Multi-factor Authentication (MFA) is used in cloud-based applications to keep WPI data secure.

The MFA feature is a two-factor authentication process which ensures the security of your account by verifying your login through a personal device. In this two-step process, first you log into the web application. After you have entered your username and password, you are asked for an additional verification. This additional factor for authentication, also know as a one-time password (OTP), is the 4-8 digit code that you receive. 
A new OTP is generated periodically or each time an authentication request is submitted. It can be configured to use an app on your mobile device, a text to your mobile phone, or a call to any phone (including an office or home line). After verification, you will be granted access to the application. It is vital that you carefully look at the verification username to ensure it is truly your login being authenticated.

Upon logging in to your WPI account, if you have not done so already, you will be asked to set up the MFA feature. You will need to setup your MFA to access all resources that use Self-Service Password Reset, Microsoft Single Sign-On, including, but not limited to, Outlook, Canvas, OneDrive, and Zoom. You will need to complete the MFA Setup process within fourteen (14) days of first accessing your account.

Note:
Multi-factor Authentication is only required for applications using Microsoft Single Sign-On. You will not need to configure MFA to login through the CAS portal.

MFA First Time Login

When you visit any site that uses Microsoft Single Sign-On, or if you navigate to Update and Define Verification Methods, you will be prompted to set up your Authentication Method:

Prompt for First Time Setup: Keep your account secure through the Microsoft Authenticator App.

You can configure the Authenticator App (recommended by IT) or you can use one of the other methods by pressing I want to set up a different method.

Authentication Methods

IT recommends choosing at least two methods for authentication. Select those that work best for you:

  • Microsoft Authenticator App on Mobile Device - use this method when traveling outside United States
  • Mobile Phone (call or text)
  • Landline/Office Phone (call)
  • Email (For Self-Service Password Reset Only)
  • Hardware Token / Security Key (configured by IT)
Microsoft Disabling Authentication through Push Notifications
On May 8th, 2023, Microsoft will disable the approve/deny push notification feature for the Microsoft Authenticator application. After this time, the Authenticator can only be used to provide an authentication code that can be entered upon login.
  • Configure the Microsoft Authenticator App

    Note:
    This method is required to use MFA while traveling internationally. It should be setup on a device that will be used during travel. Other methods may also be updated to contact information that will be used during travel.  

    Install the Microsoft Authenticator App. From there you can choose to get the app for iOS devices on the App Store or Android devices on Google Play.

    If prompted to allow notifications and/or access to the phone camera (needed to scan QR code), please click OK or Allow.

    On your mobile device:

    1. Download the Microsoft Authenticator App 
    2. Once downloaded, launch the app
    3. Add your WPI email account
    4. Select School account

    On your phone, you will be prompted to scan a QR code.

    On your computer:

    • Navigate to Update and Define Verification Methods (or if on the first time login prompt page, press the Next button)
    • Press the Add method button and select Authenticator App
    • Follow the prompts by pressing Next

    Use your mobile phone to scan the QR code on the prompt page:

    Microsoft Authenticator QR Code prompt page. QR Code highlighted out.

    Continue through the prompts by pressing Next. A test authentication will be sent to your phone. Be sure to press Approve!

    When you are prompted for MFA using the Authenticator App, you will be prompted with Approve or Deny options.

  • Configure Other Methods

    1. Navigate to Update and Define Verification Methods
    2. Press the Add method button
    3. Select the Phone or Email method
    4. Input the required information
    5. A test will be texted/called/emailed to you
  • Enable Phone Sign-In

    You can enable phone sign-in on your device through the Microsoft Authenticator application. This will allow you to login to your account without entering a password. To do so:

    1. Open the Microsoft Authenticator application on your device
    2. Select the Set up phone sign-in option
    3. Click Continue to register your device
      • You will need to enable a lock screen with a PIN, password, fingerprint, or pattern before you can use this sign-in method
    4. Enter your password and authenticate
    5. Register your device