Online Security at Myerscough College
What is Two Factor Authentication (2FA) ?
Before you start on your first day and when you access office 365 you can follow the steps below to speed up your access to our systems when you need to use them off campus.
You access a video on how to use 2 factor authentication here: Set up multi-factor authentication with a mobile device in Microsoft 365 Business - YouTube
Two-factor authentication (2FA) adds a layer of security to the authentication process when you sign into Microsoft 365 online applications, when you are off-campus.
Your identity is verified by using two methods or “factors” of authentication:
- Something you know (Myerscough College password)
- Something you have (mobile device - tablet or phone)
2FA makes it more difficult for online attackers to gain access to your account. Even if an unauthorised person has your password, it is unlikely that they will also have your device.
When 2FA is activated, you will be challenged to confirm your identity using your preferred method every time you log on when off campus.
You will only be challenged one time only when you log onto Office 365 when on any of the College campus locations.
How to Set Up 2FA
The College IT Teams will be switching Office 365 logins to require 2FA shortly.
When you log in you will be asked to set up a Self-Service Password Reset questionnaire and then to set up your 2FA Methods.
Self-Service Password Reset (SSPR) is a Microsoft feature that provides 2FA users with the ability to reset their own password if they have forgotten it,or are locked out of their account.
NOTE: SSPR is only available for accounts that are 2FA-enabled.
The SSPR questionnaire will ask you to provide a personal email address and your mobile number. These will be used to send verification codes or messages to you if and when you need to reset your College password.
When Setting up Two factor Authentication, you will be offered three methods
Authenticator App
SMS
Calls to your mobile phone.
The Authenticator App is the easiest method to use. If you select this method, you will need to download the Microsoft Authenticator App onto your mobile device, then follow the on-screen instructions on your computer. Clicking through the instructions on your computer will reveal a QR code. You scan this QR code into the Authenticator app on your mobile device. This then links your mobile phone to your College Office 365 account.
If you select SMS Authentication, a message will be sent to your mobile with a code every time you log in to your account when off Campus. You will need to enter the code when prompted into the computer before your login can complete.
If you select Mobile Phone Call, your phone will ring and an automated message will ask you to confirm your login attempt was genuine by pressing a key on your mobile phone. As Microsoft is an American company, the automated voice may ask you to press the “pound” key. This is how the American’s refer to the hash # key. The # key should be pressed
The Authenticator App is the easiest to use. It does not use any of your data allowances or will incur any cost at all and it will work over Wi Fi. The downside is that the authentication is tied to your mobile phone hardware, not the app. If you change your mobile phone regularly, then you will need to set up the authentication anew each time.
SMS and Mobile phone call authentication is tied to your mobile number. If you live in areas where mobile phone signals are poor, then you may struggle to log in.