Multi-Factor Authentication (MFA) is here. Are you ready?

Information Technology Services (ITS) now offers multi-factor authentication (MFA) for your university login to Microsoft 365 and other university systems.  You may have already used multi-factor authentication, sometimes referred to as two-factor or two-step authentication, when accessing other online services such as banks, social media, and shopping sites. By offering MFA for your Empire State University account, an extra layer of security is added to your account sign-in for accessing Microsoft 365, including Outlook email, One Drive and all Microsoft products offered under the university licensing. 

 Effective June 15, 2022 the use of MFA is now required for all staff and students.

What Actions Should I Take to Setup MFA?

1. Be sure your authentication methods are setup for MFA at SUNY Empire. Go to your Microsoft Security Information website at https://aka.ms/mfasetup. 
2. Read the Knowledgebase article for instructions on setting up verification methods for MFA, Setup for Multi-Factor Authentication.
3. View our instructional video series on Learnscape. 

 What is Multi-Factor Authentication?

MFA uses the guiding principle that to best identify you, there are three factors that are required:

1. Something you know - a username and password.
2. Something you have - a cell phone/mobile device to receive a confirmation code or approval request.
3. Something you are - a biometric identifier such as a thumb print or face recognition on your mobile device.

These options used in combination provide maximum security benefits. At SUNY Empire, the first two method options to log into SUNY Empire websites will be required. Once you enroll in MFA:

• When you enter a password and click "approve" using an authenticator app installed on your mobile device, this is multi-factor authentication.
• When you enter a password and enter a verification code that has been sent to you by a text message, this is multi-factor authentication.

 Why Multi-Factor Authentication?

Usernames and passwords are often too easy to discover by those with malicious intent. According to Microsoft, “With over 300 million fraudulent sign-in attempts targeting Microsoft cloud services every day, … enabling a multi-factor authentication solution blocks 99.9% of these unauthorized login attempts, even if hackers have a copy of a user's current password.” (Maynes, M. (2019, August 20). (One simple action you can take to prevent 99.9 percent of attacks on your accounts. -Microsoft)

Some security benefits and features of MFA at SUNY Empire include:

• No expiring passwords. MFA adds an additional layer of protection so frequent password changes are no longer necessary.
• Protection of university email and OneDrive files, even if a password is compromised.
• Mitigation of phishing attacks by preventing access to email.
• Protected access to the new Brightspace Digital Learning Environment, coming in the Fall 2022.
• Protection worldwide from wherever you travel, via multiple device types.

 Have more questions?

See our FAQ page for answers to more of your questions about Multi-factor authentication.