Microsoft Multi-Factor Authentication (MS MFA) with Phone Authentication - Quick Start Guide

Need-to-Know

  • This guide illustrates the one-time activation process upon first log in to a service requiring Microsoft Multi-Factor Authentication.
  • MFA means when you log into certain campus applications, you provide two authentications of your identity.
  • The first authentication method is your Beach ID login.
  • The recommended second method is the MS Authenticator mobile app
    • SMS text message and phone call options are also available. For employees without a compatible device, a hardware token can be requested.
  • MFA is required to access University provided MS services (Campus email, OneDrive, Office, and SharePoint)
  • Once MFA is enabled for the campus, you will be prompted with an on-screen setup when accessing any University provided MS service.
  •  After setup, each time you access a Microsoft or CMS related service through the Campus Single Sign-On (SSO) you will be prompted for MFA. 
    • MFA will also be required for Microsoft products you have installed on your computer such as Outlook or Office; however, your MFA approval will be remembered, and you won't be prompted again unless you've been inactive in that application for 90 days or you change your password. 

Phone Call/Text Authentication Set Up

  1. After MFA is enabled for the campus, launch Campus email, OneDrive, Office, or SharePoint. You will be prompted with a web browser message “More information required”. Click “Next.Web browser message saying "More information required"
  2. Select “Authentication phone” from dropdown.
  3. Select how you wish to receive verifications: 
    • Receive a code by text message
    • Receive a phone call
  4. Enter your phone number and click “Next”. Additional security verification window showing the "send me a code by text message" contact method
  5. For text message authentication, a test SMS will be sent to your mobile app containing a verification code. Enter the code and click “Verify” then click “Done.” Additional security verification window asking for the verification code sent as a text message
  6. For phone call authentication, a test call will be sent to your mobile device. Enter the code and click “Verify” then click “Done.”  Your setup is complete.

Manage Devices

  1. In a web browser, login to Single Sign On (SSO) at https://sso.csulb.edu
  2. Select any MS service (Campus email, OneDrive, Office, or SharePoint). 
  3. From within the service, click your personal icon in the upper right corner.  
  4. Click “View Account.”
  5. Click “Security Info.”
  6. Click “Add method” to add a new device or change/delete to manage current devices. It is recommended you add multiple devices, even if you don't plan to use them. This will ensure you have alternative access in the event you lose a device or get a new phone.

Manage Default Authentication Device

To change the default sign-in method, click “Change” then select one of the following:

  • Microsoft Authenticator
  • Phone - Call
  • Phone - Text

Security info window showing the methods one can use to sign into ones account.

Printable Version

Access a printable PDF version of this guide

Help

For assistance with MFA, please visit http://helpdesk.csulb.edu and search for “MFA” or contact the Technology Help Desk at helpdesk@csulb.edu or 562-985-4959.