MFA - Authentication Methods

Multi-Factor Authentication (MFA)

Securing your account using MFA is one of the ways to keep unauthorized people from accessing your account. MFA safeguards your data and Saginaw Valley State University by requiring additional information on top of your username and password. Microsoft has updated the authentication process with (i.e.,. Mobile app, phone call, text message, and Oath Token) to better protect your data. You will also see a new sign-in page (image below) when you log into a SVSU service with MFA enforced. 

All previous sign-in methods have migrated to your account. To view or add a new sign in method, visit your MFA Security portal at mfa.svsu.edu 

MFA - Microsoft Sign-In

Verifying your Account - IMPORTANT READ BELOW

Microsoft no longer provides security questions as a method to verify your account. SVSU ITS recommends having more than one sign-in method set up, this ensures backup authentication so you don't get locked out of your account.


Article Sections
Click the links below to take you to the specific topic you want to view.

MFA - Changes to each Sign-in Method

Below is a list of each sign-in method and what has changed. MFA sign-in authentication requires you to confirm your identity in addition to your SVSU password. You can select from different verification option, SVSU ITS recommends to have more than one sign in method enabled on your account.

Important Note: If you had more than one sign in method enabled as an authentication method, they will be seen in your MFA Security Portal. You can manage your sign-in methods or add a new one.

Mobile App

  • NEW UPDATE: After entering your SVSU username and password, there is no longer a PIN, facial recognition, or fingerprint authentication to verify your account. Now, you will see a number on the device you re logging into that you will need to enter in the Microsoft Authenticator app.
  • Requires you to download the app, Microsoft Authenticator, on a smart device.

Phone Call

  • NEW UPDATE: After entering your SVSU username and password, you will receive an automated phone call. Answer the phone and press the pound symbol, #, when prompted to approve your sign-in, a PIN is no longer needed.
  • Requires a phone to authenticate. We recommend using your mobile phone. You can use your office phone but you should have a backup method of authentication set up on your account.

Text Message

  • NEW UPDATE: After entering your SVSU username and password, the 6-digit code received on your phone will need to be entered onto the screen of the device you are logging into to approve your sign-in. You no longer need to respond to the text with your 6-digit code and your 4-digit PIN. 
  • Use a device that has SMS text message capabilities. Note: A Google Voice number does work if you use it as your phone number.
Important Note: The Text message authentication is the least secure. Text messages are not encrypted and can be intercepted by the bad guys.

Oath Token

  • UPDATE: Using an Oath Token works exactly like it did before.
  • An Oath Token is a device, the size of a flash drive, that displays a 6-digit code, on a 30-second rotation.
  • After entering your SVSU username and password, turn on your Oath Token and type the numbers that are displayed on the screen prompt on your computer.
  • SVSU faculty and staff can request their first Oath token for free from the IT Support Center. Replacements must be purchased.
  • Students can purchase an Oath Token from Campus Financial Services.

Signing in with the Microsoft Authenticator app

Using the Microsoft Authenticator app to verify your sign in is the preferred method to confirm your account. When you log into a SVSU service that is enforced with MFA you will need to verify your account. This includes Canvas, mySVSU, Microsoft 365 apps, Adobe, and others. Users must enter the code they see on their device screen into the Authenticator app. 

Setting up the mobile app for the first time? Please download the Microsoft Authenticator app from the App Store or Google Play (phone). If you are on campus, we recommend to be connected to SVSU Secure WiFi. After installing the Authenticator app log into your Microsoft account at portal.office.com then follow these instructions on how to add the Authenticator app as a sign-in method.

MFA Mobile App sign in

On your screen, you will see, "For security reasons, we require additional information to verify your account." A unique number will display on your screen (shown in the sample image below). * Important Note: The number on your screen will expire after 1 minute.

Authenticating using the mobile app

  1. A number will display on your screen. Refer to Figure 1.*
  2. This is the number you will need to type into the Microsoft Authenticator app. 

Important Note: If you forget your phone, you can choose a different verification method (links to section below) to sign into your SVSU account. You must already have another authentication method set up on your account.

 
Figure 1a: Mobile app authentication
Figure 1. Mobile app authentication

Using the Authenticator app

  1. Once you use the Authenticator app as your sign-in method, and type in your SVSU username and password, you will see "Are you trying to sign in?" and a unique number displays on your screen.
  2. At the same time a notification is sent to your mobile device, tap the notification to open the Microsoft Authenticator app. Refer to Figure 2.
  3. Type the number on your screen into the empty text field of the Authenticator window prompt.
  4. Next, tap Yes.
  5. Your sign-in is approved and you are logged into the SVSU service.

 

Figure 2. Screenshots of Microsoft Authenticator mobile app for iOS and Android
Figure 2. Mobile app - iOS (left) and Android (right)

Stop, if you are not trying to sign in

  1. Please tap, No, it s not me if you receive a notification on your device and it s not you trying to sign in. Refer to Figure 3
  2. This will prevent unauthorized access to your SVSU account and protect your information.

 

 

Figure 3. Authenticator mobile app - No, its not me

Figure 3. Mobile app - No, it's not me

Use a Different Verification Option

If your authentication fails or the screen times out, you will see: "We didn't receive a response. Please try again." Don't worry there are other authentication methods you can choose based on what you have set up in your account.

Important Note: It is essential to have multiple sign-in methods set up on your account due to Microsoft's removal of security questions. 
 

Verify your account with another authentication method

  1. On your screen you will see, "For security reasons, we require additional information to verify your account.
  2. Click the link shown in Figure 4, "Use a different verification option."
     

