Skip to main content
Decorative photo: someone looking at their phone and laptop.

Microsoft multi-factor authentication enrollment update

Submitted by stauffeg on Thu, 11/18/2021 - 12:31 PM

Now that Microsoft multi-factor authentication (MFA) has been enabled for all CU Boulder employee accounts, OIT is making plans to enroll student accounts during the spring 2022 semester.

If you are a student who wants to start protecting your Microsoft account right now, you can self-enroll in Microsoft MFA using this webform.

Employees who haven’t registered

Although all employees have been enrolled, you may not have been prompted to register a device in MFA if you haven’t recently restarted your computer or opened a Microsoft application. You can prompt the MFA registration process and assure that your account is protected by MFA by going to Microsoft’s My Sign-Ins page. The sooner you register, the sooner you will be protected from cybercriminals attempting to take control of your account. The holiday season is often when cybercriminals step up their efforts to compromise accounts.

How to register

During registration, you will be prompted to set up MFA to login to Microsoft applications and have two options for proving who you are. You can register to get a text message with a code you’ll type in when you log in or you can download and install the mobile app on your phone. The mobile app only requires you to tap a button to log in but can take more time to set up. If using the mobile app sounds more convenient, we suggest adding the texting feature first, followed by adding the mobile app. We have provided MFA registration instructions on the Microsoft Office 365 page.

Since mobile phones are so ubiquitous and we seldom go anywhere without one, they are the most popular choice for multi-factor authentication. However, if you do not want to use your mobile phone for MFA or don’t own one, some FIDO2 tokens are an option. Please see our Multi-Factor Authentication FAQ for more information about this option.

How to log in after you’ve registered

When you log in to a Microsoft Office 365 application for the first time after registering, you could be prompted with the second factor that you set up during registration. After the initial registration, you will only be prompted to use MFA when a threat to your account is detected.

Why we’re doing this

One of the most common ways cybercriminals attack our campus is through collaboration services like Office 365. MFA helps protect you by adding an additional layer of security, making it harder for attackers to log in as if they were you. Your information is safer with MFA because thieves would need to steal both your password and your phone. MFA has been shown to block 99.9 percent of compromised-credential attacks, which in turn will help to safeguard the university’s data, finances, and reputation.

If you have questions about multi-factor authentication, please check out the Multi-Factor Authentication FAQs or contact the IT Service Center at or 303-735-4357.