MFA: Multi-Factor Authentication Setup

This service is available for all faculty, staff, and students.

 

The setup description in this article outlines the process for brand new accounts or for set up after the Tech Desk has reset a user's MFA methods for them. For directions to set up MFA on a new phone/device when you have access to the old device please see the article here.

How it works and when it is used:

Multi-factor authentication (MFA) is a security method for your account that helps verify that you are actually the person who is logging into your account.

  1. You log into your account with your St. Thomas username & password.
  2. You will then either get the notification via the app, or you enter the code from your app or Yubikey to verify it is you logging into your account.

At this time, MFA is only required when:

  • Logging into your account from off campus
  • Accessing systems both on campus or off campus that contain sensitive personal, financial, or health data of the community. 

 

Your Multi-Factor Verification Options

The following are a list of methods that can be used for this second type of verification:

  • Mobile App Notification - ITS Recommended Option
  • Verification Code (via the Mobile App)
  • Yubikey

Verification method options for Multi-Factor Authentication
Verification method Description

Mobile app notification

A verification request is sent to your mobile phone asking you to complete the verification by entering the 2 digit number from the computer's browser screen into notification popup on your phone/device. This occurs if app notification is the primary verification method. If you receive this notification when you are not signing in, you can report it as fraud.

  • Requires cellular or wifi signal on your phone/device
  • Requires download of Microsoft Auntenticator App on your phone/device

Verification code with mobile app

The mobile app on your device generates a 6 digit verification code. This can be used as your primary verification method, or as a backup method of verification if your phone/device does not currently have cellular or wifi access or if your primary method is the app notification, but you are not receiving the notification.

  • Does Not require cellular or wifi signal on your phone/device
  • Requires download of Microsoft Auntenticator App on your phone/device

Yubikey Dongle

The Yubikey option is a USB device that you sync with your computer and the Yubikey app to allow you to MFA without a cell phone or other mobile device. More on Yubikey and how to purchase one and set it up is available here

First Time Setup Instructions for MFA

Most users will be using the Authenticator app from their phone or tablet. This can be acquired from the Apple App store or the Google Play store depending on your device.

Image with the Apple logo instructing you to download an app from the App Store. Image with the Google Play logo instructing you to download an app from the android app store. Image of the device icon representing the authenticator app. Looks like a blue lock with a person on it Device icon for the Authenticator app

The following instructions detail how to setup multi-factor authentication using the Mobile App notification method as listed above.

 

1. Prepare your Authentication method

2. During first time setup, you will usually be automatically directed into setup

  • To get there manually go to the UST MFA Set Up Page and log in with your St. Thomas username & password. (Note: be sure to enter your full username@stthomas.edu. For example: john1234@stthomas.edu)

3. After logging in with your St. Thomas username & password you should receive the below "More information required" message, then click next.

Windows St thomas page presented after logging in with username and password advising that multifactor authentication needs to be set up

4. If you haven't already, download the Authenticator app onto your device from the Apple or Google Play store, then in the browser window click next.

windows St thomas multifactor authentication page. Start by getting the app with download link and next button

5. Open the Authenticator app on your device and start the add a new account process in it, then in the browser window click next.

windows St thomas multifactor authentication page. Authenticator app set up your account. Advises to add new account in the app and select next with download link and next button

6. If prompted in the Authenticator app on your device, choose to allow notifications and select "work or school" as the account type, then in the browser window click next.

windows St thomas multifactor authentication page. Authenticator app set up your account. Advises to allow notifications and pick work or school account and click next button

6. In the Authenticator app on your device choose "scan QR code" then hold it up to the computer screen so that the QR code in the browser is in the scan window of the Authenticator app on your device. The Authenticator app should read the QR code and then confirm "successfully added". Then, in the browser window click next.

7. You will now be prompted to do a test MFA to ensure it is working. You should get a notification on your device. Click on this notification and the Authenticator app should open a window on your device where you can enter the 2 digit number that is being shown on your browser.

8. Success screen, click done and you're all set!


 

 To report a problem or receive additional troubleshooting, please contact the Tech Desk

Click to Request Service Print Article

Details

Article ID: 97640
Created
Fri 2/7/20 9:38 AM
Modified
Wed 7/17/24 11:56 AM

Related Articles (3)

MFA: Yubikey Purchase Links and Setup Instructions
Step by step guide to setting up a Yubikey 5 NFC to work with St. Thomas MFA.

Related Services / Offerings (1)

MFA: Multi-factor Authentication