Note: The SMS and phone call sign-in methods are alternate ways you can use to verify your identity. SMS is the least secure, and for the phone call method it should be a number you use regularly. If you have a Google Voice number it does work with SMS and a phone call.  These sign in methods will only work if they are already set up in your Microsoft profile.

 

 
Figure 4. MFA - Use a different verification option
Figure 4. Use a different verification option

Authentication Options to verify your account

Refer to Figure 5.

  • Send notification to my mobile app (same method as above).
  • Use verification code from mobile app or a hardware token.
  • Text me at + xxxx last four digits of your phone number.
  • Call me at + xxxx last four digits of your phone number.
     

Note: There are multiple sign-in methods for authenticating your sign in method. Allowing you to use a mobile app, oath token, SMS, or phone call.

 

 

Figure 5. - MFA authentication options
Figure 5. Authentication options

MFA - Phone call sign in

The phone call sign-in is a two-factor verification that allows you to receive a phone call after you have entered your SVSU login credentials. Use this method if you don t have a smart phone. You can use any phone like your office phone or cell phone however, please consider the following:

  • Mobile device: You need to consider the network strength of your cell phone when selecting phone call as your sign-in method. We do recommend to download and install the Microsoft Authenticator mobile app.
  • Office phone: If your not in your office when you need to sign in, you can choose another sign in method.

Authenticating using a phone call

  1. On your screen, you will see: "We're calling your phone. Please answer it to continue." You will see the last four digits of your phone number. Refer to Figure 6.
  2. When you answer your phone call, you will hear, an automated voice:  "This is Microsoft, if you are trying to sign in press the pound key to finish signing in."
    • DO NOT press the pound key (#) on your phone if you are NOT trying to sign into your account.
  3. Once you tap the pound key, you will hear, "Your sign in was successful." The phone call is automatically disconnected.
  4. Your sign-in is approved and you are logged into the SVSU service.
Figure 6. MFA - Phone call authentication
Figure 6.  Phone call - authentication

MFA - Text sign in

The text sign-in is a of two-factor verification that allows you to receive a text with a code after you have entered your SVSU username and password. Before using text (SMS) as your sign in method, please consider the cell signal on your mobile device. 
 

Important Note: The Microsoft Authenticator app is recommended for verifying your account sign in.
 

Authenticating using Text (SMS)

  1. On your screen, you will see: We've sent a text message with a verification code (the last four digits of your phone number will also display on your screen.)
  2. You will see an empty text field on your screen asking you for the verification code that was sent to your mobile device. Refer to Figure 7.
Figure 7. Text (SMS) authentication
Figure 7. Text (SMS) authentication

Text (SMS) Approve Sign in

  1. Type in the six digit code you received on your iOS or Android device then click, Sign in. Refer to Figure 8.
  2. Your sign-in is approved and you are logged into the SVSU service.
Figure 8. Text (SMS) - Sign in
Figure 8. Text (SMS) - Sign in

MFA - Oath Token sign-in

This method allows you to use the Authenticator app or a hardware token.

A hardware token is a small device that you can carry with you. Both methods provide a secret six digit code that will expire, (see the steps below.)

Important Notes: Using an Oath Token
  • You can request a hardware token from the IT Support Center, it will need to be set up for you to use. If you already had an Oath Token, it is already registered. Note: You can receive 1 free Oath token, a replacement would cost $25.
  • The Microsoft Authenticator app is recommended for verifying your account sign in. While on campus, ensure you are connected to SVSU Secure WiFi.

Authenticating using an Oath Token

  1. On your screen you will see, "For security reasons we require additional information to verify your account. Enter the verification code from your mobile app or hardware token."
  2. Within a few seconds, on your screen you will see an empty text box. This is where you will type in a secret six digit code that you will get from your Oath token.​​​​​​ Refer to Figure 9.
Figure 9. MFA - Oath Token authentication
Figure 9. Oath Token authentication

Oath Token - Screen 

  1. Press the red power button on the Oath Token to generate the six digit code. Refer to Figure 10. *

* This six digit code will expire in 30 seconds. If the code expires press the red power button again for a new code.
Figure 10. MFA - Oath Token press power button to get the secret six-digit code.
Figure 10. Oath token get six-digit code

Oath Token Approve Sign in

  1. Enter the six digit code shown on your Oath Token into the empty box on your screen.
  2. Click Submit. Refer to Figure 11.
  3. Your sign-in is approved and you are logged into the SVSU service.
Figure 11. MFA - Oath Token sign in
Figure 11. MFA - Oath Token sign in

MFA - Change, Remove, or Add a New Sign-in Method

You can modify your sign-in methods inside your Microsoft 365 account, click to view instructions.

MFA - Unable to Sign into your Account?

If you need help authenticating your account or cannot sign in. Please contact SVSU IT Support Center at 989.964.4225 or come to Zahnow Library, 1st (back of the libraryview our support hours.

Back to top

Print Article

Related Articles (3)

MFA - Manage and Secure Your Account
Manage account security information and sign-in methods used to verify your account during MFA and Password Reset.
MFA - Oath Token Method Setup
This method authenticates your account using verification codes generated on the Oath Token.
Multi-Factor Authentication (MFA) Help - Main Page
Multi-Factor Authentication known as MFA, helps ensure a user's identity when attempting to use SVSU software and systems.  It requires SVSU users to verify their account login using two layers of authentication. Without authentication, your log in will fail on any application that uses single sign-on for a SVSU system.