Multi-Factor Authentication

Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords. Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.

Network accounts will now require multi-factor authentication when accessing these Microsoft applications or sites on either your computer, mobile device or web:

• Outlook
• Skype
• OneDrive
• SharePoint
• All other services available from the Office 365 portal

See the Multi-factor Authentication page for instructions on enabling MFA.

It is becoming very common for attackers to obtain usernames and passwords by luring users into sites that look legitimate but actually trick people into giving away their credentials. MFA helps prevent this. Even if a hacker obtains your username and password, they will be unable to log on without the additional form of authentication.

Microsoft Authenticator is Microsoft’s free app that allows you to quickly and easily approve a multi-factor authentication (MFA) request with one tap on your smart phone.

Once this is installed on your iPhone, iPad, or Android device, upon logging into your account, Microsoft will push an approval notification to Microsoft Authenticator. By pressing the approval button on your mobile device, you will complete the login process to your Office 365 account to access your applications and files.

With Office 365 MFA and Microsoft Authenticator set up, there is no need to carry a bulky token or waste time manually entering in passcodes. You will be able to authenticate right on your smartphone with one tap. You can also use the authenticator for passcodes if you like, although the push feature is much easier.

You can view this video to see Microsoft Authenticator in action.

When logging in to an application that is protected by Office 365 MFA, you will still enter your username and password. 

After submitting your credentials, you will be required to complete a second method of authentication. This can be as easy as the “push” method (Microsoft Authenticator) or you can choose to receive a code, a text message or a call to your mobile or landline.

Please note that when your account becomes MFA enabled, you will have a countdown of 14 days to do so, although we do not recommend putting off the process that long. This countdown is in place to provide a convenient time schedule for you to switch over your account to be MFA-enabled, without causing interference with time sensitive deadlines. To the left is a screenshot image to show you what you will see when you go to the Office 365 portal once your account has MFA applied.

It is also important to know that Office 365 MFA does not replace or require you to change your username and password. Office 365 MFA is an extra layer of security added to your current login method.

Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company and ask you to provide sensitive information. This is usually done by including a link that will appear to take you to the company’s website to fill in your information.

In case of receiving a phishing email or an email you don’t recognize, please contact us immediately at IT_Security@sacredheart.edu. Do not open any email attachments or click on any of the links. Delete the email.