Multifactor Authentication for Students

REMINDER:  As of August 3, 2020, configuration of MFA on student email accounts will become required.  You will be required to configure MFA for your account or you may lose access to the account until MFA is configured.  August 3, 2020 is also the planned date for obsolescence of legacy authentication.

Through a collaboration with UNT System Information Technology Shared Services and Duo security,  HSC is able to provide multi-factor authentication(MFA) protection to student emailaccounts and all Office 365 login experiences.  MFA protects logins to Office 365 services by requiring a secondary authentication method during the login experience.  This secondary authentication may come in the form of an SMS(text) message, or a push notification to a device, a random code generated by an app on your phone, or even a landline phone call.  Whatever method is chosen, and WE STRONGLY SUGGEST CONFIGURING AT LEAST TWO OPTIONS, the MFA configuration will help keep attackers out of your Office 365 services.  Whether your password was compromised in a phishing attempt or you used the same password on other sites and one of those sites was compromised, the MFA configuration on your account will require a secondary authentication method that only you have and keep attackers out of your account.

Multi-factor Authentication is enabled for all Student accounts right now.  To fully configure MFA you must first enroll for the service at https://mfa.untsystem.edu.Instructions on how to enroll and configure DUO MFA on your account can be found at https://howtomfa.untsystem.edu.

Planned obsolescence for legacy authentication

Historically, Microsoft has allowed log-ins to Office 365 services older protocols and methods of authentication.  Some of these protocols and methods like POP or IMAP you may have heard of or even used to configure a client in the past.  there are many other legacy protocols for authentication and most modern clients are starting to remove these protocols as a feature.  Microsoft has decided to remove the use of these protocols from Office 365 services primarily because they do not provide the enhanced security such as encryption, or multi-factor authentication, that modern protocols and clients do offer.

On August 3, 2020, HSC will turn off legacy authentication for student email accounts.  This will be necessary to require the configuration of multi-factor authentication and ensure the security of student Office 365 accounts provided by the university.

Turning off legacy authentication will affect those students using these protocols on older clients or methods that don’t support modern authentication, such as Apple Mail (pre iOS 14), or Mozilla Thunderbird.  Microsoft Outlook, available on Windows, Mac, android, and iOS allows for the use of modern authentication and will be suggested as a client for those experiencing issues.  For a technical guide on what services may be affected by the removal of legacy authentication, visit here: Improving Security Together