Microsoft Authenticator Setup

Microsoft Authenticator Setup

Download a PDF version of this setup by clicking HERE

Download a Word Document of this setup by clicking HERE

Prefer to watch a video? Get to step 7 first, then visit this link.

What is factor authentication?

Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.

The first factor will primarily be a computer/laptop and the second factor can be your phone, a verbal call or a text message. Two-factor makes it harder for criminals to break into your account. If you only use a password to authenticate and the password is weak or has been exposed elsewhere, it leaves an insecure avenue for attacks or fraudulent entry.

When you require a second form of ID, security is increased because this additional factor isn’t something that’s easy for an attacker to obtain or duplicate.

How does authentication work?

When you sign into your O365 account, you will receive a prompt for ID verification using one of the following authentication methods:

Something you know, typically a password
Something you have, such as a trusted device like a phone
Something you are, such as biometrics like a fingerprint

You can authenticate your second factor several ways, however, we strongly encourage you to use the Microsoft Authenticator App if your phone is able to utilize it. It is the fastest verification option allowing you to just tap approve on your phone and adds an extra layer of security.

The Microsoft Authenticator app will function and generate new codes every 30 seconds even when you don’t have cellular coverage.

Can two factor be hacked?

Although it is possible for two-factor authentication to be hacked, the odds are very low and 2FA is certainly the best practice when it comes to keeping accounts and systems secure.

One way two-factor authentication could be hacked happens through the SMS method or, in other words, the method by which a one-time use code is sent to a user’s phone number via SMS or an automated phone call.

This is why we recommend using the Microsoft Authenticator app because it adds extra security and codes are contained within the app.

There have been stories of hackers tricking mobile phone carriers into transferring someone else’s phone number to their own phone. The hackers contact the carriers pretending to be their victims, requesting a new SIM with the victim’s number. They then have access to any authentication code sent to that phone number. Called SIM swapping, this is probably the most common way of getting around 2FA.

But carriers’ own security processes are improving and even acknowledging those risks, 2FA remains a strong and essential tool in the fight against cyber-attacks and identity fraud.

Pre-Requisite

In order to use multi-factor authentication with your Capital account, you will need to ensure the following pre-requisites are met:

  • You have a phone that can receive SMS texts and/or download the Microsoft Authenticator app
  • Have a computer with Office 2016 (or higher) installed
  • Internet access to complete the setup

What if I don’t own a phone or my phone doesn’t work with the app?

If you don’t have a phone or your phone can’t use the authenticator app, you can use a mobile device like your university iPad. Install the Microsoft Authenticator app on the iPad. You will need to keep the iPad with you at all times to authenticate.

You can also receive verification codes via text or receive a voice call to your cell, home or office line. Instructions on how to set this up can be found HERE.

What other factors can I use to authenticate?

Verification methodDescription
Phone callSign into your 0365 account from your computer. A call from Microsoft to your phone asking you to verify that it is you signing in. Press the # key on your phone to complete the verification process.
Text messageSign into your 0365 account from your computer. A text message from Microsoft is sent to a your mobile phone with a 6-digit code. Enter this code to complete the verification process.
Microsoft Authenticator App (Passwordless)Sign into your 0365 account from your computer. Microsoft sends a verification request to your mobile app on your phone asking you to Verify or Approve to complete verification process. This needs to be setup.
Code Generator with Microsoft Authenticator AppSign into your 0365 account from your computer. Microsoft sends a verification request to your mobile app asking for the generated verification code. Code changes every 30 seconds. Use this code to sign into your account.

Getting started

  1. If you will be using the Microsoft Authenticator app, you should download and install the app to your cell or mobile device (iPad) first. Visit the app store for your operating system and download for either Android and iOS devices. Setup instructions can be found HERE. You can also watch a video HERE.
  2. Go to your PC and open this link in your web browser – https://aka.ms/mfasetup. This will prompt you to pick a Microsoft account. Select your Capital email account.                                                         
  3. You will be re-direct to the “Capital Gate” sign in page. Enter your Capital email address or username along with your password and click Sign in.

Follow the instructions in the help document to complete registration of 2FA HERE.

What if I need help?

Contact the IT Help Desk, helpdesk@capital.edu or 614-236-6508. We are here to help if you have questions or a special situation that would require our assistance.

Email: Auto forwarding from your Capital account to your personal account

This week, IT was made aware that Microsoft recently activated a global security enhancement feature with all O365 email accounts in which they blocked your ability to forward email messages from your internal O365 account (capital.edu) to any of your external accounts such as Gmail or Yahoo. Internal forwarding, from one capital.edu account to another capital.edu was not affected.

Although Microsoft made this global change, they have allowed an option for IT to enable the external forwarding capabilities again, so we have re-enable this feature as of this morning, which should allow you to continue to forward messages from your internal account to any external accounts.

Please note: Since this change was made this morning, you may not have all your email in your personal account, you will have to log in to your Capital mailbox and see what messages you have received over the last few days that did not forward.

 

Problems with Microsoft 365 Outlook, SharePoint, OneDrive and Azure Services

Cloud-based Microsoft applications, including Microsoft Teams, O365 Outlook, Exchange, SharePoint, OneDrive and Azure, went down across the U.S. yesterday.

