Microsoft Outlook Multi-Factor Authentication

Microsoft Multi-Factor Authentication

In recent months, there has been a surge in the number of external malicious parties attempting to gain unauthorized access to Mercy Accounts (Mercy Connect, Email etc.). If one of these external parties is potentially successful in gaining access to your University account, there are multitudes of risks where these parties can:

  • Gain access to University, student, employee, or other sensitive and/or confidential information
  • Pretend to be you and send emails from your account attempting to perform financial operations in your name
  • Use your email account to reset passwords to other systems and when the link to reset the password is received in your email account, they simply click the link and now have access to the additional system(s) or website(s)

To combat the above-mentioned risks and hopefully prevent this unauthorized access, the Office of Information Technology Services will be enabling Multi-Factor Authentication (MFA) in a phased approach for all Microsoft Outlook accounts over the coming months. All Student accounts have MFA turned on and enforced. 

If you have any questions or would like additional information, please contact the Help Desk at 914-674-7526 or see the FAQ’s below:

Frequently Asked Questions

  • Q: What is Multi Factor Authentication (MFA) or 2 Factor Authentication (2FA)?
    A: In recent years, there has been a massive increase in the number of websites losing personal data of their users. And as cybercrime gets more sophisticated, the old security systems are no match for modern threats and attacks. 

    MFA is an extra layer of security that will require you to enter a code from your phone in addition to your password every time you access your University Accounts. First, you will enter your username and password. Then, instead of immediately gaining access, you will be required to provide a 6-digit code from your mobile phone. To protect Mercy Students, University Community & Data, all University Accounts (including O365 email, Mercy Connect Portal, Blackboard and others will have MFA turned on and enforced.

  • Q: How do I configure MFA for my O365 email, Mercy Connect & Blackboard?
    A: In order to access your University accounts once MFA is turned on for your account, you will need your mobile phone handy. You can enable MFA on your mobile phone using SMS text messaging or by using the Microsoft Authenticator App. Please use the links below to set up MFA:
  • Option #1 (SMS messaging) - Click here
  • Option #2 (Microsoft Authenticator App) - Click here
  • Q: When will I need to use MFA?
    A: MFA will be required every time you access University systems including O365 email, Mercy Connect & Blackboard.
  • Q: Will I need to use MFA each time I login to access O365 email, Mercy Connect & Blackboard via a web browser?
    A: Yes, to protect you and University data, MFA will be required every time you access your O365 email, Mercy Connect or Blackboard.
  • Q: Will I need to use MFA each time I use my O365 email on my mobile phone’s email application?
    A: MFA be required when you initially configure your O365 email on your mobile phone. Once the code has been entered once during the initial configuration, it will no longer be required to access your email on your mobile phone except when you update your password.
  • Q: If I already have MFA enabled on my email account, do I need to take any action?
    A: Since you already have MFA authentication enabled, you do not need take any additional action.