293
Multi-Factor Authentication (MFA)
This guide provides step-by-step instructions for downloading and installing the FREE Microsoft Authenticator app on your mobile device. It also walks you through setting up Multi-Factor Authentication (MFA) for your M365 account using only your mobile device, without needing access to a computer. Additionally, this guide covers how to add and manage password recovery and MFA verification methods.
We recommend setting up at least three methods for account recovery and verification: the Microsoft Authenticator app (for MFA), a mobile phone (for MFA and password recovery), and a personal email address (for password recovery). Having all three ensures continued access to your account in case of travel or if you lose access to Wi-Fi or cell service.
Contents
Installing the Microsoft Authenticator App
Instructions if you are reading on an iOS device
Instructions if you are reading on an Android device
Instructions if you are reading on a computer
Setting up Multi-Factor Authentication (MFA) for M365
Setting up the Microsoft Authenticator App using Mobile Phone/Device only
Adding Backup Multi-Factor Authentication (MFA) Methods
Choosing a preferred method of Multi-Factor Authentication (MFA) for M365
Sign in experience with the Microsoft Authenticator app (recommended for MFA)
Sign-In Experience with Phone Call Verification
Sign in experience with a text message
Sign in experience with an alternate method
Using Authenticator App without Cell Service
Setting up Authenticator App on a new phone
Updating Security Info for password recovery and MFA verification
To access your security info sign-in methods
Phone, Alternate phone, and Office phone
Preparing Before You Travel Abroad
Cybersecurity Tips for International Travel
Warning: Make sure to choose the "Microsoft Authenticator" app, offered for free by Microsoft Corporation. Be cautious of other apps with similar names or icons, as they are not the official, trusted Microsoft app.
Icon for the Microsoft Authenticator app provided by the Microsoft Corporation.
This is a FREE app - do not pay for an app for this purpose.
Jump to the appropriate section:
- Instructions if you are reading this on the iOS device where you want to install the app
- Instructions if you are reading this on the Android device where you want to install the app
- Instructions if you are reading this on a computer - note that you must have your iOS or Android device available to complete the steps
AFTER you finish installing the Microsoft Authenticator app, then see instructions for MFA: Setting up Multi-Factor Authentication (MFA) for M365.
Step 1 - Visit the Download Microsoft Authenticator app - Microsoft.com page
Step 2 - In the Apple section, click the blue Get the app button
Step 3 - You should be in the iOS App Store on your device with a button to Get/Install/Update/Open the Microsoft Authenticator app. Click the button to get (or install or update or open) the app.
Step 4 - If prompted, choose to Allow Camera Access so the Microsoft Authenticator app can scan QR codes.
Note: If you leverage the Apple Face ID feature on your iOS device, you may also be prompted to add or allow Face ID for the "Microsoft Authenticator" Application. Use of Face ID is optional, and if chosen may require you to scan a 2nd QR code or to input a code provided by Apple.
Outcome
The Microsoft Authenticator app is now installed on your iOS device and ready for use in setting up Multi-Factor Authentication (MFA) for M365. You can also use the app for MFA with other services, such as your bank, personal email, insurance, and more, in addition to the IVCC M365 MFA setup.
Step 1 - In Google Chrome, visit the Download Microsoft Authenticator app - Microsoft.com page
Step 2 - In the Android section, click the blue Get the app button
Note: This link may open in a browser instead of the Google Play Store app and you may see an option to Open in App instead. We recommend that you open the link in the Google Play Store app if possible.
Step 4 - You should be taken to the Google Play Store with a button to Install/Update/Open the Microsoft Authenticator app. Click the button to install (or update or open) the app.
Step 5 - If prompted, choose to Allow Camera Access so the Microsoft Authenticator app can scan QR codes.
Outcome
The Microsoft Authenticator app is now installed on your iOS device and ready for use in setting up Multi-Factor Authentication (MFA) for M365. You can also use the app for MFA with other services, such as your bank, personal email, insurance, and more, in addition to the IVCC M365 MFA setup.
You will need to have your mobile device available in order to complete these steps.
Step 1 - In a web browser on your computer, visit the Download Microsoft Authenticator app - Microsoft.com page or click on the appropriate QR code below:
To install the Authenticator app on an Android device, scan the QR code below or open the download page from your mobile device.
