Body
Activate 2FA (2-Factor Authentication) with SMS
SMS Two-Factor Authentication (2FA) is now enabled to allow you to setup your phone number to receive text messages of one-time passcode when asked to authenticate your SMU O365 Account.
NOTE: MICROSOFT IS REVIEWING THEIR APPROVED MFA METHODS, AND 2 FACTOR (SMS) MAY BE REMOVED BY MICROSOFT AT SOMETIME IN THE FUTURE.
Why You Should Opt-In for MFA Instead of SMS 2FA
If you're travelling and not connected to your carrier, you won't receive SMS text messages to authenticate your login and access your account.
It's important to note that 2FA such as SMS does not provide additional layers of security as MFA does when using the authenticator mobile app. While basic 2FA, such as receiving codes via SMS, provides a level of security, it is more susceptible to certain vulnerabilities, such as SIM card swapping or interception. Authenticator apps generate unique, time-based codes that are not dependent on the network, making them more secure.
The Microsoft Authenticator app (MFA) is the preferred method as it offers the benefits such as Passwordless Authentication and security. MFA methods such as the Authenticator app is more secure than 2FA because it provides an additional layer of protection through a passcode or biometric verification, such as fingerprint or facial recognition.
Setting up MFA on your personal device may seem like an inconvenience, but the benefits far outweigh any potential drawbacks as it’s best to ensure that data is safe from unauthorized access. If you'd like to setup MFA with the MS Authenticator app, click HERE. If you're unable to download the Microsoft Authenticator app from Play Store or App Store, the alternative is to use the Google Authenticator app. The Google Authenticator app provides higher security than 2FA.
Follow the instructions below to set up 2FA with SMS as your authentication method.
Sign in to portal.office.com with your SMU email first then follow the instructions bellow:
Note: If you were met by the screen stating "More information required", hit Next then select I want to set up a different method and follow from step 4 until you get to the success! screen. If you're not met with the screen below, start from step 1.
Step 1: Click on your profile with your initials on the top right -> then click on 'View account'
Step 2: On the left, select 'Security info'
Step 3: Select '+Add sign-in method'
Step 4: Click the drop-down menu where it says 'Choose a method' -> then select Phone
Note: If you don't see Phone as an option, contact the EIT Helpdesk or mfa@smu.ca
Step 5: Click 'Add'
Step 6: Click on the drop-down menu to select the country of your phone number carrier location -> enter your phone number -> hit Next
Step 7: You have received a text message on your phone. Enter the 6-digit code that you've received on your phone text messages app -> hit Next
Step 8: Hit Done to complete the registration
Congrats! You've setup 2FA SMS method. What's next? review the details below on what to expect.
What to Expect/How Many Times Do I Need To Authenticate
-On each device, MFA will prompt you to authenticate once a week when using installed apps such as Word, Excel, PowerPoint, and Outlook (they don't ask you to authenticate on each of those apps)
-The Teams and OneDrive will also require separate authentications once a week on the same device.
This means you could potentially encounter up to two or possibly three authentication prompts per week on the same device.
To identify if Outlook or Office apps need authentication, simply look for an exclamation mark next to your name on the top-right of the app.
Additionally, if you access these apps on different devices or a new device, you'll be asked to authenticate again as listed above.
For Office 365 activity in a web browser, you will be asked to authenticate every time you sign in. This is because web browsers don't store token keys. If you frequently use the browser for login, you'll usually met with the message "Stay signed in?", check the box that states Don't show this again then click Yes to streamline the process. Note that this option does not work in incognito/private mode of the browser.
-If Teams needs to be authenticated, it must be authenticated once a week on the same device for the locally installed Teams app; otherwise, it may miss calls.