Multi-Factor Authentication


 

Multi-factor Authentication (MFA) was introduced to SUNY Oswego in the Spring 2022 semester.

Password plus proof of 2nd authentication gives you access to service with more security

What is MFA?

Passwords are no longer considered to be the most secure way to protect digital data and services. Instead, many organizations are adding a second layer of security in addition to a password. Often this layer involves using something that a user physically has such as a smartphone or hardware token. An example of this is online banking where you can have a code sent to your cell phone. This is called multi-factor authentication (MFA) and it is being used at SUNY Oswego. 

How does MFA work at SUNY Oswego?

MFA is required when accessing Blackboard, Brightspace, Zoom, Office 365, Adobe, Library databases, Administrative Banner, Degreeworks, SUNY Time and Attendance, SUNY business services, and Spectrum U.  When you access one of these services, you will use your current password along with a code from an app, phone, or hardware token to login. 

When did the campus move to MFA?

On March 14, employees and students were able to opt-in to MFA before the mandatory cutoff dates listed below.  Anyone who did not opt-in before those dates was prompted to do so once they accessed one of the above services.  

  • April 4, 8 a.m.: Employees

  • April 11, 8 a.m.: Residential students

  • April 18, 8 a.m.: Non-residential students

On June 13, Degreeworks, SUNY Time and Attendance and SUNY business services were added to MFA. Brightspace, the new campus learning management system (LMS) replacing Blackboard for the fall 2022 semester and being piloted with some summer classes, was also included.

On June 22 at 8 a.m., myOswego will start requiring MFA. 

Where will I be prompted to use MFA?

Accessing the above services on classroom podium computers will be exempt from MFA for the summer 2022 semester. Otherwise, MFA will be required to use with the above services whether on-campus or off-campus no matter what computer you use.

How do I get started setting up MFA?

Start by setting up your second layer of authentication from your laptop or desktop computer. Once you set this up, MFA will be available for you to use after 4:30 pm that same day excluding weekends. 

The available options for your second layer of authentication include the following. We recommend setting up multiple ways in case you get stuck using one way.  For example, employees could set up the Microsoft Authenticator app and your office phone. That way if you happen to forget your smartphone, you could still receive a code on your office phone.

  • The Microsoft Authenticator app installed on your smartphone.  

  • A code texted to your cell phone, 

  • A code called to your cell phone, office phone, or an alternative phone.

  • A hardware token that can be requested through CTS (employees only) 

If you need assistance setting up MFA, you can also call, email, or stop by the CTS Help Desk during our normal business hours. 

FAQs

What are the preferred options for MFA?

We recommend choosing at least two options that are not both tied to your smartphone. Due to its security, we recommend the Microsoft Authenticator app as one of these options. The other option could be something that doesn’t use your smartphone. For example, you could set up the Microsoft Authenticator app and your office phone number.

I live in an area with poor cellular signal.  What can I do?

The Microsoft Authenticator app does not require an Internet or cellular connection in order to use it. We recommend that option.  You could also use your home phone number as your alternative phone.  

What if I set up MFA on my smartphone and I lose it or forget it?

Make sure you have set up alternative phone numbers that could be used such as your office phone.  If you have no other ways of authenticating, you can contact the CTS Help Desk for assistance.

How often do I have to use MFA?

MFA will be required the first time you access one of the above services that require it.  Once you have used MFA in a browser such as Chrome for one service, the other services accessed in the same browser will not ask for it.  If you access those services in a different browser such as Firefox, you will be prompted again for MFA credentials.  Overall, MFA credentials are required each day.