Users of these services, reported they were unable to login and were presented with a “transient error” message informing them there was a problem signing them in.  These issues appear to have started at around 5:30 p.m. ET, with services not returning to normal for many until 10 p.m. ET.

Two hours after rerouting traffic to “alternative infrastructure,” Microsoft reported improvements in multiple services, however, some of you may still experience sluggishness and degrading service while accessing the 0365 Suite.

The latest update from Microsoft as of 9:25 a.m. reported issues with authentication for its cloud services. The original outage had affected services worldwide, however, as of this morning, it has been isolated to mainly North America and Canada.

The Capital University Department of IT will continue to monitor this situation and update the IT Status Page as we get updated information from Microsoft.

Questions, inquiries or concerns can be directed to the IT Helpdesk, helpdesk@capital.edu or 614-236-6508.

================================================================

Below is the original status update from Microsoft Corporation:

Some users may experience degraded performance while accessing Microsoft 365 services

MO223049, Microsoft 365 suite, Last updated: September 29, 2020 3:15 PM

Start time: September 29, 2020 8:05 AM, End time: September 29, 2020 3:15 PM

Status

False positive

User impact

The investigation is complete and we’ve determined the service is healthy. A service incident did not actually occur.

===============================================================

Title: Some users may experience degraded performance while accessing Microsoft 365 services

User Impact: The investigation is complete and we’ve determined the service is healthy. A service incident did not actually occur.

Final Status: The investigation is complete and we’ve determined the service is healthy. A service incident did not actually occur. This communication will expire in 24 hours.

Current status: Our initial analysis into network infrastructure and components which facilitate admin portal access indicate that the service is healthy. We’re continuing to review service diagnostics to identity impact.

Scope of impact: At this time, initial indications suggest that impact is limited to North America and Canada.

Next update by: Tuesday, September 29, 2020, 3:00 PM (7:00 PM UTC)

=================================================================

Potential issue with Microsoft 365

MO223049, Microsoft 365 suite, Last updated: September 29, 2020 8:37 AM

Start time: September 29, 2020 8:05 AM

Status

Investigating

User impact

Users may be unable to access or experience degraded performance while accessing Microsoft 365 services.

 

 

 

New User Account Policy Change

 

DATE: Wednesday, May 15, 2019
To: Faculty, Staff and Students
From: The Department of Information Technology
Subj: New User Account Policy Change

 

A User Account Policy change will take effect immediately due to Microsoft’s new licensing considerations in which Capital University is now required to close user accounts, including e-mail and account services (ex: WebAdvisor, iLearn, etc.) for students who have graduated or stopped attending Capital University.  The updated User Account Policy can be found online at https://www.capital.edu/information-technology-policies/.

The “Email for Life” model for Capital students will no longer be offered as a service due to licensing costs and restrictions.  Licenses for student accounts that require a connection to Capital’s active directory server (provides authentication and authorization to systems and services), are only for current students registered for classes. After graduation, account licenses must be reassigned back to the Capital’s licensing pool and reassigned to incoming students.

Students affected by this policy change will need to migrate their Capital digital content into a preferred personal e-mail service or digital repository to ensure they do not lose any important records or communications. Students who have recently graduated from Capital will have 120 days from their graduation date to migrate their digital content. All other graduates prior to this term will have until June 16, 2019.  Exceptions will be made for law school students that corresponds with bar exam requirements and for students with special circumstances.

Because all students and graduates are valued members of our Capital family and community, we do not want to lose contact with them and ask that you help communicate and refer them to update their contact information with Capital’s online alumni community as soon as possible.

Capital Career Services:
CAPITALjobline – Capital’s online career profile tool: make appointments with peer career advisors; upload resumes; and search for positions.  Register online by going to: https://candidate.gradleaders.com/CapitalUniv/Candidates/Login.aspx?pid=3851

Alumni Engagement:
CapConnect – Capital’s online tool to help alumni stay connected and engaged with the #CapFam. Register online by going to: https://www.capconnect.org/

Law School Graduates:
Updating Alumni Contact Information – For law school alumni needing to update contact information, please go to: https://law.capital.edu/Update_Your_Information/. To contact the Law School Alumni/Development Department, please email: tbotsko@law.capital.edu or call 614-236-6604.

Graduate Job Posting Board & Career Management System (Symplicity) Access:
Law School graduates who use their Capital Law email address as their primary email address for employment opportunities and as their username to access Symplicity, the Law School’s Job Posting Board and Career Management System, are encouraged to log in and update your email address to a personal email address. If you have issues accessing your Symplicity profile now or in the future, please contact the Office of Professional Development for assistance at 614-236-6888 or OPD@law.capital.edu

Bar Studies:
For recent Law School graduates preparing for the Bar exam, please send an alternate (non-capital) email address to the Director of Bar Services, Professor Yvonne Twiss, at: ytwiss@law.capital.edu

If you have any questions, please feel contact the IT Help Desk at 614-236-6508 or helpdesk@capital.edu. (This notice has been created and sent as a courtesy to allow you time to gather and move any e-mail data prior to the expiration. After expiration your Capital e-mail mailbox will be deleted, and once deleted the data is not recoverable.)