ITS Online»Pennkey & Lawkey

Setting Up Multi-factor Authentication (MFA) on your LawKey (Office 365) Account

All LawKey (Office 365) accounts require multi-factor authentication (MFA). With multi-factor authentication, your data is protected even if your LawKey password is compromised. This additional security will not only protect your data, it will allow us to offer additional services for students including Microsoft Teams and OneDrive.

Please setup two or more sign-in methods, with your primary method being the Microsoft Authenticator app (download available for iOS and Android devices). In particular, you should have multiple methods setup that are not all reliant on the same mobile device. In the event that you don’t have access to that particular mobile device (broken phone, new phone, etc.), you will still have a way to login to your account.

With MFA enabled, you will not be able to access your Office 365 email account through legacy applications or applications that don’t support additional verification. This includes Office 2010, Apple Mail before iOS 11, and sending email from Gmail. For the best experience, ITS strongly recommends using Outlook, Outlook on the Web, and Outlook apps for both Android/iOS when using Office 365 with MFA.

Locked out?
See instructions on what to do if you get a new phone. If you are still unable to access your account, please submit an MFA reset request.

Configuring the Microsoft Authenticator App

The Microsoft Authenticator app is the easiest verification method to use. Once the app is installed on your mobile phone, it’s just one tap instead of typing in a 6-digit code. And if you travel, you won’t incur roaming fees when you use it. Walk through the steps below to set up the Microsoft Authenticator app as your primary verification method.

On your phone, download the “Microsoft Authenticator” app (which is available for free for iOS and Android devices).
Then, on a device other than your phone, navigate to the MFA/SSPR settings page. You’ll be prompted to authenticate with your LawKey.
Choose “+ Add Method” at the top of the page. Choose “Authenticator App” from the drop-down menu to begin the steps below.
On your phone, install the Microsoft Authenticator app.
Set up your account.
Using the Microsoft Authenticator App on your phone, scan the QR code that is provided on the device used to access the MFA/SSPR settings page.
A test notification will be sent to your phone. Approve the notification and then click “Next”.
Once you’ve completed the above steps, click “Done” and confirm that your Default sign-in method is “Microsoft Authenticator - notification” at the following screen (click “Change” if this is not done so automatically).

Configuring Additional Sign-In Methods (Phone Text/Call)

Now that you have your primary sign-in method configured, you will need to set up additional sign-in methods to use, in case your primary method is unavailable.

Please setup both phone and external email address as alternate sign-in methods. By setting up an external email, you will still be able to login and access your account/settings in the event that you don’t have access to your phone or get a new phone/device.

To setup additional options, go to https://mysignins.microsoft.com/security-info

As an example, below are some screenshots walking through setting up text messages on your phone as an additional sign-in method (+Add method).

The Microsoft Authenticator app and phone sign-in methods are the two methods that can be used for Multi-Factor Authentication. You can also use these methods for resetting your password.

There are two additional methods in addition to the ones above that can also be used as verification for resetting your password. These include security questions and email.

Once you have configured all of your desired sign-in and verification methods, the “Security Info” section of your account settings here should resemble the screenshot below.