Aka.ms/mfasetup
Aka.ms/mfasetup - How to Setup Multi Factor Authentication
Two-factor authentication (2FA) or Multifactor Authentication (MFA), is an additional authentication method available for accessing all MIT services externally. It is not a replacement of the conventional login page, but rather, an additional layer that helps make it harder for someone to compromise your account.
You will still log on with your usual MIT staff username and password, but in addition to that, you will be asked to confirm login via the Microsoft MFA App. This guide explains how you would register your mobile phone, download the Microsoft MFA APP to log on externally going forward from aka.ms/mfasetup.
What is MFA (Multi-Factor Authentication) ?
MFA is quite simple, and organizations are focusing more than ever on creating a smooth user experience. In fact, you probably already use it in some form. For example, you’ve used MFA if you’ve:
swiped your bank card at the ATM and then entered your PIN (personal ID number).
logged into a website that sent a numeric code to your phone, which you then entered to gain access to your account.
MFA, sometimes referred to as two-factor authentication or 2FA, is a security enhancement that allows you to present two pieces of evidence – your credentials – when logging in to an account. Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint). Your credentials must come from two different categories to enhance security – so entering two different passwords would not be considered multi-factor.
So look at a simple scenario: logging in to your bank account. If you’ve turned on MFA or your bank turned it on for you, things will go a little differently. First and most typically, you’ll type in your username and password. Then, as a second factor, you’ll use an authenticator app, which will generate a one-time code that you enter on the next screen. Then you’re logged in – that’s it!
In most cases it’s even easier than that. Most MFA approaches will remember a device. So if you come back using the same phone or computer, the site remembers your device as the second factor. Between device recognition and analytics the bank is likely performing—such as whether you’re logging in 20 minutes later from halfway around the world—most of the time the only ones that have to do any extra work are those trying to break into your account.
Benefits of using aka.ms/mfasetup
MFA helps protect you by adding an additional layer of security, making it harder for bad guys to log in as if they were you. Your information is safer because thieves would need to steal both your password and your phone. You would definitely notice if your phone went missing, so you’d report it before a thief could use it to log in. Plus, your phone should be locked, requiring a PIN or fingerprint to unlock, rendering it even less useful if someone wants to use your MFA credentials.
When should you use Multi Factor Authentication?
Stopping all online crime is not a realistic goal, but simple steps can massively reduce the likelihood you’ll be the next victim.
You should use MFA whenever possible, especially when it comes to your most sensitive data—like your primary email, your financial accounts, and your health records. While some organizations require you to use MFA, many offer it as an extra option that you can enable—but you must take the initiative to turn it on. Furthermore, if a business you interact with regularly, say your health organization, wants to provide you with convenient online access to health records, test results, and invoices, but only offers a password as a way to protect that data, consider saying: ‘no thanks, not until you provide MFA to secure my information.’