Multi-factor authentication (MFA) involves something you know (your username and password) and something you have (your phone). After you set up your multi-factor authentication, you will continue to use the same username and password, but you will also be prompted to provide an additional verification that you are currently trying to sign in. This extra layer of security prevents anyone but you from logging in to your account, even if they know your password. A common example would be a verification code sent via text to your cell phone when you try to log on, which you then have to enter before access is granted.
To protect student and employee data, MFA is mandatory for all faculty, staff, and work-study employees to access all OTC systems when outside of the College’s computer network. These services include, but are not limited to, myOTC, email, Canvas, Zoom, and Microsoft Teams. In addition, any employee who is accessing their OTC email on an OTC computer via a web browser (https://outlook.office.com or via MyOTC) will be required to use MFA, either via a text message or the Microsoft Authenticator Application. Note: You will not be required to use MFA if you are using the Outlook desktop application on an OTC computer. You will also not be required to use MFA for any other service, such as Canvas, while on an OTC computer at this time. Note: You will not be required to use MFA if you are using the Outlook desktop application on an OTC computer. You will also not be required to use MFA for any other service, such as Canvas, while on an OTC computer at this time.
|
Note: The Microsoft Authenticator App or SMS are the recommended methods. If your primary method of verification is a phone call to a landline, this will make it difficult to use your primary method of verification in multiple locations. Note: The Microsoft Authenticator App or SMS are the recommended methods. If your primary method of verification is a phone call to a landline, this will make it difficult to use your primary method of verification in multiple locations. |
You will need a computer, your smartphone or tablet, and your OTC username and password.
It is highly recommended that you have multiple devices configured for MFA. The more devices you use, the less likely you are to get locked out. |
This method supports receiving SMS text messages for MFA verification or a phone call as a backup method. These directions assume a cellular network connection to receive the SMS texts. You will need a computer, the phone you will use when logging in, and your OTC username and password.
|
This method supports receiving a phone call for MFA verification. This method supports any smartphone, basic cell phone, or landline.
You will need a computer, the phone you will use when logging in, and your OTC username and password.
|
When you are prompted to authenticate: With the Microsoft Authenticator App
Without the App
|
What is Multi-Factor Authentication (MFA)? Multi-factor authentication (MFA) involves something you know (your username and password) and something you have (your phone). After you set up your multi-factor authentication, you will continue to use the same username and password, but you will also be prompted to provide an additional verification that you are currently trying to sign in. This extra layer of security prevents anyone but you from logging in to your account, even if they know your password. A common example would be a verification code sent via text to your cell phone when you try to log on, which you then have to enter before access is granted. Why do I need this? We are deploying MFA in response to a rise in the scope and sophistication of phishing and malware attacks that are targeting our faculty and staff. The high rate of successfully compromised passwords is a serious and pervasive threat to information security at OTC. What devices are supported?
It is strongly recommended that you add an additional device to your MFA setup to serve as a backup. I don’t have a smartphone, basic cell phone, landline, tablet, hardware token, or I am unable to use MFA. If you have concerns about meeting this requirement, please contact the Help Desk at 417-447-7548. Where can I obtain a hardware token? You can obtain a hardware token by contacting the OTC Help Desk at 417-447-7548. I have a YubiKey, can I use this instead of a hardware token? Yes. Yubikeys are allowed to be use with Microsoft MFA, but they are not officially supported by OTC. You can attempt to setup you key using Yubico's official documentation. How often do I need to use MFA? That depends on:
In general, you should be asked to authenticate every 8 hours per browser or app on each device I was suddenly asked to provide MFA verification when I did not expect it. Why might that happen?
I didn’t receive the text message or the verification times out. Delivery of SMS messages are not guaranteed because there are uncontrollable factors that might affect the reliability of the service. If you often have problems with reliably receiving text messages, please try to use the Microsoft Authenticator app or a phone call instead. The mobile app can receive push notifications both over cellular or Wi-Fi connections. In addition, the Microsoft Authenticator app can generate verification codes when the device has no signal at all. I have lost my device or can no longer use it to perform MFA verification. If you have set up MFA on a device that was lost, stolen, or is otherwise no longer accessible, you'll need to call the Help Desk at 417-447-7548 to verify your identity and have your Multi-Factor Authentication reset. Once reset, you will need to set it up again using this link: https://aka.ms/mfasetup Alternatively, you will be prompted for setup through: https://portal.office.com If you have NOT set up Multi-Factor Authentication, you may receive SAML and other authentication errors until you have completed the MFA setup when trying to log into MyOTC, Canvas, the OTC Help Desk site, and other OTC resources. Why isn’t third-party email offered as an MFA verification method? OTC is using Microsoft Multi-Factor Authentication service to provide MFA service. Microsoft does not support third-party email as a verification method for their MFA service. Microsoft's documentation website offers a list of supported authentication methods. If I use my personal phone number for MFA, where does that phone number go? Can/will it be used for other purposes? Phone numbers provided for MFA are stored by Microsoft. They are not used or transmitted to any other OTC service or system. See Microsoft’s privacy notice for more information on their privacy policies. Can I use MFA without data and/or a text plan for my device? The verification code option works without a data plan, text plan, or even a connection. Once installed the Microsoft Authenticator App can generate a verification code without the need for either a cellular signal or data plan. If I authenticate using my personal phone (smart or cell) will I be charged? Charges depend on your carrier and plan but are very nominal. The push notification is 2kb. The SMS text is standard text pricing. The phone call is the cost of a standard call. To avoid charges, you can use the Microsoft Authenticator app with verification codes. |
Smartphone General Troubleshooting
Resetting Multi-Factor Authentication If you have set up MFA on a device that was lost, stolen, or is otherwise no longer accessible, you'll need to call the Help Desk at 417-447-7548 to verify your identity and have your Multi-Factor Authentication reset. Once reset, you will need to reset it using this link: https://aka.ms/mfasetup Alternatively, you will be prompted for setup through: https://portal.office.com SAML or other authentication errors You may receive a SAML error or other authentication errors when trying to log into MyOTC, Canvas, the OTC Help Desk site, and other OTC resources, if:
|
If you need assistance, please feel free to contact the IT Help Desk.