12 Days of Christmas
Azure AD multifactor authentication (MFA) helps safeguard access to data and apps while maintaining simplicity for users. It provides additional security by requiring a second form of verification and delivers strong authentication through a range of easy-to-use validation methods.
What does Azure AD Multifactor Authentication (MFA) protect?
Requiring two modes of authentication helps DCU protect:
- Your DCU Apps accounts
- DCU Pulse VPN
- Your privacy from cyber criminals
- You from cyber fraud
- Phishing attacks
- Digital deception that may exploit compromised usernames and passwords.
Azure AD Multifactor Authentication (MFA) requires 2 modes of authentication.
Once you’re enrolled in MFA, you can log in using your DCU email address and password, then confirm your identity using the MFA app on your smartphone.
Two modes of authentication include:
- Something you know: - unique email address and password.
- Something you have: - smartphone with an app to approve authentication requests.
Benefits of MFA
MFA protects your account and your data.
To gain access to your account, an attacker would need your passphrase as well as the physical device you use with MFA. If all the attackers have is your password, they can’t get in. If they somehow obtain your smartphone, they would still need your passphrase. In other words, one factor can fail, and the other will still protect you.
MFA protects DCU.
MFA provides improved security for DCU data assets, including accounts, applications and websites.
Get the app on your phone
Scan the QR code with your Android or IOS mobile device.
How to register for Azure MFA
Step 1
Sign into your DCU APPs account with your email address.
Step 2
Enter your DCU password.
Step 3
Install the Microsoft Authentication app on your mobile device. If you haven’t already installed the Microsoft Authenticator app, this can be done by scanning the QR codes above or by clicking on the relevant button above from your mobile device.
Step 4
Open the authenticator app and click on the + symbol located at the top right odf the home screen. This will open the Add Account screen. Click on Work or School A/c option, then click on the scan QR code option and then click next on the computer.
Step 5
Scan the QR code on the computer with the scanner which should now be open on the Authenticator App and click on the next button to proceed.
Step 6
A notification is sent to the Microsoft Authenticator app on your mobile device, to test your account. Approve the notification in the Microsoft Authenticator app, and then select Next.
Step 7
Your security info is updated to use the Microsoft Authenticator app by default to verify your identity when using two-step verification or password reset.
Step 8
Click on the Done button to complete the registration process.
Frequently asked questions
Your data is used only to protect your key locally. It’s never sent to, or stored in, the cloud.
After you set up the Microsoft Authenticator app, it creates a key on your phone to unlock your account that’s protected by your phone’s PIN or biometric lock. This key is then used to prove your identity while signing in.
Phone sign-in is a type of two step verification where the two steps both happen on the mobile device. You should keep two step verification turned on to help provide additional security for your account.
No. Signing in to your Microsoft account using your phone also counts as two-step verification, so there is no second approval required.
You can always select the Use a passwordinstead link on a sign-in page to switch back to using your password. If you use two-step verification, you’ll still need to use a second method to verify your identity. Microsoft strongly recommends that you have more than one up-to-date verification method associated with your account. You can manage your verification methods for personal accounts from your Security settings page.
For work or school accounts, you can go to your organization’s Additional security verification page or the Keep your account secure page if your administrator has turned on security info. For more information about security info, see Security info (preview) overview. If you can't manage your verification methods, you have to contact your administrator.
For personal accounts, select the Use a password instead link during sign in. Your most recent choice is remembered and offered by default the next time you sign in. If you ever want to go back to using phone sign-in, select the Use an app instead link during sign in.
For work or school accounts, you must either unregister the device from the Settings page of the Microsoft Authenticator app, or disable the device from the Devices & activity area of your profile. For more information about disabling your device from your profile, see Update your profile and account info from the My Apps portal.
A phone must be registered to a single work or school account. If you want to turn on phone sign-in for a different work or school account, you must unregister your account from this device through the Settings page.
For your computer, we recommend signing in using Windows Hello on Windows 10. Windows Hello lets you use your face, fingerprint, or PIN to sign in.