There are several different options for completing Multi-Factor Authentication verification. Choose the one that makes the most sense for your situation and follow the on-screen instructions.
IMPORTANT: If, for ANY of these methods, you ever receive an
authentication prompt that you did NOT initiate yourself,
do NOT allow it! This could be someone else attempting to access your account. Instead, please immediately go to
go/mfasetup/ and
change your password. If you have any other concerns or problems, please contact the
Helpdesk by calling 802-443-2200.
Before you begin
Please note that the Microsoft Authenticator App is the recommended choice for Multi-Factor Authentication verification. See our article about the Microsoft Authenticator at go/mfaapp/ to learn more about it. The Microsoft Authenticator App offers two primary verification methods: a notification from the app, or a one-time password generated every 30 seconds within the app. See the Microsoft Authenticator section below (NOT Passkey in Microsoft Authenticator) to learn more about the two options.
If you cannot access your default authentication method when signing in, there should be an option underneath the MFA prompt with some variation of I can't use that method right now / Sign-in another way / Other ways to sign-in. Clicking this will bring you to a list of all of your available MFA methods, from which you should choose the method you want to use.
Do NOT choose this option unless you have already configured the Microsoft Authenticator App, understand what a passkey is, and can use bluetooth on your device. If you need to set up the Microsoft Authenticator app on your device, see the Microsoft Authenticator section below. This option creates a passkey on the device which has the authenticator, which you can then use to scan a QR code on new log-in attempts to directly sign in via bluetooth.
A security key is a physical device which, in specific circumstances (e.g. you do not own a phone), can be configured by the Helpdesk to use as your alternate form of MFA. This device will need to be plugged into whichever device you are trying to sign into when prompted for MFA. For in-depth instructions for how to set up a security key on your own, please see our article Set up a Security Key for MFA Use.
The Microsoft Authenticator (MS Auth) app is the recommended option for MFA. If you would like to learn more about the specifics of the app, visit go/mfaapp/.
The two main verification methods offered by MS Auth are:
- App based authentication - notification ("Approve a request on my Microsoft Authenticator app")
- App based authentication or hardware token - code ("Use a verification code")
See also Passwordless sign-in (below), or the first section, Passkey in Microsoft Authenticator, for two alternative methods for MS Auth authentication.
App based authentication - notification
At login, this option will appear as "Approve a request on my Microsoft Authenticator app".
This method is Microsoft's recommended option, and is the simplest way to complete verification. When prompted for MFA, you will receive a push notification to the Microsoft Authenticator app on your mobile device, asking you to enter a provided 2-digit number ("number matching") and confirm that you initiated the prompt yourself. The Authenticator App will also display additional information, including the name of the application/service being accessed and an approximate location of the login attempt.
Important: This verification method requires your phone to have cellular service or wireless/wired Internet access.
App based authentication or hardware token - code
At login, this option will appear as "Use a verification code".
When prompted for MFA, you will need to enter the 6-digit code displayed in the Microsoft Authenticator app. To see this code, you will need to click the listed Middlebury College account, where you will see more information about your account, including the 6-digit code that will refresh every 30 seconds.
This method can be very useful for travelers, as the app can generate verification codes without cellular service. You can use the verification codes generated by the app to log in at any time, from any place.
This option is also known as "phone sign-in". This allows you to sign in to Middlebury services without password entry.
Important: This verification method requires that your phone has a password. If you do not have a password on your phone, you cannot use this option.
Hardware token
We do not support hardware tokens as an MFA method. If you have a physical external device (e.g. USB key) that you would like to use for MFA, see the Security Key section above.
Phone
Text
When prompted for MFA, enter the code that Microsoft sent via text to your mobile phone.
Call
When prompted for MFA, you will receive an automated call to either your primary or alternate telephone number, asking you to verify the authentication request by pressing the "#" key on your phone when prompted.
- This option may be preferable for individuals with limited texting plans, no home computer or device, or those who do not have a mobile phone.
- You may choose to configure your office phone as your "alternate" authentication phone.
Office phone
The "Call my office phone" option is not currently configured to properly work. Please choose another verification option.
Security questions
We do not support security questions as an MFA method. You can them, but security questions can only be used for password reset. For MFA use, please choose another verification option.
Email
We do not support email as an MFA method. You can add one, but alternate emails can only be used for password reset. For MFA use, please choose another verification option.