MMFA Quick Guide

Get fast answers to Microsoft's Multi-factor Authentication, including how to setup your preferences. *Note: the app will perform the best while working off-campus. 

MMFA Quick Guide

Purpose

The purpose of this policy is to establish the requirement to protect the university and its employees from damage related to account compromises by requiring an additional layer of authentication known as multi-factor authentication.

A few months ago, 3rd party companies started to report their single sign-on credentials were being stolen in phishing attacks and being used by attackers to compromise sensitive data stored in 3rd party companies' applications.

For more information, please see UNC's Multi-factor Authentication Policy.

Traveling Abroad? 

Visit our Traveling Abroad page to ensure your MMFA settings won't interfere with your ability to access UNC accounts. 

What is Microsoft's Multi-factor Authentication?

Microsoft Multi-factor Authentication (MMFA) helps safeguard access to UNC data and applications while maintaining simplicity for users. It provides additional security by requiring a second form of authentication when users are off campus. 

The security of UNC's system requires a two-step login process. By using multiple authentication factors, the MMFA presents a significant challenge for attackers. Even if an attacker manages to learn the user's password, it is useless without also having possession of the additional authentication method. It works by requiring two or more authentication methods.

Who will this impact? 

This policy applies to all faculty and staff as well as any third party or contractor that is issued a university credential. This is in support of University Regulation Article 9 Part1: Information Technology Security Plan.

What to expect?

When you try to access Outlook or Slate, while not connected to the UNC administrative network, you will be prompted to authenticate with a second factor.

Depending on how you choose to set this up, the multi-factor system will call or text your phone with a code, ask for a code from your authentication application, or simply prompt you with an allow or deny from the authentication application.

APP Authentication

The app authentication takes a couple of steps to setup. BUT, once it's done, authentication will be a simple button click on your phone. 

IM&T recommends this option. This will make authentication simple and easy!

Check

Text/Call Authentication

The text/call authentication requires a phone number to setup - simple, right? BUT, every time you need to authenticate your identity, you will be required to wait for Microsoft's code (either via text or phone call). Then, you will need to type the six-digit code in order to log in. 

IM&T only recommends this option to those who do not have access to a smart phone. 

You can set up your preferred method of multi-factor by accessing the Multi-factor Setup Portal

Need help? Check out the MMFA Quick Guide to assist you through the process.

You will be able to exempt your device for up to 60 days before being prompted to use your second factor again. Use the Microsoft Authenticator application on your mobile device and use the “Notify me through app” option. This will walk you through downloading and installing the application and whenever you need to use the multi-factor authentication it will just send a prompt to your phone.

If you do not wish to use the Microsoft Authenticator application, you are welcome to use any of the other options.

What is the timeline? 

UNC Faculty, Staff, and Students will migrate to the new system based on last names. 

November 18, 2019

Phase 1

Last names beginning with A will be required to use MMFA while off campus. 

December 9, 2019

Phase 2

Last names beginning with B andwill be required to use MMFA while off campus.

January 21, 2020

Phase 3

Last names beginning with D, E, F, or G will be required to use MMFA while off campus.

February 3, 2020

Phase 4

Last names beginning with H, I, J, or K will be required to use MMFA while off campus.

February 17, 2020

Phase 5

Last names beginning with L or M will be required to use MMFA while off campus.

March 2, 2020

Phase 6

Last names beginning with N, O, P, Q, or R will be required to use MMFA while off campus.

March 16, 2020

Phase 7

Last names beginning with S, T,  or U will be required to use MMFA while off campus.

March 30, 2020

Phase 8

Last names beginning with V, W, X, Y, Z and any user not already included in earlier migrations will be required to use MMFA while off campus.

Tips:

Do NOT use your office number as your second authentication factor for access. If you are on the UNC networks, you will not need to use a second authentication factor.

Be mindful:

If you get a multi-factor prompt from the application, but you are not trying to login, click the Deny button and report the attempt to it.security@unco.edu. It means that someone has your logon credentials.

Additional resources: