All you need to know about Multi Factor Authentication (MFA)

Summary

Step by step instructions on how to set up Multi-Factor Authentication and Self-Service Password Reset

Body

Multi-Factor Authentication (MFA) is a security technology that helps protect your Middlebury and GMHEC accounts from potential compromise by requiring the use of more than just a username and password to prove your identity during log in.  If you are unfamiliar with the concept of Multi-factor Authentication (MFA), please see our What is MFA? article to learn the basics.

This article contains detailed information about MFA setup, verification methods, and use.

Table of Contents:

Get the Microsoft Authenticator App

Use of the Microsoft Authenticator app is the recommended way to work with your MFA account prompts and provides the smoothest experience for travelers.  Refer to our MS Authenticator App article to learn how to download the app and get it set up.

How do I set up MFA?

ITS enables MFA on all new accounts and shares setup details in your initial account activation email.  Follow the instructions presented to set up authentication methods you wish to use with your account. You may find it helpful to watch a short video (2.26 min) to see how the setup process looks with a mobile device.

Important:

  • Any device you wish to configure to use MFA must have a working network connection at the time of setup.

Which MFA setup method should I choose?

Here are descriptions of the most common scenarios, along with our MFA setup recommendations for each one.  Please visit our MFA Verification Methods article for additional details about specific options and how they work.

Scenario A:  I have a Smartphone -- and I travel internationally and/or travel in areas without cellular coverage.

  • Choose Microsoft's Authenticator app with a code.

This method is recommended when you have a device that supports Microsoft's Authenticator app and you will be in areas without consistent network access. When presented with an MFA prompt you will need to input the 6-digit code displayed by the Authenticator app to complete your login.

Network access is NOT required for the MS Authentication app to provide you with a code.

Scenario B:  I have a Smartphone -- and I rarely travel in areas without cellular coverage.

  • Choose Microsoft's Authenticator app with notifications.

This method is recommended when you have a device that supports Microsoft's Authenticator app and you will be in areas with consistent network access.  A two-digit number will be displayed when you log in to a service and you simply enter that number into the Authenticator app and click Yes to approve the login.  If you have phone sign-in enabled you can often streamline your login process, bypassing the need to provide your password.  Caution! Only approve a login when you have signed into a service you anticipate will trigger an authentication prompt.

Network access cellular or wifi IS required for the MS Authentication app to provide a notification.

Scenario C:  I have a Flip or Feature phone.

  • Choose Phone then specify Call or Text.

This method is recommended when you have a device that doesn’t support the Microsoft Authenticator app. When presented with an MFA prompt you will have to receive a phone call then press #, or else receive an SMS text message then enter the provided code, in order to complete your login.

Travel to areas without cellular coverage is not supported by this method. 

How do I use Multi-factor Authentication once I have it set up?

Once you complete your MFA set up, here is what to expect:

When you log in to an MFA-protected service (such as Webmail or Google) there is one additional step. After correctly entering your Middlebury email address and password at the login screen of the service you wish to access, you will be prompted to verify your login request.  This could be in the form of a phone call, text message, or mobile app notification or code, depending on the option you specified during the setup process.  Refer to our MFA Verification Methods article for specifics about what to expect.

Important notes:

  • During the login process you can click the checkbox to remember my device for 30 days. With this setting enabled, you may not be prompted again for Multi-Factor Authentication from that application on that device for another thirty days.  Please note that some services will prompt for authentication every time, regardless.
  • Caution!  Only approve verification requests that you initiate!  Imagine an online criminal has your password and is trying to access your account. This access attempt would generate a login verification request.  If you approved this verification request the criminal would be able to access your account!  

Why might I need to change my MFA settings?

Here are the most common reasons why you might want to change your MFA settings:

  • Lost cell phone
  • New cell phone
  • Different default authentication method is desired (text message, phone call, app code, etc.), particularly due to upcoming travel needs.

How do I change my MFA settings?

Tips for new/upgrading phones:

  • Make sure to set your MFA to text on the setup page before you switch.  This will allow you to answer the first MFA prompt when downloading the Authenticator app onto your new phone.

It's easy to adjust your multi-factor authentication settings.  Here's how:

  1. For your Middlebury account, visit http://go.middlebury.edu/mfasetup
  2. You will receive a Midd MFA prompt through your current default method.
  3. On the My Sign-ins,Security Info page (shown below)... 
    • Your default method for receiving MFA prompts appears right at the top, above the authentication methods you set up previously.
    • You'll see links at right that allow you to change or delete most entries you set up previously. 
    • If you were using the Microsoft Authenticator app on a device you no longer plan to use (or lost), click Delete beside the device entry to remove it.  Next, click  + Add Method then go through the Authenticator app setup steps to set up your new device.

MFA Setup Guide

 

 

 

Details

Details

Article ID: 127
Created
Tue 8/17/21 5:00 PM
Modified
Tue 3/21/23 4:33 PM

Related Articles

Related Articles (6)

This article explains how to install and configure Microsoft's Authenticator App on your devices for use with multi-factor authentication.
This article contains detailed instructions on how to set up (or reset) the Microsoft Authenticator app.
This article provides details about Microsoft's new "number matching" verification feature for MFA and also explains how to activate "phone sign-in" for a smoother authentication process.
This article explains the different options available for use with Multi-Factor Authentication verifications so you can choose the one that makes the most sense for your situation.
This guide explains how to set up both Multi-factor authentication (MFA) and Self-Service Password Reset (SSPR) for your Middlebury Account.
This article explains what Multi-Factor Authentication (MFA) is, why it's needed, and basic details about how it works.

Related Services / Offerings

Related Services / Offerings (1)

Multi-Factor Authentication works by requiring a secondary form of identification after a successful login.