MFA (Multi-Factor Authentication) on the College SSO
On Thursday 11/30/2023 @ 1:30pm (ish) Central Time, our campus will be enabling MFA (Multi-Factor Authentication) on the College SSO (Single Sign-On).
This is being enabled for our entire campus community (Faculty / Staff / Students).
Once Enabled, the SSO will take you to a screen to setup 3 things:
- Security Questions: "Security Questions" Tab of Step #9 in the attached instructions (This is enabled temporarily for this transition and will be disabled sometime later in the Spring Semester)
- SMS Text Messages: "Phone Recovery" Tab of Step #9 in the attached instructions. (This is enabled temporarily for this transition and will be disabled sometime later in the Spring Semester)
- Microsoft Authenticator: "Authenticator" Tab of Step #9 in the attached instructions (Phone App Installation Required) (This is the method we will use going forward for the long term)
We encourage everyone to Setup ALL three methods above for our initial go live on Thursday 11/30/2023. To make your transition smoother, please setup the Multiple Factors PRIOR to the go live on Thurs 11/30/2023. It will not start prompting you with a MFA Prompt until we go live, but your transition will be smoother.
At a minimum, you should setup SMS and the Microsoft Authenticator.
In the Spring of 2024, the disabling the Security Questions and SMS Text messages.
If you do not have a smartphone, this will not impact you initially, but you need to reach out to the IT Helpdesk (x 7356) in December to put you on a list for a different option.
Below are Instructions for Setting up the Microsoft Authenticator with the Rose State SSO. At Step #9, Please setup "Phone Recovery" and "Security Questions".
Note: The Primary Phone Number field (Located in the "Phone Recovery" Tab of Step #9 in the attached instructions) is synchronized from your student record in OASIS. If you attempt to change your Primary Phone Number within the SSO, it will revert back within 10 minutes. If you need to use a different number you can enter it into the "Secondary Phone Number" field for the time being, then please contact the Office of Admissions & Records to get your student record updated.
We are implementing MFA to increase the college security posture. Below is some additional information about MFA:
Multi-factor authentication (MFA) significantly enhances the security of Rose State College's information systems by requiring users to provide multiple forms of identification before granting access. This adds an extra layer of protection, as compromising multiple factors simultaneously becomes much more challenging for potential attackers and bad actors.
MFA typically involves three types of authentication factors:
- Something you know: This typically refers to a password or PIN that only the user knows. This is the most common form of authentication, but it is not sufficient on its own.
- Something you have: This can be a physical token, such as a key fob, smart card, or mobile device, which generates a one-time password or a push notification for authentication. The user must possess this physical object to gain access.
- Something you are: This factor relies on biometric characteristics unique to individuals, such as fingerprints, facial recognition, or voice patterns. Biometric authentication adds an additional layer of security since these attributes are difficult to replicate.
By combining these multiple factors, MFA provides a higher level of security and prevents unauthorized access even if passwords are compromised. This technology provides an additional barrier against the most common attack vectors, such as brute-force attacks, phishing attempts, and password guessing.
