Identity Theft and Account Infiltration have been the root cause of many data and security breaches across the globe. Computers today can brute-force passwords at a speed that seemed impossible just a decade ago.
Multi-Factor Authentication is a way to short-circuit the bad actors from gaining access to your account. Instead of just the one authentication factor (your password), access to your account and valuable information is tied to a device you possess, your facial features or a code that only you know, and possibly even a place. The more that access to your account is tied to you, things you know, and devices under your control, the harder it is for the bad actors to gain access to your account.
Many insurance companies require MFA for security and assurance. MFA stops more than 99% of identity theft attempts on accounts that use it. Oregon Coast Community College requires Multi-Factor Authentication for this very reason. There are two options for MFA, the Microsoft Authenticator App or a physical One-Time Password token set up by IT. If you have questions about MFA or the options presented, please email Spencer.Smith@oregoncoast.edu for help.

The Microsoft Authenticator App:

To turn on Multi-Factor Authentication, first you log in to your account through a Web browser to https://portal.office.com, and click “View Account” in your profile:

Accessing MS Account

In your account settings, click on “Security Info”, and then click on “Add sign-in method”:

Selecting sign-in method

The method that I suggest is the Microsoft Authenticator App. It’s a free download from the Microsoft Store or Apple Store on your Android or iPhone.

Selecting Authenticator App

There’s a link to get the app in the online process. Follow the instructions on your phone.

First stage of instructions, download app

Once the app is installed, you’ll be instructed to create a new “Work or school account” on the app. Then, on your computer, there will be a QR code to scan to set up the app:

Configure by QR code

(Below is a picture of my phone scanning the QR code, with the code itself marred for security reasons.)

I picture of the QR code being phone-scanned

The authenticator app will then handshake with your account settings through Microsoft, and approve the new MFA link.

Authenticator Approval

The next time you sign into your email, or use Anthology, or log into Canvas (all of which use the Microsoft security system for authentication), you’ll get a time-sensitive sign-in request like this:

What the Auth App looks like in action

When you open the Microsoft Authenticator App on your phone, there will be a prompt to enter this number, and the app will also scan you for facial recognition (or require your PIN, or your fingerprint, whatever your phone’s authentication method is.) Then you’re in!

One-Time Password Tokens:

The alternative to the Microsoft Authenticator App is a One-Time Password token (OTP), a physical device that supplies a synchronized 6-character code into the Microsoft Authentication process. 
The OTP tokens require setup and verification in-person, so that there is no mistaking the ownership of the device. That device will need to be accessible whenever authentication into Microsoft applications, Anthology, Canvas, or any other Microsoft-authenticated resource is required.
If you choose this option, email spencer.smith@oregoncoast.edu, and we’ll start the process of deploying one of these tokens.