Skip to main content

Office 365 - FAQ

General FAQ

Can I download Office 365 to my computer?

Microsoft Office 365 provides access to online versions of Office products like Word, Excel, PowerPoint and OneNote. You don't need to download anything to use these services. 

Eligible CU Boulder faculty, staff and students can download the latest versions of Microsoft Office software at no cost for a personal computer through Office 365 Apps. Learn more about eligibility requirements on the Office 365 Apps FAQ page

What browsers are compatible with Office 365?

Most modern web browsers are supported in Office 365 including Windows Internet Explorer, Mozilla Firefox, Apple Safari and Google Chrome. This website has more information about the browser version you must use .

Can I access 365 on my mobile device(s)?

Yes. There are mobile versions of Office 365 services available for Windows, iPhone and Android. This page has more information about mobile versions of Office 365 .

Multi-Factor Authentication 

Why is CU Boulder using MFA?

One of our campus’s largest attack vectors is through collaboration services; especially email accounts using older protocols. MFA adds an additional layer of security, making it harder for attackers to log in as if they were you. Your information is safer because thieves would need to steal both your password and your phone to access services protected by MFA. MFA has been shown to block 99.9 percent of compromised-credential attacks, which in turn will help to safeguard the university’s data, finances, and reputation. Learn more about CU Boulder's implementation of Microsoft MFA.

What is Multi-Factor Authentication?

Multi-factor authentication (MFA) is a simple way to increase account security by requiring multiple forms of verification to prove your identity when signing into an application. This is generally something you know, like a password, and something you have, like a personal phone. Many institutions and applications use some form of MFA to login, especially when using a new device. Office365 multi-factor authentication will increase the protection on all Office365 services and applications, including Office desktop applications, email, Teams, OneDrive, and Sharepoint. For your convenience, your sign-in session on your regular devices will not require you to login or use multi-factor often, but it will protect your account if any suspicious attempts to login are detected. 

Am I required to use MFA?

Yes, everyone using CU Boulder's Office 365 instance will be required to use MFA. 

Why should I have to use my personal phone for this, when CU Boulder doesn’t pay for it?

Multi-factor authentication ensures that users are who they say they are by requiring that they provide two pieces of evidence to prove their identity. This is generally something you know, like a password, and something you have, like a personal phone. Since mobile phones are so ubiquitous and we seldom go anywhere without one, they are the most popular choice for multi-factor authentication. If using a mobile phone isn’t an option for you, please contact the IT Service Center to discuss other options. 

I have concerns about sharing my phone number with Microsoft. What happens with the information I share through MFA?

Both CU Boulder and Microsoft are not permitted to use this information for marketing, tracking, or data mining purposes. We have contractual agreements with Microsoft that protect your personal information. Your phone number will only be used to validate that you are who you say you are when using the Microsoft 365 services. MFA is an additional security measure that is designed to protect your personal information.

Can I use YubiKeys or other FIDO2 tokens with MFA?

FIDO2 tokens are physical devices that provide a second factor during the multi-factor authentication process. They may be a good option if you are unable to use a mobile phone for MFA. 

Please note that OIT cannot provide support for the use of FIDO2 tokens – it is your responsibility to purchase, configure, and keep track of your token. Before purchasing a token, it’s recommended to review Microsoft’s FIDO2 token requirements.

If you decide to use FIDO2 tokens, it is highly recommended to register a backup method, such as a phone, in addition to your token in case you misplace it. Learn how to edit backup methods for MFA in the beginning of our registering and using the authenticator app tutorial.

How often should I expect to be prompted to use MFA once registered?

To give campus users the right balance of security and ease of use, we've enabled a setting which takes into account many factors to determine if a login attempt is suspicious or not. If the majority of the time you access Microsoft apps using the same devices and patterns, you should rarely if ever be prompted with MFA. However, if you frequently travel internationally, log in to your Microsoft apps and email on these trips or use public kiosks, you could expect to be prompted on a higher frequency that corresponds to these activities which appear to be more risky.

Where can I download the Authenticator App?

Before using the Authenticator app, OIT recommends registering a phone number for authentication. If you only use the authenticator app you may be locked out of your account temporarily if you lose or replace your mobile phone. 

Once a phone number is registered, use OIT's instructions registering and using the authenticator app. You can download the Authenticator app directly from Microsoft's Authenticator App page.

What will happen if I haven’t registered during the 14-day registration period?

On the 14th day you will be required to register at least one device (a phone, the Authenticator App or FIDO2 token) before being allowed to login to Microsoft applications. There are two different registration groups and two different registration deadlines: November 16 and 18. You can find your deadline in an email sent to you the week of October 26 with a subject that starts with “Microsoft Office 365 multi-factor authentication coming...”

I lost my phone and/or got a new device and am unable to authenticate.

If you're unable to log in or change your authentication information (see How can I update my phone number or change authentication preferences? below), please contact the IT Service Center at 303-735-4357 or for assistance resetting MFA.

How can I update my phone number or change my authentication preferences?

There are several ways to update or change your authentication information:

I am an international student or I will be traveling abroad. Which authentication method should I choose?

OIT recommends configuring the Microsoft Authenticator App in case your country code is not available. However, when enrolling your device, you’ll find that there is a comprehensive list of international calling codes that are available to select from.

Office Online

I already use Office products like Word, Excel & PowerPoint on my computer. Will my Office 365 account affect my use of Office products on my computer?

No. The Microsoft Office 365 deployment does not impact any current use of Microsoft Office software installed on your computer. Office Online and your local version of Office are seamlessly integrated and complementary. Using Office Online may enhance your Office software experience, with the new web storage and editing tools, but you may choose to continue using Microsoft Office no differently than you always have in the past.

Exchange Online

Is student email moving to Exchange Online?

Not at this time. The future of email on the CU Boulder campus includes the ability of faculty, staff and students to choose the home of their email.

Sometimes I need to send emails to large numbers of people. Does Exchange Online limit the number of emails I can send?

Yes. Exchange Online limits the number of recipients per message to 500 and sets a daily recipient limit of 10,000 recipients. If you have email sending needs that exceed these limits, we recommend using one of CU Boulder's bulk/mass email communication services.

Are certain attachments types blocked by Office 365?

Outlook and Outlook on the web do not allow you to receive files of certain types (such as .exe files) as attachments, because of their potential for introducing a virus into your computer. By default, Outlook blocks these files.

For a full list of file types, please review Microsoft's blocked attachments page.

How much storage space does my Exchange Online account have?

All Office 365 accounts by default have 50GB of Storage for email and calendar data. Please note: This limit cannot be increased.

Visit the Outlook on the web Check Mailbox Usage tutorial to learn how to check the capacity of your mailbox or use Microsoft's Manage My Mailbox Size page for additional help. 

How long do messages stay in the Deleted Items folder?

The deleted items folder retention period is 30 days. After that, messages are automatically removed from the folder. Items that have been automatically removed from the Deleted Items folder are retained for 30 days before being permanently deleted. You can recover items during the retention period using Outlook or OWA. Visit the Recovering Deleted Items tutorial for instructions. 

What do I need to know if I use delegates to manage my Calendar?

OIT has created an Exchange Online Calendaring Best Practices guide to provide guidance to Exchange Online calendar users on the practices and email/calendar clients that best avoid calendaring problems. They have been collected from many years of experience with Exchange and from multiple sources. 

Delivery Locations and Forwarding

Can I redirect my email account to an off-campus email provider such as Hotmail?

With the implementation of Office 365 Microsoft Exchange email and calendaring solution, faculty and staff are encouraged to utilize the campus service for all university-related work instead of other third-party providers such as Hotmail, Yahoo or Gmail. However, if faculty or staff members determine that use of the CU Boulder email service interferes with their ability to pursue their academic or research activities, they can request an exception.

Does this policy apply to email accounts of faculty or staff who work with national labs, or other campuses or organizations?

Arrangements have been made to accommodate those who work with organizations with whom the university has made arrangements to use these organizations' domain as one's email delivery location. The accepted domains currently include:


  • (variations that include are acceptable)







National Labs



Other Organizations (institutes)





If you are associated with one of these organizations or national labs and wish to have your CU email delivered there, you will need to update your email delivery location in the CU Boulder IdentiKey Manager. Instructions for updating your email delivery location are available at IdentiKey Manager - Manage Email & Calendar Service.

If I'm associated with another institute or national lab not listed above, but want an exception, what should I do?

If an individual from an institute or national lab is seeking an exception, the individual should first contact their director or department chair to seek their approval. Then, the director or department chair should contact CU Boulder Legal Counsel, who will review the request.

What can I do if none of these options address my needs?

If you feel that using any CU email account is unacceptable in fulfilling your teaching, research, or administrative duties, please contact your director or department chair. If after discussing the problem with your director or department chair you both feel that using a CU email account is unacceptable, complete the certificate of receipt  with signatures from you and your director or department chair, and send, via campus mail to the Office of Information Security (OIS), 455 UCB, faxed to (303) 735-5036, or emailed to OIS will work with OIT Operations to have any email that is sent to your account sent to the third-party address you specify.