To install the Authenticator app on for Apple iOS, scan the QR code below or open the download page from your mobile device.
Step 2 - Click the Install the app button
Step 3 - In the the Get the app on your phone section, scan the appropriate QR code with your iOS or Android mobile device camera or QR reader app.
Step 4 - Click on the link that appears to open either the iOS App Store or the Google Play Store.
Step 5 - You should be taken to the iOS App Store or the Google Play Store app with a button to Get/Install/Update/Open the Microsoft Authenticator app. Click the button to install (or get or update or open) the app.
Step 6 - If prompted, choose to Allow Camera Access so the Microsoft Authenticator app can scan QR codes.
Outcome
The Microsoft Authenticator app is now installed on your iOS device and ready for use in setting up Multi-Factor Authentication (MFA) for M365. You can also use the app for MFA with other services, such as your bank, personal email, insurance, and more, in addition to the IVCC M365 MFA setup.
Setting up Multi-Factor Authentication (MFA) for your M365 account is simple. We recommend using the free Microsoft Authenticator mobile app, as it offers the smoothest user experience for most users. However, you can choose from several available methods. Before proceeding with the registration steps below, we encourage you to review your options in the section titled Choosing a Preferred Method of Multi-Factor Authentication (MFA) for M365.
Note: These instructions assume you are using a computer. If you do not have access to a computer at this time, follow the instructions here instead - MFA: Setting up Microsoft Authenticator App using Mobile Phone/Device only
Step 1: On your computer, navigate to myaccount.microsoft.com
Step 2: In the Security info section, click on Update Info.
Step 3: Click the Add sign-in method button.
Step 4: Click the "Choose a method" dropdown and select "Authenticator app."
Step 5: If the Microsoft Authenticator app is not already installed on your phone, download and install it now. It's available for free.
- Get the Android version
- For help, see our section on Installing the Microsoft Authenticator App
Step 6: Click Next after the Microsoft Authenticator app is installed on your phone.
Step 7: On your phone, open the Microsoft Authenticator app. Allow notifications if prompted.
Step 8: In the app, click Add account or the Plus Sign +. Select Work or School account and the option to Scan QR Code.
Step 9: If prompted, Allow the Microsoft Authenticator app to Access the Camera.
Step 10: Use the Microsoft Authenticator app on your phone to scan the QR code displayed on your computer screen. Once the code is scanned, click "Next" to continue.
Step 11: If prompted, Allow the Authenticator app to Send You Notifications.
Step 12: On your phone, Approve the test notification from Microsoft Authenticator
Step 13: You're all set and can now use the Microsoft Authenticator app for multi-factor authentication (MFA).
Step 14: We highly recommend setting up one or more backup methods in case your primary method becomes unavailable. Follow the on-screen prompts to add as many backup methods as you prefer from the "Choose a method" drop-down menu. For detailed instructions, refer to MFA: Adding Backup Multi-Factor Authentication (MFA) Methods.
Example: Choose other method(s) for Microsoft MFA
Possible methods include:
- Call my authentication phone
- Text a code to my authentication phone
- Call my office phone
- Notify me through a mobile app (as just set up above)
Check out this section that explains how each MFA method works when using Microsoft resources like Email, Teams, OneDrive, or SharePoint: "Choosing a Preferred Method of Multi-Factor Authentication (MFA) for M365."
Outcome
Users who have set up Multi factor Authentication for M365 will be prompted to MFA periodically when signing into Email, Teams, OneDrive sync, and other M365 tools on both their computers and their mobile devices.
This section provides step-by-step instructions for setting up the free Microsoft Authenticator app for multi-factor authentication (MFA) for Microsoft 365, using only your mobile phone or device. Follow these guidelines if you wish to add the Authenticator app without needing access to a computer.
Step 1: Open your mobile web browser and go to myaccount.microsoft.com Sign in if prompted.
Step 2: Tap on “UPDATE INFO” in the "Security info" tile.
Step 3: On the Security info page, tap the “+” sign to “Add sign-in method”.
Step 4: In the "Add a method" box, tap the “Choose a method” menu.
Step 5: From the pop-out menu, select “Authenticator app”.
