Office 365 - FAQ

Microsoft Office 365 provides access to online versions of Office products like Word, Excel, PowerPoint and OneNote. You don't need to download anything to use these services. 

Eligible CU Boulder faculty, staff and students can download the latest versions of Microsoft Office software at no cost for a personal computer through Office 365 Apps. Learn more about eligibility requirements on the Office 365 Apps FAQ page. 

Most modern web browsers are supported in Office 365 including Windows Internet Explorer, Mozilla Firefox, Apple Safari and Google Chrome. This website has more information about the browser version you must use .

Yes. There are mobile versions of Office 365 services available for Windows, iPhone and Android. This page has more information about mobile versions of Office 365 .

One of our campus’s largest attack vectors is through collaboration services; especially email accounts using older protocols. MFA adds an additional layer of security, making it harder for attackers to log in as if they were you. Your information is safer because thieves would need to steal both your password and your phone to access services protected by MFA. MFA has been shown to block 99.9 percent of compromised-credential attacks, which in turn will help to safeguard the university’s data, finances, and reputation. Learn more about CU Boulder's implementation of Microsoft MFA.

Multi-factor authentication (MFA) is a simple way to increase account security by requiring multiple forms of verification to prove your identity when signing into an application. This is generally something you know, like a password, and something you have, like a personal phone. Many institutions and applications use some form of MFA to login, especially when using a new device. Office365 multi-factor authentication will increase the protection on all Office365 services and applications, including Office desktop applications, email, Teams, OneDrive, and Sharepoint. For your convenience, your sign-in session on your regular devices will not require you to login or use multi-factor often, but it will protect your account if any suspicious attempts to login are detected. 

Yes, everyone using CU Boulder's Office 365 instance will be required to use MFA. 

Multi-factor authentication ensures that users are who they say they are by requiring that they provide two pieces of evidence to prove their identity. This is generally something you know, like a password, and something you have, like a personal phone. Since mobile phones are so ubiquitous and we seldom go anywhere without one, they are the most popular choice for multi-factor authentication. If using a mobile phone isn’t an option for you, please contact the IT Service Center to discuss other options. 

Both CU Boulder and Microsoft are not permitted to use this information for marketing, tracking, or data mining purposes. We have contractual agreements with Microsoft that protect your personal information. Your phone number will only be used to validate that you are who you say you are when using the Microsoft 365 services. MFA is an additional security measure that is designed to protect your personal information.

FIDO2 tokens are physical devices that provide a second factor during the multi-factor authentication process. They may be a good option if you are unable to use a mobile phone for MFA. 

Please note that OIT cannot provide support for the use of FIDO2 tokens – it is your responsibility to purchase, configure, and keep track of your token. Before purchasing a token, it’s recommended to review Microsoft’s FIDO2 token requirements.

If you decide to use FIDO2 tokens, it is highly recommended to register a backup method, such as a phone, in addition to your token in case you misplace it. Learn how to edit backup methods for MFA in the beginning of our registering and using the authenticator app tutorial.

To give campus users the right balance of security and ease of use, we've enabled a setting which takes into account many factors to determine if a login attempt is suspicious or not. If the majority of the time you access Microsoft apps using the same devices and patterns, you should rarely if ever be prompted with MFA. However, if you frequently travel internationally, log in to your Microsoft apps and email on these trips or use public kiosks, you could expect to be prompted on a higher frequency that corresponds to these activities which appear to be more risky.

Before using the Authenticator app, OIT recommends registering a phone number for authentication. If you only use the authenticator app you may be locked out of your account temporarily if you lose or replace your mobile phone. 

Once a phone number is registered, use OIT's instructions registering and using the authenticator app. You can download the Authenticator app directly from Microsoft's Authenticator App page.

On the 14th day you will be required to register at least one device (a phone, the Authenticator App or FIDO2 token) before being allowed to login to Microsoft applications. There are two different registration groups and two different registration deadlines: November 16 and 18. You can find your deadline in an email sent to you the week of October 26 with a subject that starts with “Microsoft Office 365 multi-factor authentication coming...”

If you're unable to log in or change your authentication information (see How can I update my phone number or change authentication preferences? below), please contact the IT Service Center at 303-735-4357 or oithelp@colorado.edu for assistance resetting MFA.

There are several ways to update or change your authentication information:

• Log in to Office 365 then go to the Additional Security Verification page to change or register a security verification option.
• You can also log in to Office 365, open your account information, then click security info settings. These steps are outlined in the beginning of our registering and using the authenticator app tutorial. 
• Visit Microsoft's additional security verification or change two factor verification and settings help pages for additional information. 

OIT recommends configuring the Microsoft Authenticator App in case your country code is not available. However, when enrolling your device, you’ll find that there is a comprehensive list of international calling codes that are available to select from.

No. The Microsoft Office 365 deployment does not impact any current use of Microsoft Office software installed on your computer. Office Online and your local version of Office are seamlessly integrated and complementary. Using Office Online may enhance your Office software experience, with the new web storage and editing tools, but you may choose to continue using Microsoft Office no differently than you always have in the past.

Not at this time. The future of email on the CU Boulder campus includes the ability of faculty, staff and students to choose the home of their email.

Yes. Exchange Online limits the number of recipients per message to 500 and sets a daily recipient limit of 10,000 recipients. If you have email sending needs that exceed these limits, we recommend using one of CU Boulder's bulk/mass email communication services.

Outlook and Outlook on the web do not allow you to receive files of certain types (such as .exe files) as attachments, because of their potential for introducing a virus into your computer. By default, Outlook blocks these files.

For a full list of file types, please review Microsoft's blocked attachments page.

All Office 365 accounts by default have 50GB of Storage for email and calendar data. Please note: This limit cannot be increased.

Visit the Outlook on the web Check Mailbox Usage tutorial to learn how to check the capacity of your mailbox or use Microsoft's Manage My Mailbox Size page for additional help. 

The deleted items folder retention period is 30 days. After that, messages are automatically removed from the folder. Items that have been automatically removed from the Deleted Items folder are retained for 30 days before being permanently deleted. You can recover items during the retention period using Outlook or OWA. Visit the Recovering Deleted Items tutorial for instructions. 

OIT has created an Exchange Online Calendaring Best Practices guide to provide guidance to Exchange Online calendar users on the practices and email/calendar clients that best avoid calendaring problems. They have been collected from many years of experience with Exchange and from multiple sources. 

With the implementation of Office 365 Microsoft Exchange email and calendaring solution, faculty and staff are encouraged to utilize the campus service for all university-related work instead of other third-party providers such as Hotmail, Yahoo or Gmail. However, if faculty or staff members determine that use of the CU Boulder email service interferes with their ability to pursue their academic or research activities, they can request an exception.

Arrangements have been made to accommodate those who work with organizations with whom the university has made arrangements to use these organizations' domain as one's email delivery location. The accepted domains currently include:

Campuses


• colorado.edu (variations that include colorado.edu are acceptable)

• cu.edu

• 
cusys.edu

• email.ucdenver.edu
• 
jove.uchsc.edu
• 
ludell.uccs.edu

• math.cudenver.edu

• ucdenver.edu
• 
uchsc.edu

• wizard.cusys.edu

National Labs

• boulder.nist.gov

• cdc.gov
• 
nist.gov
• 
noaa.gov
• 
nrel.gov
• 
ucar.edu

Other Organizations (institutes)

• 
cuchbe.org

• cumcen.org
• cufund.org

• uccs.edu
• 
nsidc.org

• centerwest.org
• 
espacecenter.org

If you are associated with one of these organizations or national labs and wish to have your CU email delivered there, you will need to update your email delivery location in the CU Boulder IdentiKey Manager. Instructions for updating your email delivery location are available at IdentiKey Manager - Manage Email & Calendar Service.

If an individual from an institute or national lab is seeking an exception, the individual should first contact their director or department chair to seek their approval. Then, the director or department chair should contact CU Boulder Legal Counsel, who will review the request.

If you feel that using any CU email account is unacceptable in fulfilling your teaching, research, or administrative duties, please contact your director or department chair. If after discussing the problem with your director or department chair you both feel that using a CU email account is unacceptable, complete the certificate of receipt  with signatures from you and your director or department chair, and send, via campus mail to the Office of Information Security (OIS), 455 UCB, faxed to (303) 735-5036, or emailed to security@colorado.edu. OIS will work with OIT Operations to have any email that is sent to your @colorado.edu account sent to the third-party address you specify.