Best Practices - ECU Multifactor Authentication

IT Service Desk 252-328-9866 | Pirate Techs Technology Support Centers | Submit a Ticket

Skip to a section: Overview | Best Practices

Available to

Faculty, Staff, Students

Overview

All ECU users configure Azure Multifactor Authentication* through their Microsoft 365 account when onboarding to ECU. Azure MFA allows log in to email, Canvas and other single sign-on applications. 

Recommended Best Practices

Follow these recommended best practices to ensure a smooth, secure experience when accessing the ECU resources you use every day.

Best Practice No. 1 – Make Microsoft Authenticator app your default sign-in method.

Once configured for your mobile phone or tablet (check app store for device compatibility), the access code can be used offline if network and cellular access is unavailable.

  • Configure the Microsoft Authenticator app on a mobile device.
  • Enable push notifications for Authenticator through your device's settings.
  • Requires no internet and verify through code or number matching.
  • Best for international travelers.
     

Best Practice No. 2 – Configure multiple MFA methods.

If your mobile device is unavailable, you can use an alternate authentication method.

  • Phone call. Set up a phone number to receive a voice call from Microsoft. Add up to three different phone numbers (does not have to be a mobile). 
  • Text. Receive a code. 
  • Yubico security key. Fast, anti-phish authentication using a 6-digit code or NFC (mobile). Use in place of a mobile phone.
  • Windows Hello for Business. ECU-managed Windows 11 computers. 6-digit code authenticates your account for your computer and single sign-on resources.
     

Best Practice No. 3 – Work around weak cellular signals.

  • Enable Wi-Fi calling to receive calls over the Wi-Fi network rather than cellular signals.
  • See this information for onboarding your devices to eduroam, ECU's primary Wi-Fi network.
  • Use the Microsoft Authenticator app which can generate a verification code without an internet connection or cellular signal. The Authenticator app is the recommended default method for users.
  • Use a Yubico security key rather than a mobile phone.

 

Best Practice No. 4 – Periodically check app updates and verification settings.

  • Regularly update the Microsoft Authenticator app to the latest version for improved security and features.
  • Review and update your secondary authentication methods to ensure phone numbers and email addresses are up to date.

 

Best Practice No. 5 – Follow these security tips.

  • Do Not Share Codes. Never share your verification codes with anyone.
  • Do not approve an unexpected MFA prompt until you check your recent activity.
  • Check your account’s recent activity through the Microsoft 365 My Sign-ins page. Ignore unsuccessful attempts, but a successful sign-in from a location you don’t recognize should be reported to the IT Service Desk.

 

Best Practice No. 6 – Contact Pirate Techs if you cannot log in

  • Call the IT Service Desk at 252-328-9866. 
  • Visit your nearest Pirate Techs walk-in location. 
  • Quick assistance to access your account if you are unable to authenticate. For example, you left your mobile phone at home.

*I configured MFA twice when onboarding. What's the difference?

  • Azure MFA is used to log in to ECU resources and applies to these best practices.
  • PirateID Self Service authentication is used for that system only to reset/unlock your password.
Print Article

Related Articles (1)

Multifactor Authentication Resources List
List of Knowledge Base account authentication (MFA) articles for ECU users.