Microsoft Authenticator Setup
Download a PDF version of this setup by clicking HERE
Download a Word Document of this setup by clicking HERE
Prefer to watch a video? Get to step 7 first, then visit this link.
What is factor authentication?
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
The first factor will primarily be a computer/laptop and the second factor can be your phone, a verbal call or a text message. Two-factor makes it harder for criminals to break into your account. If you only use a password to authenticate and the password is weak or has been exposed elsewhere, it leaves an insecure avenue for attacks or fraudulent entry.
When you require a second form of ID, security is increased because this additional factor isn’t something that’s easy for an attacker to obtain or duplicate.
How does authentication work?
When you sign into your O365 account, you will receive a prompt for ID verification using one of the following authentication methods:
Something you know, typically a password
Something you have, such as a trusted device like a phone
Something you are, such as biometrics like a fingerprint
You can authenticate your second factor several ways, however, we strongly encourage you to use the Microsoft Authenticator App if your phone is able to utilize it. It is the fastest verification option allowing you to just tap approve on your phone and adds an extra layer of security.
The Microsoft Authenticator app will function and generate new codes every 30 seconds even when you don’t have cellular coverage.
Can two factor be hacked?
Although it is possible for two-factor authentication to be hacked, the odds are very low and 2FA is certainly the best practice when it comes to keeping accounts and systems secure.
One way two-factor authentication could be hacked happens through the SMS method or, in other words, the method by which a one-time use code is sent to a user’s phone number via SMS or an automated phone call.
This is why we recommend using the Microsoft Authenticator app because it adds extra security and codes are contained within the app.
There have been stories of hackers tricking mobile phone carriers into transferring someone else’s phone number to their own phone. The hackers contact the carriers pretending to be their victims, requesting a new SIM with the victim’s number. They then have access to any authentication code sent to that phone number. Called SIM swapping, this is probably the most common way of getting around 2FA.
But carriers’ own security processes are improving and even acknowledging those risks, 2FA remains a strong and essential tool in the fight against cyber-attacks and identity fraud.
In order to use multi-factor authentication with your Capital account, you will need to ensure the following pre-requisites are met:
- You have a phone that can receive SMS texts and/or download the Microsoft Authenticator app
- Have a computer with Office 2016 (or higher) installed
- Internet access to complete the setup
What if I don’t own a phone or my phone doesn’t work with the app?
If you don’t have a phone or your phone can’t use the authenticator app, you can use a mobile device like your university iPad. Install the Microsoft Authenticator app on the iPad. You will need to keep the iPad with you at all times to authenticate.
You can also receive verification codes via text or receive a voice call to your cell, home or office line. Instructions on how to set this up can be found HERE.
What other factors can I use to authenticate?
|Phone call||Sign into your 0365 account from your computer. A call from Microsoft to your phone asking you to verify that it is you signing in. Press the # key on your phone to complete the verification process.|
|Text message||Sign into your 0365 account from your computer. A text message from Microsoft is sent to a your mobile phone with a 6-digit code. Enter this code to complete the verification process.|
|Microsoft Authenticator App (Passwordless)||Sign into your 0365 account from your computer. Microsoft sends a verification request to your mobile app on your phone asking you to Verify or Approve to complete verification process. This needs to be setup.|
|Code Generator with Microsoft Authenticator App||Sign into your 0365 account from your computer. Microsoft sends a verification request to your mobile app asking for the generated verification code. Code changes every 30 seconds. Use this code to sign into your account.|
- If you will be using the Microsoft Authenticator app, you should download and install the app to your cell or mobile device (iPad) first. Visit the app store for your operating system and download for either Android and iOS devices. Setup instructions can be found HERE. You can also watch a video HERE.
- Go to your PC and open this link in your web browser – https://aka.ms/mfasetup. This will prompt you to pick a Microsoft account. Select your Capital email account.
- You will be re-direct to the “Capital Gate” sign in page. Enter your Capital email address or username along with your password and click Sign in.
Follow the instructions in the help document to complete registration of 2FA HERE.
What if I need help?
Contact the IT Help Desk, firstname.lastname@example.org or 614-236-6508. We are here to help if you have questions or a special situation that would require our assistance.