Step 6: In the "Add a method" box, tap “Add”.
Step 7: If the Microsoft Authenticator app is not installed, tap “Download now and follow the steps to install it. If the app is already installed, skip to Step 8.
Step 8: Return to the browser page shown in Step 7 and tap “Next”.
Step 9: Tap “Pair your account to the app by clicking this link”, then tap “Open” if prompted.
Step 10: Tap “Next”. You should receive a push notification for approval.
Step 11: Once approved, a screen will appear confirming the notification was successful. Tap “Next” to return to the Security info page. You’re now set up to use the Microsoft Authenticator app for Multi-Factor Authentication (MFA).
Step 12: It’s strongly recommended to set up backup methods in case your primary method is unavailable. Follow the on-screen prompts to add one or more backup methods from the “Choose a method” drop-down menu (refer to Step 3).
For detailed instructions on adding backup methods, refer to MFA: Adding Backup Multi-Factor Authentication (MFA) Methods.
Example of backup methods:
- Call my authentication phone
- Text a code to my authentication phone
- Call my office phone
- Notify me through a mobile app (as set up above)
Outcome
Users who have set up Multi factor Authentication for M365 will be prompted to MFA periodically when signing into Email, Teams, OneDrive sync, and other M365 tools on both their computers and their mobile devices.
This Section provides instructions for adding backup Multi-factor Authentication (MFA) verification methods for your Microsoft M365 account. Please install the Microsoft Authenticator app on your mobile device before you begin the set up steps below. You will find step-by-step instructions in the article on Installing the Microsoft Authenticator App.
For an overview, we recommend this short video of the entire process, also available at Manage security information in My Account | Microsoft Entra ID .
Step 1: In your web browser, go to myaccount.microsoft.com and sign in if prompted.
Step 2: Click on “Update Info: in the "Security info" tile, or select “Security info” from the left-hand navigation menu. You may need to sign in again or complete multi-factor authentication (MFA) if prompted.
Step 3: You will see a list of your current MFA methods. To add a new method, click “Add sign-in method”.
Step 4: From the “Choose a method” dropdown, select the MFA option you want to add, and follow the on-screen instructions.
Here are some possible methods you may see in the list, depending on which methods you have already set up:
- Call my authentication phone
- Send a text code to my authentication phone
- Call my alternate phone (e.g., office or home)
- Notify me through the Authenticator app
For more details on how each method works, you can refer to this article: *Choosing a preferred method of Multi-Factor Authentication (MFA) for M365.*
Step 5: If you want to add more backup methods, repeat Step 3. It's highly recommended to set up the Authenticator app (which works even when your phone lacks internet or service), plus at least one phone-based method (call or SMS).
Outcome
You will now have multiple MFA methods available as backups in case you need them while signing into Microsoft M365 services.
Note: To change your default MFA method, click the “Change” link next to the Default method and select your preferred option from the list. You can also click “Change” or “Delete” for specific methods if needed.
This section aims to inform you about the different Multi-Factor Authentication (MFA) options available for Microsoft 365 Single Sign-On, as well as the anticipated sign-in experience. By understanding these options and choosing the one that best suits your needs, you can simplify the set-up process.
Your sign-in experience for MFA-protected resources will vary based on the authentication method you choose. Options include the Microsoft Authenticator app (recommended), a phone call, or a text message with a code.
Below you will find several MFA verification methods and the expected sign-in experience.
Sign in experience with the Microsoft Authenticator app (recommended for MFA)
Sign in experience with a phone call
Sign in experience with a text message
Sign in experience with an alternate method
To sign in using the Microsoft Authenticator app via push notification:
1. Sign in to an M365 application or service with your username and password.
2. Microsoft will send a notification to your Microsoft Authenticator app.
3. Open the notification on your phone and select "Verify." You will then be signed in.
Note: If your mobile device supports enhanced biometric features, such as Face ID or Fingerprint ID, you may be prompted to use these for additional verification. This feature is optional and provides an extra layer of security to your M365 sign-in process.
Starting February 27, 2023: When responding to an MFA push notification, the Microsoft Authenticator app will present a number. You must enter this number in the app to complete the sign-in. This "Number Matching" feature enhances the security of traditional second-factor notifications.
Signing in with a Verification Code via Microsoft Authenticator App
If you use the Microsoft Authenticator app for verification codes, you’ll see a number under your account name when you open the app. This code updates every 30 seconds to ensure a unique code each time. When prompted for a verification code, simply open the app and enter the code displayed.
Steps to Sign In:
- Sign in to an M365 application or service with your username and password.
- Microsoft will prompt you for a verification code.
- Open the Microsoft Authenticator app on your phone and locate the IVCC code.
- Enter the current code in the designated box on the sign-in page.
Here’s how the two-step verification process works when using a phone call to your mobile or office number:
1. Sign in to your Microsoft 365 application or service with your username and password.
2. Microsoft will place a call to the phone number you have on file.
3. Answer the call and simply press the # key to complete the verification process.
To complete two-step verification using a text message on your mobile phone:
Sign in to your Microsoft 365 application or service with your username and password.
Microsoft will send a text message to your phone containing a verification code.
Enter the verification code in the designated field on the sign-in page to complete the process.
If you don't have access to the phone or device you set as your preferred verification method, it's important to have backup options set up for your account. The next section explains how to sign in using an alternate method if your primary one is unavailable. Keep in mind that the exact wording you see may vary depending on the Multi-Factor Authentication (MFA) method you've selected as your default.
1. Sign in to a Microsoft 365 application or service with your username and password.
2. Select a link such as "Use a different verification option," "Sign in another way," or "I can't use my Microsoft Authenticator app right now." The options available will depend on the methods you've set up.
3. Choose an alternate method and complete the sign-in process.
You may find yourself in a situation where you have a weak or no signal to your cell phone or cannot receive notifications. For those situations, you can use Microsoft Authenticator App’s One-time password code feature.
NOTE: These instructions only apply if you have already installed the Microsoft Authenticator app and added it as a security method for your M365 Account. See Setting up Multi-Factor Authentication (MFA) for M365 for instructions to set up the Microsoft Authenticator app for MFA.
Step 1: Sign in to the service you want to access, which is protected by M365 MFA (e.g., email, Teams, etc.).
Step 2: If Microsoft Authenticator - notification is set as your default MFA method, click or tap "I can't use my Microsoft Authenticator app right now." If it is not your default method, proceed to Step 3.
Step3: From the list of options to Verify your identity, click or tap on Use a verification code.
Step 4: On your mobile device, open the Microsoft Authenticator app. Tap on the IVCC Account line.
Step 5: Find the One-time password code in the app. Also note the count-down timer (marked in yellow) - the code resets every 30 seconds, so if the timer is nearing zero, wait for the next code in a few seconds.
Step 6: Back in your browser, type the code from the app in the Enter Code prompt and click Verify.
Outcome
You will be signed into the service you logged into at Step 1.
This section provides instructions for setting up Multi-factor Authentication (MFA) for your M365 account on a new or different phone device. This is for use when replacing a phone (or mobile device) that was already set up with both:
- the Microsoft Authenticator app for use with MFA for M365 at IVCC
- See Setting up Multi-Factor Authentication (MFA) for M365 if you need to set up Microsoft Authenticator for MFA for the first time.
- plus at least one backup method.
- See Adding Backup Multi-Factor Authentication (MFA) Methods to add a backup method.
After you have two or more MFA methods and have your existing phone number ported to a new phone or device, then you are ready to follow these steps.
Important: If you did NOT have a backup MFA method on your old phone, then you must call the Help Desk or visit in person to set up the Microsoft Authenticator app on your new phone.
First: Please install the app on your new phone or device before you begin the set up steps below. You will find step-by-step instructions in the section Installing the Microsoft Authenticator App.
For an overview, we recommend this two-minute video of the entire process, also available at How to set up authenticator on a new phone.
Step 1: On your computer, open a web browser and navigate to myaccount.microsoft.com .
- If you're already signed in, proceed directly to Step 2.
Step 1A: If you see the Microsoft Sign-In page, enter your college email address in the format [email protected] (e.g., [email protected] ).
Step 1B: Enter your current password when prompted.
Step 1C: If asked to authenticate with the Microsoft Authenticator app, select “Sign in another way” or “I can’t use my Microsoft Authenticator app right now”.
Step 1D: Choose one of your backup authentication methods, such as receiving a text message or phone call on your new phone with the same phone number as your old one.
Important: If you did NOT have a backup MFA method on your old phone, then you must call the Help Desk or visit in person to set up the Microsoft Authenticator app on your new phone.
Step 1E: Verification
- Enter the verification code received by text message or phone call and click “Verify”.
Step 2: Update Security Information
- Click “UPDATE INFO” on the :Security Info” tile.
Step 3: Remove Old Device Registration
- Locate “Microsoft Authenticator” in your list of methods, then click “Delete”.
- Confirm deletion to remove the app registration from your old device.
Note: If multiple Microsoft Authenticator entries appear, delete the one linked to your old phone's model or device name (shown in the second column).
Step 4: Add a New Sign-in Method
- Under “Security Info”, click “Add sign-in method”.
Step 5: Select Authenticator App
- In the “Choose a method” drop-down, select “Authenticator app”.
Step 6: Install Microsoft Authenticator (if not already installed)
- If needed, install the Microsoft Authenticator app on your phone:
- For help, refer to the guide on Installing the Microsoft Authenticator App.
Step 7: Continue Setup
- Click “Next” once the Microsoft Authenticator app is installed on your phone.
Step 8: Open Authenticator App
- Open the Microsoft Authenticato app on your phone. Allow notifications if prompted.
Step 9: Add Your Work or School Account
- In the app, select “Add account” or tap the “+” icon, choose “Work or School account”, and select “Scan QR Code”.
Step 10: Allow Camera Access
- If prompted, allow the app to access your phone’s camera.
Step 11: Scan QR Code
- Use your phone to scan the QR code displayed on your computer screen, then click “Next”.
Step 12: Enable Notifications
- If prompted, allow the Authenticator app to “Send Notifications”.
Step 13: Approve Test Notification
- On your phone, approve the test notification from Microsoft Authenticator.
Step 14: Setup Complete
- Your Microsoft Authenticator app is now set up for MFA.
Step 15: Add Backup MFA Methods
- To prepare for any issues with your primary method, add backup methods from the “Choose a method” drop-down. Possible backup methods include:
- Call my authentication phone
- ext a code to my authentication phone
- Call my office phone
- Notify me through a mobile app
For details, refer to the guide on Choosing a preferred method of Multi-Factor Authentication (MFA) for M365.
Outcome
Your MFA for M365 is now configured on your new device. You may be prompted for MFA periodically when signing into M365 tools like Email, Teams, OneDrive, and others).
This section guides you on adding and managing password recovery and MFA verification methods. We recommend setting up at least the Microsoft Authenticator App (for MFA), a cell phone (for both MFA and password recovery), and a personal email address (for password recovery). Having these three methods ensures you maintain account access, even during travel or in situations without Wi-Fi or cell phone service.
Use this process to keep your sign-in methods current as you update devices, phone numbers, or email addresses. Keeping your security information up-to-date helps ensure continuous access to your accounts whenever you need it.
For an overview, we recommend this short video, also available at Registering and managing your security info
Step 1: In a web browser, go to: myaccount.microsoft.com and sign in if necessary.
Step 2: Click on UPDATE INFO in the Security info tile.
Step 3: If you've previously configured any sign-in methods, they will be listed here.
Outcome
You have accessed your Security Info sign-in methods.
Step 1: Access the “Security Info”” section where your available sign-in methods are listed.
Step 2: Click “Add sign-in method”. We recommend configuring multiple methods to enhance your account security.
Step 3: From the “Choose a method” dropdown, select an option and click “Add” to begin setup.
Step 4: Follow the on-screen instructions for your selected method. To add additional methods, repeat steps 3 and 4. For detailed guidance, refer to the Specific Method Instructions section below.
Step 5: Once you've added all desired methods, simply leave the “Security Info” page. Going forward, you may be prompted to verify your identity using one of these methods when accessing your account or this page.
Outcome
Multi-Factor Authentication (MFA): You have set up at least two verification methods. We recommend using the Microsoft Authenticator App, in addition to as many other options as possible. Note that “Email cannot be used for MFA”. Self-Service Password Reset (SSPR): You have set up at least two recovery sign-in methods. “Email and mobile phone” are the only options available for password recovery.
