What is multi-factor authentication?
Multi-factor authentication (MFA) increases account security by requiring multiple forms of verification to prove your identity when signing in to an application.
Microsoft MFA is used to validate Microsoft products like Outlook or Teams but works a lot like Duo MFA, which you already use to log in to Buff Portal or MyCUInfo.
Enroll in Strengthened MFA
CU Boulder is taking steps to strengthen MFA protection in response to escalated global security threats. Starting on October 7, all students, faculty and staff will need to reauthenticate (log in again) for all sessions of Microsoft services and will be prompted for MFA. If you do not verify your MFA setup, your MFA may be incorrectly configured, preventing you from signing in.
Enroll or reset:
- Visit the MFA Management Tool and click the MFA Validation button to verify your device’s Microsoft MFA methods. If your computer is not part of the Secure Computing Program, you will need to be on the campus VPN or on the campus network to open the page.
- During the testing process, if you find that your MFA methods are not working, you will have the opportunity to add additional methods and remove old ones. OIT recommends setting up the Microsoft Authenticator app on your phone.
- If validation doesn't work, go back to the Management Tool and click the Reset and register new devices button to re-configure Microsoft MFA.
- Once your MFA method(s) have been verified, you will see a success message. Click the Enroll in Strengthened MFA Service button to enroll and complete the process.
Learn more about this initiative to strengthen MFA in the OIT News story or watch the video below for a quick step-by-step overview of the enrollment process.
How to use Microsoft 365 MFA
When you first log in to your campus Microsoft 365 account, you will be prompted to register for multi-factor authentication. You can register by either installing the Microsoft Authenticator mobile app (recommended) or entering a phone number:
- Set up the Microsoft Authenticator mobile app: This allows you to click a button on your phone or smart watch to quickly and easily log in when prompted. This is the recommended method for most users.
- Check your settings and add a back up method: In case you change devices, set up a back up method to access your account.
Follow the step-by-step instructions to register and set up Microsoft Authenticator app. Use the Find and update Security info tutorial to find how to update your settings in case you get a new device or phone number or want to add additional methods for authenticating. For additional information, please see our Multi-Factor Authentication FAQ.
Please note: After your account is enabled for MFA, you may be prompted to re-authenticate to multiple Microsoft 365 servers (e.g., Teams, Outlook).
Important Tip! When registering an MFA method, do not use a Microsoft Teams phone number. You will get locked out of Microsoft Teams and won't be able to receive the Microsoft MFA phone call. This means you won't be able to log back in until you contact the IT Service Center to have your Microsoft MFA settings reset.