Metropolitan State University of Denver’s Information Technology Services team urges students and employees to use the Microsoft Authenticator app for their multifactor–authentication (MFA) needs. Employees who are using a phone call for MFA will soon see prompts from Microsoft to switch to the Authenticator app.
Why use the app?
Many MFA providers are phasing out less-secure authentication options such as phone calls or texts in favor of more-secure, app-based solutions. Switching to the app now will ensure that users avoid losing their preferred authentication method. Additionally, MSU Denver is investigating enabling MFA prompts for on-campus users to improve security, which may create challenges for users who use less-secure methods. There are areas on campus where phone calls don’t work but the app’s synchronized key code will, even without an internet connection.
ITS recognizes that some users are using phone calls as their preferred MFA authentication option because they are unable to use the Microsoft Authenticator app. These employees should contact the ITS Service Desk to explore alternatives.
For additional support:
- Call: 303-352-7548
- Click: support.mblayst.com
- Visit: Jordan Student Success Building first-floor lobby
Info for current app users
Roadrunners who already use the Microsoft Authenticator app may have noticed some changes when logging in this semester. The new information provided during the log-in process includes:
- The name of the application.
- The city, state or other geographical region where the MFA request originated.
These features help users make more informed decisions when they receive an MFA request and further improve user experience and security.
Please note: The location of any MFA request should match the employee’s physical location. However, if the device sending the request is connected to a VPN, the listed location may be drastically different. For example, if an employee is trying to log in to Workday while off-campus and is connected to MSU Denver’s GlobalProtect VPN service. In that case, the MFA request may appear to be coming from San Francisco or another California location. In these situations, the employee will need to use other information to validate the request before approving it, such as the app being accessed or the timing of the request.