What is multi-factor authentication?
"MFA is quite simple, and organizations are focusing more than ever on creating a smooth user experience. In fact, you probably already use it in some form. For example, you've used MFA if youve:
- swiped your bank card at the ATM and then entered your PIN (personal ID number).
- logged into a website that sent a numeric code to your phone, which you then entered to gain access to your account.
MFA, sometimes referred to as two-factor authentication or 2FA, is a security enhancement that allows you to present two pieces of evidence your credentials when logging in to an account. Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint). Your credentials must come from two different categories to enhance security so entering two different passwords would not be considered multi-factor."
Excerpt from https://www.nist.gov/itl/tig/back-basics-multi-factor-authentication
Set up MFA (Multi-Factor Authentication) for your CIA account
- On a computer go to https://aka.ms/mfasetup
- Log in with your CIA credentials (email and password)
- A message will appear indicating that more information is required
- Select 'Next'
Only one option can be selected at this step. More options can be added at a later time from the online account settings.
Under Step 1: How should we contact you?
- Choose one of the following from the drop down- detailed steps for each option will be provided later in this article
- Authentication phone: most likely your cell/mobile phone
- Office phone: will pre-populate with your CIA desk phone number
- Mobile App: uses an app on your smart phone
Authentication phone contact method
- Choose the correct country code
- Enter your phone number
- Choose your preferred method for receiving a verification code
- Send me a code by text message
- Call me
- Select 'Next'
A verification code will be sent using your preferred method
- Enter the code
- Select 'Verify'
App passwords as described in Step 3: Keep using your existing applications should not be necessary.
Clcik 'Done'
Logging in with Multi-Factor Authentication - Outlook mail with desktop browser
The Multi-factor authentication experience on mobile devices will appear differently. However the process is the same.
Multi-factor authentication is required each time you log in. The frequency will depend on the service/platform you are accessing.
- In a browser open https://outlook.office365.com/cia.edu
- Choose your account
- Enter your password
- Select 'Sign in'
After entering your password one of two windows will appear.
- Verify your identity or
- Enter Code
The 'Verify your identity' window allows you to
- choose your desired contact method. Choosing the method will open the Enter code window.
The 'Enter code' window provides the option to
- enter the code or to
- 'Sign in another way' which will open the "Verify your identity' window
- After entering the code select 'Verify'
Logging into desktop application- Mac Outlook
After setting up the multi-factor authentication you will need to re-authenticate for programs that have logged into before setting up MFA.
This example is for Outlook on a Mac. You will notice that the windows appear similar to those in Logging in with Multi-Factor Authentication - Outlook mail with desktop browser
Open Microsoft Outlook
You will be prompted to enter your password
The code will expire. If the code received does not work choose Sign in another way and request another code by selecting your preferred method.