How does Multi-Factor Authentication™ work?

Multi-Factor Authentication works by placing a confirmation call, sending a text message, notifying the Azure Authenticator mobile app during login, or prompting for a verification code from the Azure Authenticator mobile app or token.

Step 1:
Enter your usual username and password.
Step 2:
Instantly, you receive a phone call, a text message, or a mobile app notification or are prompted for a verification code. For the phone call method, answer and press #, enter your PIN, or say your voiceprint phrase.  For the text message method, reply with the one-time passcode (OTP) in the message or reply with the OTP + your PIN in two-way mode, or enter the OTP or OTP + your PIN in your application in one-way mode.  For the mobile app method, press Authenticate or enter your PIN and press Authenticate in the Azure Authenticator mobile app installed on your device.  For the OATH token method, enter the verification code displayed in the Azure Authenticator mobile app or token.
That's It!

This simple process provides two separate factors of authentication through two separate channels (your computer and your phone service). It works with any regular or mobile phone in phone call mode, any phone with text message capabilities in text message mode, or a device that supports the Azure Authenticator mobile app.


What happens if I lose my phone?

Select the Change Phone Number option to enter a new phone number. An alternate number can also be set up by calling the support help desk, once your identity is strongly established.


What happens if I lose cell phone coverage in a certain area?

You can change your account to point to an alternate phone number, by selecting the Change Phone Number option. Some companies also provide a One-Time Bypass option which allows you to log in one time without a phone call or text message. If available, select the One-Time Bypass option to access this feature. Or call the support help desk from any phone for assistance.  The OATH token method doesn't require cell phone coverage.


What if I get a phone call, text message, or mobile app notification from Multi-Factor Authentication when I'm not trying to log in?

This would only happen if someone else was trying to log into your account, and they already knew your password. Remember, phone calls are only made, text messages are only sent, or mobile app notification are only sent after the username and password are verified. So, if this happens, Multi-Factor Authentication has just saved your account from illicit access! To temporarily block authentication attempts for your account, follow the prompts from the phone menu for the phone call method, reply to the text with your company-assigned fraud code for the two-way text message method, or press Deny and Report Fraud in the mobile app.  If Fraud Alert is enabled for your company, in addition to blocking your account an alert will instantly be sent to your company's IT security team. Contact your support help desk to unblock your account.