Home > ITS > Multifactor Authentication FAQs

Multifactor Authentication FAQs


General FAQs

Multifactor Authentication means controlling access to computers and other IT resources by requiring two or more pieces of evidence that the user is who they claim to be. Specifically, it enhances the security of your Holland College username and password by using your phone to verify your identity when you attempt to access Holland College resources (Office 365 and SAM) from an off-campus location.

It takes two items to access and update your information: “something you know” (like your password) and “something you have” (like your phone). For example, when you visit an <ATM, one authentication factor is the ATM card you use to start the transaction - that is the “something you have.” Next, you enter a PIN, which is the “something you know.” Without both factors, your authentication will fail.

Unfortunately, passwords are becoming increasingly easy to compromise. They can be stolen, guessed, and hacked, and new technology and hacking techniques combined with the limited pool of passwords most people use for multiple accounts means information online is increasingly vulnerable.

In addition, experience has shown that people are not as good at recognizing malicious email as you might think. Every day, people worldwide fall prey to these kinds of scams. We must take steps to ensure that we are more than just a single click away from having our paycheck stolen or becoming a victim of identity theft.

Multi-Factor Authentication adds a second layer of security to your account to make sure that your account stays safe, even if someone else knows your password.

The College’s implementation of MFA will include all Holland College students, faculty, and staff.

No, you cannot opt out. Multi-factor authentication will be required for all Holland College students, faculty, and staff.

You will receive an MFA prompt when logging into SAM or any Microsoft 365 apps (Outlook email, OneDrive, etc.) from any location off-campus.

Off-campus is anywhere other than:

  • Holland College computers in labs, classrooms, staff offices, podiums, etc.
  • Holland College wireless (hcwifi)

Keep in mind that if you are connected to your phone's data connection and not hcwifi while physically on campus, you are still "off-campus" as it pertains to MFA.


Using MFA FAQs

When you attempt to access a protected College application (SAM, Microsoft 365) from an off-campus location, you will be prompted to enter your username and password as usual (the first "factor"). You will then be asked to verify your identity with your preferred method of verification - push notification, a phone call, or a passcode - to verify that it is you (the second "factor").

MFA lets you link multiple devices to your account, so you can use your mobile phone, a landline, etc. as your second factor.

When you are doing your initial setup, you may add as many devices as you like (landline and/or mobile). Subsequently, when you are logging in you will initially be challenged using your default authentication method, but you can select the "Sign in another way" link to choose which device the authentication request is sent to and which authentication method you would like (via Microsoft Authenticator app, SMS text message, or phone call).

Yes, it is possible to use your office or home phone and a phone call as an authentication method. However, we do not recommend it because if you are logging in off-campus and get an MFA challenge phone call to a phone you do not have immediate access to, there is no way to answer that challenge.

It depends on the preferred option you selected.

  • To receive codes by text or call, you must have cell service.
  • To receive push notifications to the Microsoft Authenticator app, you must have mobile data or WiFi.
  • To use the code generated by the Microsoft Authenticator app, you must have mobile data or WiFi.

If you have an international mobile plan, the Microsoft Authenticator app will work. Otherwise, when you are prompted for MFA, click on Sign in another way. From there, select Use a verification code from my mobile app, you will then be prompted to enter a code. Open the Microsoft Authenticator app and enter the 6-digit code into your login screen.

Each code is only valid for a limited time – for texts and push notifications, around 30 seconds, although this includes delivery time; the code displayed in the Authenticator app displays a countdown timer. Try again and be sure to have your device close at hand.

  • If you often have delivery delays due to poor connectivity, we recommend you use the Microsoft Authenticator app on your mobile device, which provides valid codes without any mobile service or WiFi connection.
  • If you are trying to receive a text message, have a friend or colleague send you a text to make sure you are receiving messages
  • If you have received several codes, use only the most recent one.

Please call Integrated Technology Services as soon as possible during business hours at 902-566-9689. We will confirm your identity and then reset your authentication methods to prevent unauthorized access using your missing device. Note: ITS cannot confirm your identity via email.

You may be using an application or technology that does not support modern authentication. We recommend you use the Outlook app for iOS or Android as it is fully supported by Microsoft for use with Microsoft MFA.

We encourage users to set up multiple authentication devices with MFA, so that when one method is unavailable, you have others from which to choose. For example, you could set up your smartphone for notifications from the Microsoft Authenticator app and your office phone and home phone to do callback.