Multi-Factor Authentication (MFA)
Last modified 9/25/2023
Multi-factor Authentication is used as additional security verification when logging into Microsoft 365 applications (such as Outlook, Word, Teams, etc.); iPeople, and Campus Solutions (including the Student and Faculty Centers) from off-campus. MFA is also required when logging into the university VPN service. Illinois State University is taking extra steps to make sure you are who you say you are when you sign into your account. This extra verification, also known as two-step verification, is done through a combination of your user name, your password, and a mobile device or phone.
Multi-factor verification (MFA) is more secure than just a password because it relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you is a phone or device that you commonly carry with you. Multi-factor authentication helps to stop malicious hackers from pretending to be you, because even if they have your password, odds are that they do not have your device, too. Multi-factor authentication allows you to authenticate your log in from your mobile device so that only you can log into your account.
View the following videos to learn more about MFA:
What You Need to Know About Multi-Factor Authentication
Since Illinois State University is taking steps in ensuring the safety of all faculty, staff and students, there are some important concepts about multi-factor authentication that should be highlighted:
- Multi-factor authentication is required for all faculty, staff, annuitants/retirees, and students.
- You must enable multi-factor authentication first before choosing your method of authentication (methods of authentication include: phone call, text message, or the Microsoft Authenticator application notification).
- Multi-factor authentication applies mostly to off-campus logins.
- Multi-factor authentication protects more than just your email account.
- You are able to set up your multi-factor authentication in a way so that you are only asked for authentication every 60 days instead of constantly being prompted for it.
- Note: Authenticating via MFA will be required every time you log into the university VPN service.
If you want to learn more about this process, you can either call the Technology Support Center at 309-438-4357 or you can submit a ticket.
The following article covers this process as well: Remembering Your Multi-Factor Authentication Verification Method
Enabling Multi-Factor Authentication
If you are a student or employee of Illinois State University, you will need to enable Multi-factor Authentication (MFA) on your ULID account. For instructions on how to enable Multi-Factor Authentication see How to Enable Multi-Factor Authentication.
Setting Your Multi-Factor Authentication Verification Method
Once you have enabled Multi-Factor Authentication, you will need to set up a verification method. There are three options available, receiving a phone call to your specified phone number, receiving a text message with a code, or approving your sign in using the Microsoft Authenticator mobile app. For instructions on how to set up these methods, click the appropriate link below.
- Setting Up Multi-Factor Authentication using the Mobile App This is the most secure method and recommended as your primary method of multi-factor authentication.
- Setting Up Multi-Factor Authentication Using Your Phone Number - Phone Call Verification
- Setting Up Multi-Factor Authentication Using Your Phone Number - Text Message Verification
It is recommended that you set up more than one method so that you have backup options. Click the links below for instructions on setting up an additional method of multi-factor authentication, or to change your primary method.
- Adding Additional Verification Methods for Multi-Factor Authentication
- Change the Default Method for Authenticating with MFA
How to Sign in to Office Products Once MFA Has Been Enabled
Now that you have chosen your method for Multi-Factor Authentication, you will be prompted for authentication when you access Office products, iPeople, and Campus Solutions off campus or whenever you are not connected to ISUNet. Click the link below for instructions on signing in using the various methods of MFA Authentication.
- Sign in Using Multi-Factor Authentication (article)
- Using MFA to Log in to Illinois State University Applications (video)
Verifying Your Multi-Factor Authentication at Login
After enabling Multi-Factor Authentication and setting up your devices you will use to approve sign ins, you will be required to utilize multi-factor authentication when logging in to Microsoft 365, using a Microsoft 365 application, Campus Solutions, or iPeople from an off-campus locations. VPN requires MFA verification from any location. Verification methods may be remembered up for up to 60 days, so you do not need to approve your sign in every time you access an Microsoft 365 service. For instructions on how to remember your verification method see Remembering Your Multi-Factor Authentication Verification Method.