Utah State University utilizes Microsoft Multifactor Authentication to better defend against increasing social engineering cyberattacks, meet new regulatory requirements, and more economically extend safeguards for sensitive data to all University groups.
Students, Faculty, Emeriti, & Staff
If not already setup, you will be required to configure Multifactor Authentication at login.
If your Multi-Factor Authentication (MFA) was set up on a device you no longer have, please reach out to our service desk for assistance, unless you have already setup a second authentication method.
Benefits For All Users
Benefits include:
- Added protection against identity theft
- Better data protection of personal and university information
- No annual password expiration
- Easier ability to update your password when desired
Helpful resources while you set up your Microsoft MFA for USU:
Steps to Configure MFA
A video tutorial is available to assist you in implementing the following steps.
Link your account
On a desktop, laptop, or tablet, visit usu.edu/mfasetup OR while logging into your account
- Log in with your A#@aggies.usu.edu and strong password
- Select Next to provide more information
- Select Next when prompted to download the app (this will be done in a later step)
- Select Next to set up your account. A QR code will appear to be scanned later
After completing step 2, be sure to return to your desktop, laptop, or tablet to click Next.
Download the free app
On your cellphone or tablet, go to the app store for your device and download the Microsoft Authenticator app (Apple | Android).
On your mobile device, open the Microsoft Authenticator app. If you have a screen lock enabled on your device, you will need to use it to unlock the app. This can be disabled in your Authenticator app settings.
- Select the + button in the top right corner
- Choose work or school account
- From the pop-up, select scan QR code and scan the code from your desktop. If large text is enabled on your device, navigate the screen until the QR code option is accessible.
On your desktop or laptop, click Next
Now that you’ve tested, we HIGHLY recommend setting up a phone number, secondary mobile device, or a USB security key as a backup option. This ensures you can access your account even if your primary device is unavailable.
Need Support?
If you need help with any of these steps or encounter any issues, restart your mobile device. If the issue persists, please reach out to your assigned technical support professionals (for staff & faculty) or the IT Service Desk.
Frequently Asked Questions
Learn more about supported devices, USB keys, authentication options, etc.
What are my authentication options?
- Mobile Notification Push: Microsoft Authenticator App and mobile device required. You will be asked to enter the two-digit number displayed on the website into your mobile device. Your device must have wifi or cellular connectivity.
- Mobile Verification Code: Microsoft Authenticator App and mobile device required. You will be asked to enter a six-digit “one-time password code” from your Microsoft Authenticator App into the website. No cellular or wifi connectivity is required! Works on an airplane, for example.
- Phone Call Verification: Microsoft will place a voice call to a registered phone number. You will acknowledge the call on the phone keypad.
Disclaimer: Microsoft is moving towards not allowing Phone Call verification as a primary method for MFA. While it's currently available to implement, that might not be the case in the near future.
- Physical USB Security Key: Enables authentication without a mobile device or phone, as long as that computer has a compatible USB port and supported web browser. Great for classroom or airplane use without a phone.
- You can configure and manage devices and options at https://usu.edu/mfasetup. If possible, you should have more than one device or phone number registered.
How do I enroll, add, or remove mobile devices, phone numbers, or security keys?
- You can make changes to your authentication settings and devices by visiting Microsoft's Security Verification page. For instructions, see our Authentication Options FAQ.
How do I change or update my authentication method?
- You can make changes to your authentication settings and devices by visiting Microsoft's Security Verification page. For instructions, see our Authentication Options FAQ.
What if I don't want to use my personal device or do not own a smartphone?
- You can opt to purchase and use a USB security key. We recommend still setting up a phone number as an alternate method in case you forget or lose the security key. See our Authentication Options FAQ.
What if I forget my mobile device or security key at home?
- Use one of your alternate methods of verification (e.g. phone call)
- If you have no alternates available, Contact the Service Desk
What are USB security keys and how can I get one?
- USB security keys enable MFA on compatible browsers without a phone present. For example, on an airplane or in a classroom without your phone, etc.
- The USU Campus Store has Yubico brand USB security keys available for purchase
- See the USB Security Key information page
I got a new phone. What should I do?
- If you kept the same phone number, and have added the number as an alternative form of authentication. Select the option: “I can’t use the app right now” to sign into your account, then add a new authentication option.
- If you got a new phone number, Contact the Service Desk
I have lost or misplaced my phone or security key and have no other options. What should I do?
- If you recently replaced or lost your singular authentication method please fill out this form.
Can I use my smartwatch to authenticate?
- When receiving a Mobile Notification Push your smartwatch may notify you, however, you will be required to enter the two-digit code on the phone. Microsoft Authenticator does not support entering the two-digit code from a watch.
How can I go passwordless and what does that mean?
- To go passwordless means you don’t have to enter your strong password each time you log in
- Microsoft MFA allows you to go passwordless using the Authenticator App or a USB security key. We are working to develop instructions, please check back later.
How does switching to Microsoft MFA make life easier?
- Your strong password will no longer expire automatically each year (we will contact you proactively if your password is at risk and needs to be changed).
- It will help safeguard your USU data and accounts.
- It better protects you against social-hacking efforts like MFA push fatigue.
- You will have increased protection against identity theft.
- It additionally increases the security for your personal information.
I only have my phone, can I set up MFA?
It is recommended that you use 2 devices where possible to set up your Microsoft Authenticator. This is due to it being a far more straightforward method. If however, you don't have access to a computer and only have your Authenticator App, follow the KB article for setting up Microsoft MFA on a phone.
Are there any issues with using older versions of MacOS?
Some users running older MacOS versions have encountered authentication challenges. In such cases, we suggest designating Chrome as your default browser. This serves as the most efficient solution to address authentication concerns on older MacOS versions, particularly if updating to the current MacOS version is not feasible.