MFA - Main Page

What is MFA?

Multi-Factor Authentication, MFA, helps ensure a user's identity when attempting to use SVSU software and systems.  It requires SVSU users to present two pieces of evidence when logging in to any SVSU system.  One piece of evidence will be the SVSU username and password.  Users will choose the other method of evidence, or authentication, that best fits their lifestyle, from the available options.  Without authentication, your log in will fail on any application that uses single sign-on in your browser. 

The premise behind MFA is that the bad guys can get your ID and Password, but it is much harder to get something that you have.

Set up MFA at mfa.svsu.edu .

When Will MFA be Applied to My Account?

MFA is being implemented in stages across campus.  When it is your turn to activate MFA on your account, you will receive a welcome email message from MFAuth@svsu.edu with directions to set up your user account for MFA. If you ignore this message, your account will become inaccessible one week after receiving the message.  You will then need to contact the IT Support Center to regain access to your account.

Example of the welcome email you will receive:

From the welcome email, click the Multi-Factor Authentication User Portal link.  Or, go to mfa.svsu.edu

How Do I Set up MFA for the First Time?

We recommend using the Authenticator mobile app.  View the related articles, listed on this page, for instructions on mobile app setup as well as instructions on other methods and MFA features.

Why does SVSU use MFA?

To better Protect YOUR identity, YOUR data, and the data that SVSU has about you.

Authentication Method Options

When deciding on you preferred method of authentication, please consider the strength of your cell and WiFi signals.  Phone calls and text messages are sent via cell service.  The mobile app receives a notification via WiFi or cell service.  See instructions for setting up all methods, in the related articles section, at right.

Method options for authentication are:

  • Mobile App (Recommended)
    • Requires you to download the app, Microsoft Authenticator, on a smart device.  
    • After entering your SVSU username and password, you will receive a notification from the Authenticator app.  If your device has fingerprint or facial recognition, you may take advantage of that feature to approve the authentication.  Other device users will type their 4-digit PIN and select Approve to authenticate.  Many people find this to be the easiest method to use.
  • Text Message
    • Use a device that has SMS text message capabilities.  
    • After entering your SVSU username and password, you will receive an automated text message containing a code.  Type the code along with your 4 digit PIN into the requesting field on your computer.
  • Phone Call
    • Use any phone to authenticate.  Be sure it is a phone you will regularly have near you when you need to authenticate.  We suggest using your cell phone, but you can use your office phone if you know you will be near this phone every time you need to authenticate. 
    • After entering your SVSU username and password, you will receive an automated phone call.  Answer the phone and enter your 4-digit PIN, followed by the pound symbol, #, when prompted. 
  • Oath Token
    • SVSU faculty and staff can request their first Oath token for free from the IT Support Center.  Replacements must be purchased from Campus Financial Services. Students wishing to use an Oath Token can purchase them from Campus Financial Services.  
    • An Oath Token is a device, the size of a flash drive, that displays a unique series of numbers, on a 30 second rotation.  
    • After entering your SVSU username and password, turn on your Oath Token and type the numbers that are displayed into the prompt on your computer.

Mobile App Users- Note About New Phones

Should you get a new phone, you will need to install and re-activate the Microsoft Authenticator app. Please review your security questions and answers before purchasing a new phone as you will need this information to activate the Mobile App.

Smartphone Email Users

The Outlook email app is the only email app that ITS supports using with MFA.  iOS and Android users will not be able to use their native email apps after MFA is enabled.

 

Using MFA After Your Account is Setup

  • When trying to access an SVSU service, you will be prompted to authenticate using the preferred method you set. The system will not complete the log in until after it has received the authentication information.
  • A screen saying that “For security reasons, we require additional information to verify your account.” will appear for one minute.  
  • After one minute, if you have not used your preferred method to authenticate, the screen will display 2 of the 4 security questions.  Please remember your security question answers.  Oath Token users must click the Submit button, without typing their code, to be asked security questions.
  • The authentication will be valid for that system within that browser session for eight hours.  Unless you close the entire browser session, close the authenticated browser tabs or log out of any authenticated browser tabs.
  • If you restart your computer, use a different browser, use a private browser window, log in to a different computer, or if eight hours have passed, you will need to authenticate again.
  • If you incorrectly enter your SVSU username and password six consecutive times you will be locked out for ten minutes.

If You Didn’t Initiate the Log In Request

If you receive a notification that your account needs authentication, but you did not initiate the log in, please do not approve the request.  Change your password immediately, then contact the IT Support Center.

Details

Article ID: 126921
Created
Mon 2/1/21 12:02 PM
Modified
Wed 2/23/22 3:07 PM

Related Articles (9)

The landing page for mfa.svsu.edu displays the MFA account settings menu. From here, you can change your preferred method, phone number, PIN, security questions or activate the mobile app, among other functions.
Instructions on setting up the recommended Mobile App method for MFA.
Should you get a new phone you will need to install and re-activate the Microsoft Authenticator app. Please review your security questions and answers before purchasing a new phone as you will need this information to re-activate the Mobile App.
This method authenticates your account using verification codes generated on the Oath Token.
Use any phone to authenticate. Be sure it is a phone you will regularly have near you when you need to authenticate. We suggest using your cell phone, but you can use your office phone if you know you will be near this phone every time you need to authenticate - which is highly unlikely.
MFA - Change Method to Text Message
MFA Oath Token - Assignment to Individuals
For security reasons implemented by Microsoft and SVSU all 3rd Party mail applications including: mobile device mail, and Apple Mail, and Thunderbird are unable to get SVSU Email and are not supported. Below are instructions for removing legacy Email settings from your phone or Mac OS computer. For the best user experience and security, use the instructions below to get Email and Calendar access using the Microsoft Outlook app.
SVSU uses a Self-Service Password Reset system to make it easy to recover your password if you ever forget it. To ensure you never lose access to your account, you must first register to be part of the password reset system. Registering will enable you to reset, unlock, or change your password without having to contact the SVSU IT Support Center.