Microsoft Multi-Factor Authentication (MS MFA)

Available To

Students, Faculty, and Staff

Service Overview

Microsoft Multi-Factor Authentication (also known as Two-Step verification) adds a second layer of security when you log into Microsoft (MS) services such as campus email, OneDrive, and MS products installed on your device(s) including Office.  This may also apply to some non-Microsoft campus services that are MFA enabled.  MFA means that when you log into certain campus applications, you provide two verifications of your identity.  

Verifying your identity using a second factor prevents anyone but you from logging in, even if they know your password.  A two-step verification method is stronger than a password alone because two factors confirm that you are who you say you are:  something you know (your password) and something you have (a mobile device).  

Service Details

Students, Faculty, and Staff will be required to utilize Microsoft Multi-Factor Authentication (MFA) when accessing Microsoft products starting in Spring 2021. CMS Human Resources, and CMS Enrollment Services Administrative users will also be required to use MS MFA when accessing CMS related services during this time.

You will be prompted to use MFA each time you select a Microsoft or CMS related service through the Campus Single Sign-On (SSO) service.  MFA will also be required for Microsoft products you have installed on your computer or mobile device such as Outlook or Office; however, your MFA approval will be remembered and you won't be prompted again unless you've been inactive in that application for 90 days or you change your password.

Supported Second-Factors Methods

Method Process More Information

Mobile App Push

Microsoft Authenticator App
(Recommended)

The Microsoft Authenticator app will present an on-screen option to approve or deny the log in request. Apple (iPhone, iPad, Watch) and Android (phone, tablet) devices are supported.

Download the app:

Google Play App Store Apple App Store

Verification Code  Microsoft Authenticator App
(Recommended)
The Microsoft Authenticator app will present a new one-time code to use for each MFA-required login. For employees without a compatible device, a hardware token can be requested through your department Administrative Services Manager (ASM) or technical coordinator. (Due to remote work conditions, token programming and issuance is significantly delayed.)
SMS/Text Message SMS (text) message to a mobile device You'll receive a SMS/Text message with a code to enter to complete the log in process. Text message charges may apply depending on your phone plan.
Phone Call Mobile or land line telephones You'll receive a phone call with a code to enter to complete the log in process. Phone charges may apply depending on your phone plan.

Manage your Devices 

If you'd like to manage your devices, including adding new second factors or changing your default factor, please click on the Manage button below. 

register Now button

Initial Account Setup (New Employees & Students)

Upon first log in to any service requiring Microsoft Multi-Factor Authentication, you'll be presented with on-screen options to configure your device to accept MFA. These guides illustrate the process:

Configuring Your Account for Microsoft Authenticator App - Quick Start Guide
Configuring Your Account for Call/Text Messages - Quick Start Guide 

After initial account setup, you can change and manage your MS MFA sign-in methods/devices:

How to Manage MFA Login Methods/Devices

Services Requiring MS MFA

All University-provided Microsoft Services including: Campus email, OneDrive, Office, and SharePoint - January/February 2021
Common Management System Human Resources (CMS HR) - February 2021
Common Management System Enrollment Services (CMS ES) - February 2021