Want to protect your UNC accounts from hackers?

Sign up for MMFA protection.

  1. Request MMFA Security 
  2. Complete Your Student Information
  3. Click on "Request"
  4. Type - "MMFA for Student Account"
  • What is Microsoft Multi-factor Authentication?

    Microsoft Multi-factor Authentication (MMFA) helps safeguard access to UNC data and applications while maintaining simplicity for users. It provides additional security by requiring a second form of authentication when users are off campus. 

    The security of UNC's system requires a two-step login process. By using multiple authentication factors, the MMFA presents a significant challenge for attackers. Even if an attacker manages to learn the user's password, it is useless without also having possession of the additional authentication method. It works by requiring two or more authentication methods.

  • What is the purpose of using MMFA?

    The purpose of this policy is to establish the requirement to protect the university and its students from damage related to account compromises by requiring an additional layer of authentication known as multi-factor authentication.

    A few months ago, 3rd party companies started to report their single sign-on credentials were being stolen in phishing attacks and being used by attackers to compromise sensitive data stored in 3rd party companies' applications.

    For more information, please see UNC's Multi-factor Authentication Policy.

  • What can I expect if I use MMFA?

    When you try to access your email, online documents, or Canvas, while not connected to UNC wi-fi networks, you will be prompted to authenticate with a second factor.

    Depending on how you choose to set this up, the multi-factor system will call or text your phone with a code, ask for a code from your authentication application, or simply prompt you with an allow or deny from the authentication application.

  • How can I set up my preferences (after sign up)?

    You can set up your preferred method of multi-factor by accessing the Multi-factor Setup Portal.

    UNC highly recommends students download and use the Microsoft Authenticator application on your mobile device. Upon set up, use the “Notify me through app” option. This will walk you through downloading and installing the application. Whenever you need to use the multi-factor authentication it will just send a prompt to your phone.

    If you do not wish to use the Microsoft Authenticator application, you are welcome to use any of the other options (call or text).

MMFA Quick Guide

Get fast answers to Microsoft's Multi-factor Authentication, including how to setup your preferences. *Note: the app will perform the best while working off-campus. 

MMFA Quick Guide

Ways to Authenticate: 

APP Authentication

The app authentication takes a couple of steps to setup. BUT, once it's done, authentication will be a simple button click on your phone. 

IM&T recommends this option. This will make authentication simple and easy!

Check

iPhone App Lock Enable/Disable

Text/Call Authentication


Call Authentication

The call authentication requires a phone number to set up - simple, right? Every time you need to authenticate your identity, you will be required to wait for Microsoft's call to your phone.

Text/SMS  Authentication

The text/sms authentication also requires a phone number to set up. BUT, every time you need to authenticate your identity, you will be required to wait for Microsoft's code. Text/SMS messaging is not guaranteed and delivery time of the message depends on your wireless carrier and cell phone coverage. This option is not recommended due to the wait time concerns. IM&T only recommends the Text/SMS Authentication when there is no access to a smart phone and the Authenticator Applications.

Traveling Abroad? 

Visit our Traveling Abroad page to ensure your MMFA settings won't interfere with your ability to access UNC accounts. 

Be mindful:

If you get a multi-factor prompt from the application, but you are not trying to login, click the Deny button and report the attempt to it.security@unco.edu. It means that someone has your logon credentials.

Additional resources: