What is Multi-Factor Authentication (MFA)?
Multi-Factor Authentication (MFA), sometimes called two factor (2fa), is an additional layer of security added to the login process. MFA is two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you will be the mobile device you set up. This means that even if your password is hacked, your account will remain secure.
Who is currently impacted by MFA?
MFA is being rolled out in phases, piloted first by Library Information Systems (LIS), then rolled out to faculty and staff in the University. Student MFA will be phased in at a later date that is still to be determined.
What happens if I do not setup MFA?
Access to Microsoft 365 services (Outlook, Teams, OneNote, OneDrive, or SharePoint) is not permitted until MFA setup is completed. MFA is specific to Microsoft services, it does not impact logging in locally into your University Asset ( such as laptop or workstation ) or other University resources ( such as Canvas, myWidener, EvaluationKit, Colleague, etc. ).
What applications/systems are currently protected with MFA?
At this time, MFA is being used to authenticate into Microsoft 365 or any of the applications of the suite, including Outlook, Teams, OneNote, OneDrive, and SharePoint.
MFA is specific to Microsoft services but does not impact logging in locally into your University Asset ( such as laptop or workstation ) or other University resources ( such as Canvas, myWidener, EvaluationKit, Colleague, etc. ).
How often do I have to re-authenticate?
The current setting requires that you approve access or enter in a code on the initial login, then you can select the “Don’t ask again for 60 days” option. If you do not select that option, it will require MFA authentication each time. This configuration will be required to be set per browser application (non-incognito/non-private), and per each device attempting to authenticate your account.
Do I have to authenticate through MFA separately for each browser or device?
Yes, you will need to authenticate for each browser (chrome, safari) or device (PC, phone, tablet) that you login to your Microsoft 365 account. Each browser on each device that you use will require MFA authentication. The exception is when you are connected to the Widener’s Internet or WiFi Network you will NOT be prompted for MFA authentication.
Note: MFA is specific to Microsoft services, it does not impact logging in locally into your University Asset ( such as laptop or workstation ) or other University resources ( such as Canvas, myWidener, EvaluationKit, Colleague, etc. ).
How do I setup MFA for my Microsoft 365 account ?
Detailed instructions are here.
Setup your mobile phone device.
Note: You will need to set up the Authenticator App on your cell phone prior to your account being “enabled” or “enforced” for MFA.
On your next Microsoft 365 login you will be prompted for an MFA action depending on the device setup that you chose. Our CX Team representative will help confirm this during your call.
Note:You are not prompted for MFA verification when connected to Widener’s Internet or WiFi Network.
Which web browser should I use for setting up my phone for MFA?
You can use any browser to setup MFA. The web browser is merely being used to configure MFA on your Microsoft 365 account settings and to connect your Widener LoginID to the Microsoft Authenticator app installed on your phone.
What are my authentication options?
There are a few different authentication methods. We recommend only using the Microsoft Authenticator app approval process. There are other options that may be used in special situations including “Text Message” and “Call Me”. These options can be used by all phone device types including Flip Phone, iPhone or Android.
Where do I modify my MFA authentication settings?
You can make changes to your authentication settings by visiting this link https://aka.ms/MFASetup
Why must I use a Personal Device to setup MFA?
We request that you use your personal device as your device is unique to you. This helps to ensure your account can only be accessed by the person in possession of your phone. Even if someone has your LoginID and password, they would not be able to access your Microsoft 365 account without your personal device.
Do I have to enroll MFA on my Corporate Account(s)?
Currently no, this phase of the MFA security roll-out is only for personal Widener accounts. If you are an owner of a Corporate Account, we will notify you when we start the roll out phase for such accounts.
What if I am not prompted to enroll in MFA?
You will not be prompted to enroll; on May 13th everyone will be required to use MFA. To setup MFA for your account please visit these detailed instructions here. If you have question or need assistance with this process, please call the CX Team, 610-499-1047 dial option #3 or submit a QuickTicket for further support.
I forgot/left my mobile device at home, now what?
If you do have your mobile device with you and are prompted for MFA verification, please contact the CX Team by calling 610-499-1047 dial option #3. Good News! If you are on Campus and you are connected to Widener’s Internet or WiFi Network, you will not be prompted for MFA verification.
What if I experience an issue with MFA?
If you have any issues with MFA, please contact the CX Team by calling 610-499-1047 and dial option #3.
Can I use a different Authenticator App?
Although other apps may work like the Google Authenticator app, The Microsoft Authenticator app is the only app that LIS will be supporting.
What if I need to change my phone number?
Visit this weblink https://aka.ms/MFASetup, to make modifications to your security MFA settings.
How can I test as an Early Adopter after Im enforced ?
Anytime you are interested in testing MFA on your account, select one of the optional links below for instruction.
• Test using Safari
• Test using Chrome
• Test using Firefox
Note: You will not be prompted for MFA while connected to Widener’s Internet or Wi-Fi Network while testing.
My mobile workstation is lost or stolen, what do i do?
1. Immediately change your Widener password http://pss.widener.edu.
2. Change the password on your 3rd party email address on record with PSS.
3. With passwords changed disable all compromised devices here.
4. Call the CX Team at 610-499-1047 and report the incident.
5. Monitor your sign-ins for any suspicious activity here
… CX Team will give you further instructions.
My mobile device with Microsoft authenticator app is lost or stolen, what do I do?
1. Immediately change your Widener password here http://pss.widener.edu
2. While still in PSS click Edit Profile (click for visual) to update your personal cellphone number used in resetting your password. You can make this blank.
3. Change the password on your 3rd party email address on record with PSS.
4. With passwords changed disable all compromised devices here.
5. Call the CX Team at 610-499-1047 and report the incident.
6. Monitor your sign-ins for any suspicious activity here
… CX Team will give you further instructions.
Please visit the MFA FAQ’s for more information. If at any time you experience any issues with setting up or logging in using MFA, please submit a quickticket.widener.edu or call the CX Team at 610-499-1047 for further assistance.
