MFA for Students

Multi Factor Authentication for Students

TL;DR Have your phone ready and go HERE to enroll in MFA so you can protect your accounts and personal information. Take me to the FAQ.

Why is Multi Factor Authentication (MFA) important?

Passwords alone are no longer enough of a barrier to protect accounts, information in them, or the transactions you can conduct with it.

What is Multi Factor Authentication?

Multi factor authentication, also known as two-factor authentication (2FA) is a challenge/response form of authentication that relies on at least 2 factors to validate you are the owner of the identity you are claiming. We are all familiar with single factor authentication, the traditional username and password combination. MFA relies on something you know, like a password, and something you have or something you are. Something you have may be a phone or a code generating token associated with your account. Something you are may be a fingerprint, facial recognition scan, or iris scan; also known as biometrics. 

How does it work?

The CSU is using Duo Security as the provider of the MFA services. More information on Duo

Who needs to use MFA?

Anyone who would like to protect their personal information, communications, or ensure they are the only one who can use their account to conduct business with the University. Individuals with access to sensitive data of others will need to use MFA to log into systems or services hosting the data. 

What do I need to think about before setting up MFA?

You will need to decide how you want to authenticate with a second factor and what it will be. You can use a smartphone, cellphone, or passcode generating token. The videos below give an overview of how the second factor options you have work. They are listed by device type you may have.

Option 1: smartphone or tablet

Authenticate with Duo Push

Authenticate with mobile passcodes

Get the Duo Mobile app from your app store.

Apple App Store link to Duo Mobile app Get the Duo Mobile app on Google Play

Option 2: Cellular phone or landline

Authenticate with phone callback

Option 3: SMS enabled cellphone

Authenticate with SMS

Option 4: Code generating token

Authenticate with Hardware Token

You will need to contact the OIT Support Center before enrolling. You can email them HERE and they will get back to you or call 209-667-3687.

Where can I set up MFA?

If you are using the app on a smartphone or tablet, a cellphone, or landline to enroll and enable MFA on your account:

Step 1. go to: https://identity.csustan.edu/enrollmfa/

Step 2. Log in with your Warrior ID and follow the steps to set up a device.

If you need a hardware token, contact the OIT Support Center before enrolling. You can email them HERE and they will get back to you or call 209-667-3687.

FAQ

What should I know or have before I start the enrollment process?

  • SMS capable phone, 
  • the Duo Security app, or 
  • a code generator token

Students who do not have a cellular phone can get a code generating token issued by OIT.

What if I do not have an iOS or Android device?

SMS messages, vioce calls or a code generating token are alternative options to the Duo supported mobile app options.

How much does the app cost?

It is free for download and use.

Do I have to do MFA for everything?

With the CSU's continued focus on securing level 1 data and ensuring the security of business transactions once enabled on your account you will need to use MFA at all services that currently support it.

Which services support MFA?

All services using the Stanislaus State Warrior Sign In page and Office 365 support the use of MFA to secure logins.

If I use the iOS or Android app can I use it for other services that support MFA?

Yes, there are other organizations and services that use MFA from the Duo Security or support the one-time PINs the app generates. You can use the app with those organizations or services if you would like. For support related to the Duo app 3rd party services you should reach out to the service provider.

What if I lose access to the device I setup for MFA?

We recommend you set up two devices capable of being used for MFA. A cellphone and a desk or home phone. This will allow you backup access to remove or add a new device in the event your primary device is lost, stolen, or inoperable.

If you have not set up a second device, please go to OIT Support in LX11 for assistance or call them at 209-667-3687.