This article explains how to register a Passkey in Microsoft Authenticator so you can log in to your Middlebury account securely without having to enter your username and password, use a code from a cell phone authenticator app, or receive a text message / phone call.
Phishing resistant multi-factor authentication (MFA) ties the authentication request from the computer to the Authenticator passkey, which prevents the authentication from being intercepted and replayed by a bad actor.
This represents a major security enhancement over previous MFA methods as it greatly reduces risk of account compromise due to email phishing.
How to Register a Passkey
You can only register a passkey to a smart phone or tablet with the Microsoft Authenticator app—for setup, use the device to which you want to register the passkey, as passkeys are tied to the device itself.
Important to avoid setup complications:
-
Visit the Microsoft security info page for your account (go/mfasetup/).
-
On the Security Info page, click + Add sign-in method.
-
When asked "Which method would you like to add?", choose Passkey in Microsoft Authenticator, then click Add.
-
If you already have the Microsoft Authenticator app on your device, click Next.
-
If you do NOT have the Microsoft Authenticator, click the link to "Add it now", select the option to "Download the app", and download the Microsoft Authenticator app to your mobile device using the QR code provided.
-
Follow the instructions in the prompt on the screen to finish setting up the Passkey.