Step 1: Access your Security Info sign-in methods.
Step 2: To change a method, click the "Change" link if available.
Step 3: Go through the on-screen instructions for your chosen method. Repeat as necessary. See Specific Method Instructions below.
Step 4: When finished, simply navigate away from the Security Info page. You may need to authenticate using one of your sign-in methods to log into your IVCC account or to access the Security Info page again.
Outcome
You have changed your verification and recovery sign-in methods for Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR). Be sure you maintain the minimum of two methods for both MFA (recommend the Microsoft Authenticator App plus another non-email method) and password recovery (email and mobile phone are the only options).
Step 1: Access your Security Info sign-in methods.
Step 2: To remove a method, click the "Delete" link
Step 3: Go through the on-screen instructions for your selected method. Repeat as necessary.
Step 4 - If necessary, Add additional sign-in methods to be sure you maintain the minimum of two methods for both MFA and password recovery (email or cell phone only).
Step 5 - When finished, simply navigate away from the Security Info page. You may need to authenticate using one of your remaining sign-in methods to log into your IVCC account or to access the Security Info page again.
Outcome
You have removed old verification and recovery sign-in methods for Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR). Be sure you maintain the minimum of two methods for both MFA (recommend the Microsoft Authenticator App plus another non-email method) and password recovery (email and cell phone are the only options).
Microsoft Authenticator App
Strongly recommended for MFA. Requires a mobile device. Not for password recovery.
- Installing the Microsoft Authenticator App
- Setting up the Microsoft Authenticator App using a computer - recommended method
- Setting up the Microsoft Authenticator App using Mobile Phone/Device only
All phone options available for MFA. Cell phone and email are the only options for password recovery. The phone methods all differ slightly:
- Phone: Can receive a passcode via SMS text or automated call, i.e. cell or mobile phone - for both password recovery and MFA
- Alternate phone: Can confirm login via automated call, i.e. land line - for MFA only
- Office phone: Can confirm login via automated call, and phone number can include an extension - for MFA only
Steps to set up a phone method:
- To configure an international phone number, select the country from the drop-down list. This adds the country code automatically, so you do not need to type it.
- Enter your full phone number with area code or city code (no country code).
- Select "Text me a code" to enable both SMS Text and automated calls.
- Click "Next" and follow the prompts on screen and/or through the phone to verify this method.
- If you chose "Text me a code", you will have to find the text with a 6-digit code, then type that code on the "Enter code" screen.
- If you chose an automated call, you will have to answer the phone and press the # sign on the phone when prompted.
- You will see confirmation that your phone was registered successfully and this method will appear in your list of sign-in methods.
This is an example of what you would see when setting up the Phone method:
Essential for password recovery. Not for MFA. Email and cell phone are the only options for password recovery.
Steps to set up the Email method:
- Type your personal, non-school email address in the "Enter email" box. Use an email address you will be able to access even if you cannot log into IVCC. Click "Next".
- You will see a screen labelled "Email" that says "We just sent a code to <your personal, non-school email address>" with a box to "Enter code".
- Go to your personal, non-school email and find the "IVCC account email verification code" message from Microsoft on behalf of IVCC. Open the message to see the 6-digit code. Write down the code if necessary. Note: if you do not readily find the message, check your spam or junk mail folders.
- Go back to the "Email" screen and type the 6-digit code into the "Enter code" box, then click "Next".
- You will see confirmation that Email was successfully registered and this method will appear in your list of sign-in methods.
IVCC will never ask for your password in an email or form.
Do's
- Use strong passwords.
- Use a different password for each account, even for IVCC accounts that use the same username.
- Change your passwords every 90 days in accordance with IVCC Password Policy found at Campus Technology Information
Don'ts
- Don't share your passwords with anyone, ever.
- Don't write your username and password on a post-it note under your keyboard or on your monitor.
- Don't write down your username and password in the same place, or at all.
- Don’t use iterative passwords (JohnDoe1, JohnDoe2, etc.)
