By Olivia Montes
The Washington College Office of Information Technology Administration, in partnership with the Library and Academic Technology department, authorized multi-factor authentication for all Microsoft Office 365 applications, including Outlook, Word, and SharePoint on Sept. 9.
The activation of MFA comes after a flood of spam and phishing emails which landed in students’ emails over the summer. In response, OIT, in partnership with their insurance carrier United Educators, released a series of data security training courses to be completed as soon as possible.
These courses include phishing, malware, mobile devices and third-party websites, passwords, and physical security and unintended discourses. Each STET course lasts about five to 10 minutes. Further questions regarding STET can be directed to Assistant Vice President for Institutional Effectiveness and Analytics Matthew Kibler, according to OIT’s July 22 email.
While these assigned courses were designed to teach users how to “recognize a security threat, how to avoid one, and how to report one,” according to the July 22 email, the activation of MFA serves as another security measure to protect accounts.
According to the email sent by OIT Executive Director Regina Elliot, enabling MFA will “require users to verify their identity in an additional way after entering their password.” The additional authentication factor was activated to increase data security on campus.
MFA will ask for user account authentication whenever users log-in to a different device or network by sending the user a verification code to an account of their choice. OIT said in the email that “the cell phone text message option is the ideal solution” for sending the aforementioned code.
To initiate MFA, students are advised to log out of their Outlook email accounts. Upon logging back in, directions on activating MFA will be provided.
Activation will require students to submit a phone number with which to receive messages. A text message containing a six-digit code is then sent to their cell phones via text when they log back into their Office applications. Students should then enter the code into the verification box, press enter, and then they will have access to their Outlook account again.
Students must complete this process every time they log into all Microsoft Office 365 applications under WC from a new device.
Another option for MFA that was previously available to students is the Microsoft Authenticator app, through which users can verify themselves when logging into their accounts. This can be accomplished through the two-step verification process, in which users will be sent a one-time passcode via text or push approvals.
If students continue facing issues when logging into their Office 365 accounts after enabling MFA, such as not having access to a working cell phone or concerns regarding constantly with using devices so often, they should submit a ticket to the LAT HelpDesk either by email, phone, or a link on the WC website.
OIT’s email also said that students should be assured that they will be able to connect to the campus Wi-Fi even if they are having issues setting up MFA on their Office 365 accounts, according to the email.