learn more about this process, you can either call the Technology Support Center at 309-438-4357 or you can submit a ticket.

  • Common Reasons Multi-Factor Authentication Stops Working

These are the most common reasons why your MFA may stop working:

  • You acquired a new phone or phone number
  • Unusual activity (you may have reported a suspicious sign-in request)
  • Account has been compromised 
  • Account has been locked 
  • Stuck in an MFA Authentication loop
  • MFA will not give code 

To fix these issues you will need to reset your Multi Factor Authenticator. To do this, please contact the Technology Support Center at (309) 438-4357 or by email at The TSC will need to verify your identity by seeing a government issued ID either by submission using our secure file drop system or by Zoom call. A Redbird card will NOT work. 

  • Enabling/Setting-up Multi-Factor Authentication

If you are a student or employee of Illinois State University, you will need to enable Multi-factor Authentication (MFA) on your ULID account. For instructions on how to enable Multi-Factor Authentication, see How to Enable Multi-Factor Authentication.

  • Setting Your Multi-Factor Authentication Verification Method

Once you have enabled Multi-Factor Authentication, you will need to set up a verification method. There are three options available: receiving a phone call to your specified phone number, receiving a text message with a code, or approving your sign-in using the Microsoft Authenticator mobile app. For instructions on how to set up these methods, click the appropriate link below. 

  • Signing In And Verifying Once MFA Has Been Enabled

After enabling Multi-Factor Authentication and setting up your devices you will use to approve sign ins, you will be required to utilize multi-factor authentication when logging in to Microsoft 365, using a Microsoft 365 application, Campus Solutions, or iPeople from an off-campus location. VPN requires MFA verification from any location. Verification methods may be remembered up for up to 60 days, so you do not need to approve your sign in every time you access an Microsoft 365 service. For instructions on how to remember your verification method see Remembering Your Multi-Factor Authentication Verification Method.

Getting Help

For technical assistance, you can Submit a Help Ticket, or contact the Technology Support Center at (309) 438-4357 or by email at