Multi Factor Authentication for Students
Why is Multi Factor Authentication (MFA) important?
Passwords alone are no longer enough of a barrier to protect accounts, information in them, or the transactions you can conduct with it.
What is Multi Factor Authentication?
Multi factor authentication, also known as two-factor authentication (2FA) is a challenge/response form of authentication that relies on at least 2 factors to validate you are the owner of the identity you are claiming. We are all familiar with single factor authentication, the traditional username and password combination. MFA relies on something you know, like a password, and something you have or something you are. Something you have may be a phone or a code generating token associated with your account. Something you are may be a fingerprint, facial recognition scan, or iris scan; also known as biometrics.
How does it work?
The CSU is using Duo Security as the provider of the MFA services. More information on Duo
Who needs to use MFA?
Anyone who would like to protect their personal information, communications, or ensure they are the only one who can use their account to conduct business with the University. Individuals with access to sensitive data of others will need to use MFA to log into systems or services hosting the data.
What do I need to think about before setting up MFA?
You will need to decide how you want to authenticate with a second factor and what it will be. You can use a smartphone, cellphone, or passcode generating token. The videos below give an overview of how the second factor options you have work. They are listed by device type you may have.
Option 1: smartphone or tablet
Authenticate with Duo Push
Authenticate with mobile passcodes
Get the Duo Mobile app from your app store.
Option 2: Cellular phone or landline
Authenticate with phone callback
Option 3: SMS enabled cellphone
Authenticate with SMS
Option 4: Code generating token
Authenticate with Hardware Token
You will need to contact the OIT Support Center before enrolling. You can email them HERE and they will get back to you or call 209-667-3687.
Where can I set up MFA?
If you are using the app on a smartphone or tablet, a cellphone, or landline to enroll and enable MFA on your account:
Step 1. go to: https://identity.csustan.edu/enrollmfa/
Step 2. Log in with your Warrior ID and follow the steps to set up a device.
If you need a hardware token, contact the OIT Support Center before enrolling. You can email them HERE and they will get back to you or call 209-667-3687.
What should I know or have before I start the enrollment process?
- SMS capable phone,
- the Duo Security app, or
- a code generator token
You can use MFA using the Duo Mobile app from the app store, a SMS, or voice capable phone (toll charges may apply for SMS or voice calls). If you don't have a smartphone you can request a token by contacting the OIT Support Center before enrolling in Duo. If your cellular plan had a cap on SMS messages or call minutes, charges per message SMS fees, or per minute charges for voice calls the token and app avoid these and may be the best option to avoid additional costs. If you need assistance making a choice between the MFA options, please reach out to the OIT Support Center and we can walk through the choices based on your needs. Students with accessibility needs can be accommodated by contacting OIT or DRS
What if I do not have an iOS or Android device?
SMS messages, vioce calls or a code generating token are alternative options to the Duo supported mobile app options.
How much does the app cost?
It is free for download and use.
Do I have to do MFA for everything?
With the CSU's continued focus on securing level 1 data and ensuring the security of business transactions once enabled on your account you will need to use MFA at all services that currently support it.
Which services support MFA?
All services using the Stanislaus State Warrior Sign In page and Office 365 support the use of MFA to secure logins.
If I use the iOS or Android app can I use it for other services that support MFA?
Yes, there are other organizations and services that use MFA from the Duo Security or support the one-time PINs the app generates. You can use the app with those organizations or services if you would like. For support related to the Duo app 3rd party services you should reach out to the service provider.
What if I lose access to the device I setup for MFA?
We recommend you set up two devices capable of being used for MFA. A cellphone and a desk or home phone. This will allow you backup access to remove or add a new device in the event your primary device is lost, stolen, or inoperable.
If you have not set up a second device, please go to OIT Support in LX11 for assistance or call them at 209-667-3687.