- Don’t use easily guessed password schemes (numbers or special characters used only at the beginning or end like 11Aloha, 1Aloha1, Aloha11, Aloha!!, !!Aloha)
Methods for Creating a Strong Password
To protect your information and the University, create a strong, unique password for each account you use at IVCC. Strong passwords have the following characteristics:
- Length: Use a password that is 14-64 characters. The longer, the stronger!
- Passphrase (not password): Use a passphrase that combines several words into a phrase that is easy for you to remember like "I love mt chocorua" or "ilovemtchocorua"
- Use the Entire Keyboard: Using uppercase and lowercase letters, numbers, and symbols increases the complexity and therefore the strength of a password. You can strengthen the passphrase above by injecting this kind of additional complexity "ILoV3MtC[]c0ra".
- Avoid Dictionary Words or Popular Phrases: Avoid using words found in the dictionary as part of your password or passphrase. For example, in the example above, removing the spaces and changing the "e" in love to a "3" allows use of the word "love" without actually using the word as it would be found in the dictionary. Avoid using common or popular phrases which are easily guessed (IE: "May the force be with you",).
Traveling Internationally? Don’t Lose Access to Your IVCC Resources!
Before heading abroad, follow these steps to ensure you maintain access to essential IVCC resources, including Outlook email, Brightspace, OneDrive, Self-Service, and more. These tips are for students, faculty, and staff across all IVCC.
Many of these resources are protected by Multi-Factor Authentication (MFA), so it’s a good idea to set up multiple MFA methods. This way, if one method isn’t available, you’ll have a backup to help you log in.
SMS Text: While convenient, SMS may not work if you’re using a different phone, SIM card, or are out of cell service range during travel.
Microsoft Authenticator Mobile App: This app can generate an MFA code even when you’re offline, without cell or Wi-Fi coverage.
Set Up Backup MFA Methods: Having multiple MFA options will make sure you can access your IVCC resources whenever you need them while abroad.
Lastly, ensure your password remains active. Changing it shortly before travel helps ensure it meets current policies and works seamlessly across your devices and applications.
The Microsoft Authenticator app:
- works on both tablets and phones.
- can give you an MFA code even without WiFi or cell service.
- can be installed on multiple devices (e.g. both phone and tablet).
Installing and setting up the app BEFORE you travel ensures you will be able to get an MFA code when you need it, as long as you have access to a device where it's set up.
Task 1: Install and set up the Microsoft Authenticator app for MFA
Step 1: Installing the Microsoft Authenticator App
Step 2: Set up the Authenticator app for MFA
Step 3: Repeat this task for each mobile device that you want to set up with the Microsoft Authenticator app
Task 2: Confirm your backup MFA methods and confirm you have access to them
Step 1: Confirm your Backup Multi-Factor Authentication (MFA) Methods
Step 2: Test your Microsoft MFA sign-in methods
- Open an incognito/private browser window and sign into portal.office.com
- You will see your Default sign-in method along with a message "Having trouble? Sign in another way".
- To test a different method, click the link to Sign in another way, then choose the method you want to test.
- Follow the prompts to sign into portal.office.com
- Repeat these steps in a new incognito/private browser window until you have tested all your backup methods and confirmed they work.
- If any method doesn't work, delete it. Add more backup methods if needed.
Outcome
You have backup methods of Microsoft MFA available if you need them.
Task 3: Change your password the week before you leave.
Attention Faculty & Staff with University-Issued Laptops: Please change your password only while on campus or connected to VPN. Changing it off-campus without a VPN connection may result in your laptop being locked out, requiring a visit to campus to sync.
Step 1: Browse to myaccount.microsoft.com and sign in with your current username and password.
Step 2 - Click CHANGE PASSWORD.
Step 3 - Go through the screens to set a new password.
Step 4: Lock your computer and log in with your new IVCC Password
a. If you are On Campus (any) on a wired connection or connected to the IVCC Wireless Network:
- Lock your computer (Ctrl+Alt+Del > Lock). Do not restart your computer yet
- Unlock computer using your NEW IVCC Password
- Reboot your computer and log in with your NEW IVCC Password
b. If you are Off Campus:
- Log in to your computer with your OLD IVCC password.
- Connect to the (GlobalProtect VPN) with your NEW IVCC password. See GlobalProtect VPN: General Information and Resources for more information.
