Configuring and Using Office 365 Multifactor Authentication

Overview

In order to further secure your FalconNet account, Cedar Crest has begun enrolling accounts into FalconNet Multifactor Authentication for Office 365.  Multifactor authentication requires that you know your username, your password, and verify your login via another method.

Once your account has been enrolled, you still have to configure your account for access via a secondary method of authentication.

Multifactor Authentication Currently only impacts the following systems:

  • Office 365 including:
    Outlook (Email)
    Teams
    Stream
    OneDrive
    OneNote
    Tasks
    Planner
    Bookings (Configuration only)
    Sharepoint
    Forms
    ...and other related Office 365 resources.
    Additional systems will be added periodically.

Directions to Configure Your Account

Once your account is enrolled, you will be unable to sign in to any related accounts until you complete the configuration.  To do this, follow these steps:

Once you are registered/enrolled, here's how you reset your password!

  1. ​Open a web browser and go to https://aka.ms/mfasetup (works on phones, too!)
  2. Next, sign in with your FalconNet email address and password.
  3. You then are shown a screen similar to the one below.  Here is what the parts of this screen do:
    - App Passwords: sets up static, secure passwords for specific applications that do not support MFA.  An example of this is the built-in Apple Mail app on iPhones.  If you need to set up an App Password, click here for instructions.
    - What is your preferred option: This is where you select how you want to be notified to confirm a login attempt.  Your options are: text, phone call, authenticator app on your smartphone (iOS or Android).  This will be the way the system defaults to approving your login or sending the code.
    - How would you like to respond: Here you setup your secondary authentication mechanisms.  You can enter your cell phone for text messages, an office phone (voice call), a secondary voice call number, or authenticator app


     
  4. What's your preferred options explained:
    - Notify me through the app: Will send a push notification to the Authenticator app on your smartphone
    - Call my authentication phone: Will voice call the phone number indicated in the authentication phone field
    - Text code to my authentication phone: Will send a text message to the phone number indicated in the authentication phone field
    - Call my office phone: Will call the phone number in the Office phone field
    - Use verification code from app or token: will generate a code or token within the Authenticator app that you can input for authentication.

     
  5. Select the options you would like to use.  You can choose all of them if you wish, but you must select at least one.  Note: if you only choose one, we highly recommend text messaging via your cell phone.  This is similar to many other services that require multifactor authentication.  It is suggested that if you are not using the Authenticator appthat you also input a voice number that is not your cell phone as an emergency authentication mechanism.
  6. The Authenticator App option is the fastest way to approve a login attempt.  This requires that you have an Apple iOS or Android device to work.  If you wish to set this up, click the check box and then click Set up Authenticator app.
  7. Once you click on the Set up button, you will see this screen:


     
  8. If you are on your mobile device, you can tap the type of mobile device you have and it will open the Authenticator app in your app store.  If you are not, you can navigate to your app store, download the Microsoft Authenticator app.  Once you have downloaded the app, follow the instructions on the screen to complete the setup.
  9. Once you have completed the app setup, you will see your Cedar Crest account listed.

Using Multifactor Authentication Methods

Once your account is enrolled and set up, you will be able to sign in to your FalconNet account in Office 365 and related resources (see list above).  Authentication is only necessary when you are logging in via a web browser, using a new device, or have not signed in to the application in the last 90 days.  In other words, once you authenticate Outlook 2016 or 2019, it will remember that for up to 90 days.  But if you are signing in to Outlook in Chrome or Edge, it will ask each time.

  • If you enrolled in the Authenticator app as your primary method of MFA, when you try to login to an Office-related resource, you will receive a notification on your smartphone.  When you see it, tap the notification, then tap Approve.  Within moments, you will be connected to the service you were trying to access. 
  • If you are enrolled with a voice call back (office phone, alternate phone), within a 2-3 minutes, you will receive a call.  The computer voice will read you a 6 digit code that you will need to put in to complete authentication.
  • If you are enrolled in the authentication phone text messaging, within 1-2 minutes you will receive a text message on your phone.  You will need to input that into the box that looks similar to below to complete authentication.


     
  • If you do not have access to the primary method of authentication, you can click Sign in another way to choose a secondary option that you have previously configured in the steps above. 

Details

Article ID: 132807
Created
Mon 6/21/21 3:20 PM
Modified
Mon 6/21/21 3:48 PM