Multi-Factor Authentication (MFA) Frequently Asked Questions (FAQs)

Who do I contact if I have any issues with Multi-Factor Authentication?

If you have issues, please email Support@SPCollege.edu for your local IT support staff for assistance or call the Help Desk at (727) 791-2795. Telephone support is currently provided from 7am – Midnight except for College Holidays. Please click on the Blue Tile labeled Technical Assistance for current information.

What is Multi-Factor Authentication (MFA)?

MFA is a security method for your account that helps verify that you are actually the person who is logging into your account.

Why are we using MFA?

To increase the security of our network accounts and ensure that they are secure from unauthorized access.

How does MFA work?

You will log into your account with your SPC email address and password. You will then get a notification based on the method you chose during set up (phone call or authenticator app) to verify it is you logging into your account. If this is your first login after MFA is enforced, you will be prompted to enroll and set up your MFA notifications.

What are my options for MFA verification?

1. Mobile authenticator app on SPC issued mobile device
2. Phone call to SPC issued cell phone
3. Mobile authenticator app on personal mobile device
4. Phone call to personal cell phone
5. Phone call to dedicated SPC office phone (not a switchboard number nor extension)
6. Phone call to a personal land line phone

Where do I get the Authenticator app?

The Microsoft Authenticator App is available for your smartphone from Apple App Store or the Google Play Store.

Do I have to use my personal phone?

You are not required to use your personal device as the primary MFA method, but is highly recommended. If you do not have a dedicated SPC phone or workstation and do not want to use your personal device, please contact your manager to discuss alternatives.

Do I have to go through MFA every time I log in?

MFA will be required anytime you try to log in from a device not on the SPC network.

Do I have to go through MFA every time I log in?

MFA will be required anytime you try to log in from a device not on the SPC network.

What if I did not setup my MFA account and I’m being prompted to enter a code?

If you have not setup your account, please do so by going here. You can also contact your local IT support staff for assistance by emailing Support@SPCollege.edu or calling the Help Desk.

What happens if I do not receive a code?

When setting up your account, it is best to add alternate options for Multi-Factor authentication. This includes authenticator app, and phone call. If you do not receive a code, or have problems accessing one of your options, please contact your local IT support staff (see above).

Can I change my authentication methods?

Yes, you can change them at any time. If you would like to add, delete, or change your methods, you can visit your authentication profile by going here. Once you have saved your changes, it will take effect immediately and will be tested.

What are the codes in the app for?

Once you open the Microsoft Authenticator app, you'll see your added accounts as tiles with a six- or eight-digit number for each. You'll use these codes as verification that you are who you say you are. After you sign in with your username and password, you'll type in the verification code that's in the same tile as your account. For example, if you're signing into your SPC account, you'd use the verification code, 039424.

Why does the number next to the code keep counting down?

When you open the Microsoft Authenticator app, you'll see your added accounts as tiles with a six- or eight-digit number for each. You'll use these codes as verification that you are who you say you are. After you sign in with your username and password, you'll type in the verification code that's in the same tile as your account. For example, if you're signing into your SPC account, you'd use the verification code, 039424

What if I get a notification from Multi-Factor Authentication when I'm not trying to log in?

This should only happen if someone else were trying to log into your account, and they already knew your password. Remember, notifications are only made after the username and password are verified. So, if this happens, Multi-Factor Authentication has just saved your account from illicit access! If this happens, please alert IT immediately with your email address and/or your contact number.

Do I need to be connected to the Internet or my network to get and use the verification codes?

The codes don't require you to be on the Internet or connected to data, so you don't need phone service to sign in. Additionally, because the app stops running as soon as you close it, it won't drain your battery.

Why does the Microsoft Authenticator app allow you to approve a request without unlocking the device?

You don't have to unlock your device to approve verification requests because all you need to prove is that you have your phone with you. Two-step verification requires proving two things – a thing you know, and a thing you have. The thing you know is your password. The thing you have is your phone (set up with the Microsoft Authenticator app and registered as an MFA proof.) Therefore, having the phone and approving the request meets the criteria for the second factor of authentication.
What happens if I lose cell phone coverage in a certain area?

If you have chosen to use the authenticator app for verification, you will not be affected. If you have chosen a phone call as your verification, you can change your account to point to an alternate phone number, such as a land line, by selecting the Change Phone Number option in your MFA Account by going here.

What happens if I lose my phone or change my number?

Select the Change Phone Number option in your MFA Account by going here and enter a new phone number. However, you need to have set up an alternate verification method when first registering for MFA to do this. If you did not set up an alternate method, contact your local IT support staff for assistance.

I lost my device or moved on to a new device. How do I make sure notifications don't continue to go to my old device?

Adding the Microsoft Authenticator app to your new device won't automatically remove the app from your old device. Even deleting the app from your old device isn't enough. To ensure notifications do not continue to your old device, go to https://aka.ms/mfasetup and at the bottom of the page it lists the Authenticator app and the device it is synched with. Press the “Delete” button to delete the synchronization with the old device. Now you may setup synchronization with your new device.

I only get notifications when the app is open. If the app is closed, I don't get notifications.

• If you're getting notifications, but not an alert, even with your ringer on, you should check your app settings. Make sure the app is turned on to use sound or to vibrate for notifications. If you don't get notifications at all, you should check the following:
• Is your phone in Do Not Disturb or Quiet mode? These modes can prevent apps from sending notifications.
• Can you get notifications from other apps? If not, it could be a problem with the network connections on your phone, or the notifications channel from Android or Apple. You can try to resolve your network connections through your phone settings, but you might need to talk to your service provider to help with the Android or Apple notifications channel.
• Can you get notifications for some accounts on the app, but not others? If yes, remove the problematic account from your app, add it again allowing notifications, and see if that fixes the problem.

If you tried all these steps and are still having issues, please contact your local IT support staff.

What data does the Authenticator store on my behalf and how can I delete it?

• The Microsoft Authenticator app collects three types of information:
  Account info you provide when you add your account. This data can be removed by removing your account.
• Diagnostic log data, which resides only in the app until you choose to Send Logs to Microsoft through the app's Help menu. These log files contain personal data, like your email addresses (such as, Name@Spcollege.edu), server/IP addresses, and device data (such as, device name and operating system version), with the personal data limited to info necessary to help troubleshoot app issues. You can view these log files in the app at any time to see the info being gathered. If you send the log files, the Authentication app engineers can use it to troubleshoot customer-reported issues.
• Non-personally identifiable usage data, such “started add account flow/successfully added account,” or “notification approved.” This data is an integral part of our engineering decisions and helps us determine what features are important to you, and where improvements need to be made in the form of updates to the apps. You, as an app user, see a notification of this data collection on first launch of the app, and are informed that it can be turned off on the app’s Settings page. You can enable or disable this setting at any time.

How do I remove an account from the app?

• iOS - From the main screen, select the menu button, then select Edit accounts. Tap the red icon next to the account name, and tap Remove Account.
• Windows Phone - From the main screen, select the menu button, then Edit accounts. Tap the X next to the account name.
• Android - From the main screen, select the menu button, then Edit accounts. Tap the X next to the account name.

Microsoft Online Support Documents

• Setting up your verification methods

• Managing your verification settings

• ​Managing your connected devices

• ​Setting up Microsoft Authenticator Mobile App

• ​Set up multi-factor authentication with a mobile device (YouTube)