To enhance the security of CU Boulder accounts, OIT is enabling multi-factor authentication (MFA) to protect Microsoft Office 365 applications. Starting in early November, all CU Boulder employees – this includes faculty, staff and student employees – will be enrolled in MFA in two different batches and given 14 days to register. You will receive an email letting you know when you will start to be prompted to register in MFA, on what date MFA registration will be required to log into Microsoft applications and how to register.
Student employee accounts
Eventually, MFA will be applied to primary student accounts using Microsoft Office 365 applications, but in this phase of the MFA enrollment, only secondary accounts that have been set up for student employees will be enrolled. Student employee accounts look like this, [email protected]. While primary student accounts look like [email protected] (with no “exc” attached to your username).
How to register
Once you are enrolled in MFA, as you sign into Outlook, Teams, OneDrive, Word and other Microsoft applications, you will be prompted to register in Microsoft Multi-Factor Authentication and allowed 14 days to do so. The registration process is relatively simple and we have provided MFA login instructions on the Microsoft Office 365 page. If after 14 days you still have not registered, you will be required to do so before being allowed to login to Microsoft applications.
During registration, you will be prompted to set up MFA to login to Microsoft applications and have two options for proving who you are. You can register to get a text message with a code you’ll type in when you log in or you can download and install the mobile app on your phone. The mobile app only requires you to tap a button to log in but can take more time to set up. If using the mobile app sounds more convenient, we suggest adding the texting feature first, followed by adding the mobile app.
How to log in after you’ve registered
When you log in to a Microsoft Office 365 application for the first time after registering, you could be prompted with the second factor that you set up during registration. After the initial registration, you will only be prompted to use MFA when a threat to your account is detected.
Why we’re doing this
One of the most common ways cybercriminals attack our campus is through collaboration services like Office 365. MFA helps protect you by adding an additional layer of security, making it harder for attackers to log in as if they were you. Your information is safer with MFA because thieves would need to steal both your password and your phone. MFA has been shown to block 99.9 percent of compromised-credential attacks, which in turn will help to safeguard the university’s data, finances, and reputation.
Multi-factor authentication is considered a foundational element in a security strategy. It’s employed by most financial institutions and CU employees have been using MFA to access the CU Resources area of the employee portal since 2014.
If you have questions about multi-factor authentication, please check out the Multi-Factor Authentication FAQs or contact the IT Service Center at [email protected] or 303-735-4357.