Docs Information Security

Enabling User Choice with Multi-Factor Authentication

Image Description
Taube, Dan Published on Mar 11, 2021 

Multi-factor authentication (MFA) adds additional security to accounts that greatly reduces the chance of them being compromised. It does this by requiring an additional verification step beyond just a username and password. This verification can be completed in a variety of ways. It is up to each individual to pick which method they use based on their needs.

Several Verification Methods Available

The University uses Microsoft's multi-factor authentication solution. That solution supports several options for users to be contacted for verification. Users can choose one or many of these options and choose which one is their default.

We recommend that individuals setup at least two so that there is a backup option available.

Multi-factor authentication does not apply to users while connected to the campus network.

VPN Connections

This exemption does not apply to users connected to the campus network remotely through VPN.

Microsoft provides a mobile app for Android and iOS that provides the best experience for users.

Users can receive a phone call that will prompt them to press a key to verify themselves and their sign in.

Users can receive a text message that will include a one-time code that is entered during their sign in.

Users can use other authenticator apps to generate one-time codes to be used during their sign in. Examples include Google Authenticator, Authy, LastPass, and Duo Mobile.

Limited User Support

The process to setup other authenticator apps is not currently documented. There are several articles available for users to research themselves. To assist, it is recommended that users interested in this option search for "azure mfa google authenticator" (or similar for their desired app).

Users that cannot utilize one of the other options can request a hardware token. These tokens are key chain-style devices that generate one-time codes when used that are entered when signing in.

Limited User Support

The process to request a hardware token is not currently documented. If interested in knowing more, email informationsecurityoffice@ilstu.edu to inquire with the Chief Information Security Officer.

Recommended Setup

Users with an Android or iOS Device

We recommend that users with an Android or iOS device consider installing the Microsoft Authenticator app and setting up the phone call method as a backup.

Users without an Android or iOS Device

We recommend that users without an Android or iOS device consider configured both the phone call and text message method.

Getting Help

There are several ways to get help with MFA.

Technology Support Center

Website: ITHelp.IllinoisState.edu
Phone: (309)438-4357
Email: supportcenter@ilstu.edu

Departmental IT Support

Website: ITHelp.IllinoisState.edu/teams