MFA Frequently Asked Questions

What is MFA?

Multi Factor Authentication (MFA) is mandatory for all staff starting April 25th, 2022 when accessing NSCC services off campus. Starting October 2024 students will also be required to use MFA  when accessing NSCC services off campus as well.

MFA is used to make sure you are who you say you are by requiring two or more pieces of evidence that prove your identity. This evidence is known as a factor, and the requirement of a second factor greatly increases the security of your account. With multiple factors just knowing, or even guessing, your password is not enough to access your account. These factors are a combination of:

• Something you know, such as a password or passphrase
• Something you have, such as a code from an app or security token
• Something unique to you, such as using a fingerprint or face scan to unlock your phone or authentication app

Link to MFA Intro video - What is Multi-factor Authentication

With MFA enabled, you will be prompted for a second factor after entering your username and password when logging into a supported service such as Microsoft Outlook, Teams, Brightspace, etc.

Associated Knowledge Base Articles

Here are a list of articles that will help you setup your factors:

• Information about Mandatory Multi Factor Authentication
• How to Setup the Microsoft Authenticator App for MFA
• How to Add or Change a Phone Number for MFA
• Using FortiToken as a Factor for MFA
• How to Delete an MFA Factor

Frequently Asked Questions

When and where will I be prompted to authenticate?

You will be prompted to authenticate when accessing College resources from outside an internal network. For example if you log in from home you will be prompted to authenticate versus a classroom where you would not be.

With certain secure applications you may need to authenticate even on campus.

Is there a cost to using MFA?

MFA Is free to use and can be configured to use very few resources. The Microsoft Authenticator App is free and does not require data beyond its initial install. If you choose alternative authentication methods costs could be incurred from your service provider.

Ultimately by protecting all of your accounts, you can save yourself time and money.

Can I use a different MFA app than Microsoft’s?

The NSCC’s suggested app for MFA is the Microsoft Authenticator. It provides a fast, easy to set up, and integrated method of MFA. It is possible to use other applications to authenticate, however we will only be able to provide support for our suggested options.

What should I do if I receive a MFA prompt I was not expecting?

Treat MFA prompts the same way you would treat a password: keep them to yourself.

If you receive an unexpected prompt this means something or someone has tried to access your account (using your username and password), and now you are being asked to veryify the login. MFA is doing its job. MFA protects you by requiring two ways to prove your identity while logging in, and by withholding approval you prevent access even if your password is compromised. We recommend reporting the incident and updating your password to ensure both factors are secure.

Does the app allow the NSCC or Microsoft to spy on or track my phone?

The Microsoft Authenticator App does not use or transmit personal data from your phone. While it will provide notifications of authentication requests, it does not track your direct location.

If you so choose, the app can be configured to send non-personalized data to Microsoft to improve user experience. This can be toggled on and off in the settings menu.

Does the authenticator app work without Internet?

The Microsoft Authenticator App can generate Time Based One Time Passcodes [TOTP] codes locally on your device which will not require any data.

You can also configure the app to send push notifications for faster sign-ons when MFA is required, however, this will require Internet access but only consume a very small amount of data.

I lost my device and I am being asked to authenticate, what should I do?

If you have configured more than two authentication factors such as text message or the windows store app use that to log onto: https://mysignins.microsoft.com/security-info. From there you can remove your lost device as a factor by following these instructions:

1. On Your Sign-Ins navigate to the Security Info page.
2. Locate the factor you would like to remove and select Delete.
3. You will be prompted to confirm your choice. Select "Ok" if you want to delete the factor.

If you have no alternate methods of authenticating contact your Campus’ Technology Service Desk. You will have to verify your identity with the staff member assisting you before they can help you access your account.

Upon accessing your account we recommend changing your password and using the option to log out of all devices located here:

You will be prompted to confirm your choice. Select "Ok" to end all active sign-ons.