Multi-factor authentication

Register Multi-factor Authentication

What is it?

Multi-factor authentication (MFA) is a security process that requires more than one method of authentication from independent sources to verify the user’s identity. In other words, a person is given access only after providing two or more pieces of information uniquely identifying them.

Simple tips to SECURE IT

MFA adds an additional layer of protection to your account. The authentication will usually start the same way as any other login – by requiring a username and password. After your password is verified, MFA will require a second form of verification to ensure that the correct person is accessing the account. You’ll also be prompted for MFA if there is any unusual or suspicious activity on your account.

Why it's important

Prevent unauthorized access – MFA is one of the most effective ways to prevent access to sensitive data.

Better visibility – With MFA enabled, any attempts to access your accounts will generate a text message or notification to verify the authentication. If you weren’t trying to sign in at the time you received the alert, your password is probably compromised.

Less worry – It is a proven way to lessen the likelihood that a data breach will impact you.

How it works

Credentials fall into three categories: something you know, have or are. To gain access, your credentials must come from at least two different categories. One of the most common methods is to log in with your username and password, prompting a unique, one-time code to be generated and sent to your phone. You would then enter the code within the allotted amount of time as the second factor.

Something you know

  • password/pass phrase
  • pin number

Something you have

  • security token or app
  • verification text or call
  • smart card

Something you are

  • fingerprint
  • facial recognition
  • voice recognition

Decisions prior to MFA setup

Before configuring multi-factor authentication for your account, you’ll need to decide what additional method you’ll use to verify your identity. You can use the same authentication option multiple times if you wish. For example, you can configure multiple phone numbers to receive SMS text messages or phone calls.

Recommendations

  • Configure at least two of the following options for your account – use the "mobile app with a notification" option if possible.
Option Description
mobile app with a notification Receive a notification on the Microsoft Authenticator app on your smartphone or tablet
mobile app with a verification code Receive a verification code from the Microsoft Authenticator app to enter during the log in process
mobile phone SMS text Receive an SMS text message on your mobile device containing a six-digit temporary code to enter during the log in process
phone call Receive an automated phone call to your phone; answer the call and follow the provided instructions to verify the authentication

Next Steps: Once you’ve decided which verification methods you’d like to use,  see Register Multi-Factor Authentication Methodor Change Multi-Factor Authentication.

 

Frequently asked questions

You will be prompted for MFA on any MFA-enabled applications.

You can choose to use a different MFA option configured on your account. Please see the Change Multi-Factor Authentication for instructions.

If you are unable to access any of your MFA options and are being prompted to verify an authentication, please contact the Stark State Help Desk at 330-494-6170 ext. 4357 (HELP).

If you have a new phone or phone number, please follow the instructions in Change Multi-Factor Authentication to remove the old information from your account and add your new information. If you are unable to access your account, contact the Stark State Help Desk at 330-494-6170 ext. 4357 (HELP).

If you’re receiving requests to verify authentication attempts that you don’t recognize, your password has likely been compromised. You should change your password immediately. Additionally, please contact the Stark State Help Desk at 330-494-6170 ext. 4357 (HELP) to report the incident.

Yes. However, only the Microsoft Authenticator app will be able to receive notifications to approve an authentication request. Additionally, Stark State cannot support applications other than the official Microsoft Authenticator app.

If you’ll be traveling and won’t have cellular service, ensure that you have the “Mobile App with a Verification Code” option configured on your account. This option does not require active cellular service on your mobile device.