ITS Online»Pennkey & Lawkey»Setting up LawKey MFA

Setting Up Multi-factor Authentication (MFA) on your LawKey (Office 365) Account

All LawKey (Office 365) accounts require multi-factor authentication (MFA).  With multi-factor authentication, your data is protected even if your LawKey password is compromised. This additional security will not only protect your data, it will allow us to offer additional services for students including Microsoft Teams and OneDrive.

Please setup two or more sign-in methods, with your primary method being the Microsoft Authenticator app (download available for iOS and Android devices). In particular, you should have multiple methods setup that are not all reliant on the same mobile device. In the event that you don’t have access to that particular mobile device (broken phone, new phone, etc.), you will still have a way to login to your account. 

With MFA enabled, you will not be able to access your Office 365 email account through legacy applications or applications that don’t support additional verification. This includes Office 2010, Apple Mail before iOS 11, and sending email from Gmail. For the best experience, ITS strongly recommends using Outlook, Outlook on the Web, and Outlook apps for both Android/iOS when using Office 365 with MFA.

Locked out? 
See instructions on what to do if you get a new phone. If you are still unable to access your account, please submit an MFA reset request.


Configuring the Microsoft Authenticator App

The Microsoft Authenticator app is the easiest verification method to use. Once the app is installed on your mobile phone, it’s just one tap instead of typing in a 6-digit code. And if you travel, you won’t incur roaming fees when you use it. Walk through the steps below to set up the Microsoft Authenticator app as your primary verification method.

  1. On your phone, download the “Microsoft Authenticator” app (which is available for free for iOS and Android devices). 

  2. Then, on a device other than your phone, navigate to the Microsoft Security MFA/SSPR settings page. You’ll be prompted to authenticate with your LawKey.

  3. Choose “+ Add Method” at the top of the page. Choose “Authenticator App” from the drop-down menu to begin the steps below.

      sspr mfa security info
  4. On your phone, install the Microsoft Authenticator app. 

      mfa sspr get app
  5. Set up your account. 

    mfa sspr set up
  6. Using the Microsoft Authenticator App on your phone, scan the QR code that is provided on the device used to access the MFA/SSPR settings page.

    QR code
  7. A test notification will be sent to your phone. Approve the notification and then click “Next”.

    mfa sspr test
  8. Once you’ve completed the above steps, click “Done” and confirm that your Default sign-in method is “Microsoft Authenticator - notification” at the following screen (click “Change” if this is not done so automatically). 

    MFA/SSPR success
      MFA/SSPR security info screen


Configuring Additional Sign-In Methods (Phone Text/Call)

Now that you have your primary sign-in method configured, you will need to set up additional sign-in methods to use, in case your primary method is unavailable.

Please setup both phone and external email address as alternate sign-in methods. By setting up an external email, you will still be able to login and access your account/settings in the event that you don’t have access to your phone or get a new phone/device. 

To setup additional options, go to

As an example, below are some screenshots walking through setting up text messages on your phone as an additional sign-in method (+Add method).


  1. MFA/SSPR add phone
  2. MFA/SSPR phone number
  3. MFA/SSPR phone test code
  4. MFA/SSPR phone add success


The Microsoft Authenticator app and phone sign-in methods are the two methods that can be used for Multi-Factor Authentication. You can also use these methods for resetting your password.

There are two additional methods in addition to the ones above that can also be used as verification for resetting your password. These include security questions and email

Once you have configured all of your desired sign-in and verification methods, the “Security Info” section of your account settings here should resemble the screenshot below.


MFA/SSPR Security info details


We want to help. If you have questions, please contact ITS.

Online Chat:
Phone: (215) 898-2679

Thank you

Latest Tips

Screenshot showing protected version Copilot

Microsoft Copilot provides AI-powered web search, answers, content generation, and information summarization via your web browser


All student/alumni email addresses will transition from to over two year period