- Lock your computer (Ctrl+Alt+Del > Lock). Do not restart your computer yet.
- Unlock computer using your NEW IVCC Password.
- Reboot your computer and log in with your new IVCC Password.
Outcome
You have changed your IVCC password. IVCC Password Policy requires a change once per 90 days though certain circumstances may force you to change your password earlier.
Task 4: Test your new password with MFA
Step 1: Practice signing into the resources you expect to use while traveling, to be sure you are able to use your new password and the Microsoft Authenticator app as an option for each resource on every device you plan to use while traveling.
Outcome
You are able to use your new password and the Microsoft Authenticator app as an MFA option to access any of your IVCC resources on any of your devices.
When traveling, you may switch SIM cards or use a different phone. Microsoft MFA supports international phone numbers, so you can add your travel phone as a convenient MFA sign-in method for your trip. The Microsoft Authenticator app remains available as a backup in case your registered phone number(s) aren’t accessible or lack coverage.
Important: The phone you want to add must be with you and have service. These steps only work if you can use this phone during the process.
Step 1 - In a web browser, go to: myaccount.microsoft.com and sign in if prompted.
- If prompted by Microsoft to Pick an account, be sure the account you choose has your username@IVCC.edu Enter your current password on the next screen.
- If a generic Microsoft Sign in screen asks for your "Email or phone", enter your username@IVCC.edu then enter your current password on the next screen.
- If required, verify your identity with one of your multi-factor authentication (MFA) sign-in methods.
Step 2 - Click on UPDATE INFO in the Security info tile or click Security info in the left navigation bar. Sign in or MFA again if prompted.
Step 3 - You will see a list of your existing MFA sign-in methods. Click Add sign-in method.
Step 4 - Choose Phone, Office phone (voice only), or Alternate phone and click Add.
If there are no phone options under Add sign-in method, then you will have to Change one of your existing phone entries instead. Choose which listed phone you want to replace and click Change next to that number.
Step 5 - Fill in the Phone options:
- Choose the country of the phone number you are adding from the drop-down list
- Type the new phone number in the box
- Choose Text me a code to get an SMS Text message with a numerical code OR
- Choose Call me to get a phone call and press # to confirm
- When ready, click Next to proceed
Step 6 - Using the phone you are adding:
- If you selected Text me a code, open the text and type in the code where requested
- If you selected Call me, answer the call and press # when requested
Outcome
You have added a new or different phone to your list of MFA methods.
Traveling internationally presents unique cybersecurity challenges and potentially increased risks. The recommendations below can help IVCC community members safeguard both institutional and personal data.
- Review the U.S State Department’s Alerts and Warnings web page for any travel advisories.
- Learn more about the destination you are visiting on the U.S. Department of State Country Travel Information page. Educate yourself on local laws, regulations, and security information. Locations with a higher risk of data and identity theft may require specific actions to be taken in advance.
- Be aware of any U.S. export control regulations that may exist for your travels.
- Conduct a full backup of data as an extra precaution in case your device is stolen or lost.
- Do not store sensitive, protected, or restricted data on a device unless it is absolutely necessary.
- Enable MFA wherever possible and use strong passwords.
- Make sure your device’s operating system is up to date, as well as any applications on your device.
- Consult with the IT Help Desk if you have any questions or need assistance preparing for a trip.
- Notify your bank and/or financial institutions of your international travel plans. This can minimize the risk that the bank may suspect the charges are fraudulent and freeze the account.
- Do not open attachments or click links from unknown sources.
- Be aware of public wireless networks, such as those found in airports, restaurants, and hotels. Verify the network’s name that you are connecting to and make sure it is legitimate. Attackers can spoof Wi-Fi network names to capture data. Avoid conducting activities on public wireless networks that involve your personal data.
- Never leave your device unattended.
- Disable wireless and Bluetooth when not in use.
- Use a non-privileged account wherever possible.
- Only visit trusted websites that are encrypted (make sure the URL begins with HTTPS).
- Avoid using publicly accessible devices. When you use a public computer, any credentials you enter may be captured and at risk of compromise.
Federal Communications Commission: Cybersecurity Tips for International Travel
FTC Consumer Advice: Common Travel Scams
