Frequently Asked Questions about MFA

If your question is not listed below, please contact the Help Desk (helpdesk@kzoo.edu, 269.337.5800), or visit us in the Upjohn Library Commons, room 117.

Basics

What is MFA?

Multi-Factor Authentication (MFA) means using more than one key (e.g. password) to log on to a given service. You are probably familiar with MFA if your bank sends you a text message when you log in.

How does MFA work?

MFA protects your account and protects Kalamazoo College because when you sign in, you prove your identity in two ways: with something you know (a password) and something you have (usually a phone).

Implementation

Why is K implementing MFA?

MFA is a standard practice at most colleges, universities, and businesses that allow access to protected information. It helps protect personal and institutional information from theft, cyberattack, and ransomware. Additionally, K must implement MFA by July 1, 2022 to renew our cybersecurity insurance. Use of MFA will be required for all who use K’s Office 365 apps.

What’s the timeline for implementation of MFA?

All students completed MFA enrollment by May 27. The deadline for staff is June 3, 2022. The deadline for faculty is June 17, 2022.

My email stopped working; what do I do?

After enabling MFA on your account, some users find that their email stops synchronizing on their phone. It’s easy to fix: just remove your email account from your phone and re-add it. You can use our instructions for Connecting Email to a Mobile Device.

Day-to-Day

What applications will use MFA?

We are implementing MFA for all Office 365 apps (like email, Teams, Word, etc.). Notably, this list does not include signing into Windows itself, nor does it include Moodle or HornetHQ.

Briefly, Office 365 applications are Microsoft Forms, Microsoft Teams, Office 365 Exchange Online (our email), Office 365 SharePoint Online (including apps that depend on SharePoint online, like OneDrive, Word, Excel, PowerPoint). 

How often will I have to use MFA?

You should expect to see prompts to authenticate with MFA about once every 90 days.

What if I reboot my computer?

Rebooting your computer does not sign you out of the apps on your computer. You should not expect a reboot to trigger an MFA prompt.

What about Colleague? What about VPN?

MFA for Office 365 apps does not change how you will use Colleague or VPN. Continue to use these services as before.

What about my tablet?

You may choose to install the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android on a tablet, and use it in addition to (or instead of) a mobile phone. If you use Office 365 apps on your tablet, you may find it convenient to have the Microsoft Authenticator app on your tablet. Having the Microsoft Authenticator app on a tablet in addition to a phone is a good idea, so you can use your tablet to authenticate in case you get a new phone or new phone number.

What authentication method is recommended for MFA?

Information Services recommend that you add your mobile phone as your authentication phone. For your primary authentication method, we recommend the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android. It’s easier, quicker, and more secure than text messages.

Should I register more than one device for authentication?

Yes; Information Services recommends you add at least two authentication methods. For most folks, it makes sense to add a mobile phone and the Microsoft Authenticator app. It’s smart to add another method (like the Microsoft Authenticator app on a tablet) as a backup.

If I use Office 365 apps on multiple devices, do I need Microsoft Authenticator on each device?

No. You only need to download the app on one device to be able to authenticate using the Microsoft Authenticator app. For instance, when you log into Teams on a laptop, you can confirm the logon with the Microsoft Authenticator app on your mobile phone. It’s smart to add the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android to a second device, in case you have problems with your main device.

Special Circumstances

What if I forget my mobile phone?

If you have a phone in your office, we suggest you add your office phone as an authentication factor, in case you need to use MFA on a day when your mobile phone is not with you.

What if I’m traveling internationally? What if I don’t have signal or data?

We suggest you download and configure the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android. With it you can sign in without receiving a text message. If your phone is connected to the Internet, you can approve sign-ins via notifications. If your phone is not connected to the Internet, the Microsoft Authenticator app can still generate codes that you can use for authentication.

What if I get a new phone number?

If you have configured a second authentication factor (like the Microsoft Authenticator app for iOS or the Microsoft Authenticator app for Android) you can add your new number (and remove your old number) at https://aka.ms/mfasetup. If you have already gotten a new phone number and did not configure a second authentication factor, please contact the Help Desk.

Additional MFA Questions

Please contact the Help Desk (helpdesk@kzoo.edu, 269.337.5800), or visit us in the Upjohn Library Commons, room 117 for additional questions.