CUNY MFA Directions
Setting Up Microsoft MFA
CUNY requires Microsoft Multi-factor Authentication (MFA) when you log into your new CUNY email account and associated Microsoft 365 applications. Microsoft MFA is only used when accessing your new CUNY email account and Microsoft 365 applications-it is separate from the CUNY Login MFA used to access other applications like Brightspace and CUNYfirst.
The preferred authentication method is the Microsoft Authenticator app downloaded from the Apple App Store or Google Play. If you already have the Microsoft Authenticator app for use with CUNY Login MFA, you can also set it up for use with Microsoft MFA. You will just need to add a new account using the (+) sign on the top right corner of the Microsoft Authenticator app.
The following alternative authentication methods are available if you are unable to download and use the Microsoft Authenticator app:
- Entering a one-time passcode from a hardware token
- Receiving SMS text messages to your phone
- Responding to a telephone call to your phone
Important Reminders to Keep Your Information Safe
Multi-factor authentication is used by CUNY to help keep your information safe, but it only works if it is not shared with others.
Please remember the following:
- Never share your password or MFA passcode with anyone - Campus and CUNY IT will never ask for it.
- Do not respond to an MFA prompt if you did not initiate the login yourself.
- Do not click on links or open email attachments in suspicious or unexpected texts and emails.
- If you receive an email, text message, or phone call asking for your password, MFA passcode, or other sensitive information, treat it as a scam.
Recommended: Setting Up Microsoft MFA in Advance
To set up Microsoft MFA in advance of your student email transition:
- Open https://aka.ms/mysecurityinfo in a web browser.
- Enter your CUNY Login credentials to sign in to Microsoft 365.
The Security info page for your Microsoft 365 account is displayed. - Click + Add sign-in method.
The list of available factors is displayed. - Choose one of the following factors for Microsoft MFA:
- Microsoft Authenticator - if you have the Microsoft Authenticator app
- Hardware Token - if you have a hardware token that displays one-time passcodes
- Phone - if you cannot use Microsoft Authenticator and must receive an SMS text message or phone call instead (least secure)
- Follow the prompts to register your selected factor for use with Microsoft MFA.
After the transition to your CUNY email account, you will be prompted to respond to MFA prompts when logging into your email or accessing your Microsoft 365 applications.
Setting Up Microsoft MFA when first Accessing your New CUNY Email Account
If you did not set up Microsoft MFA before your email transition, you will see a "more information required" message after entering your CUNY Login credentials to access your new CUNY email account or Microsoft 365. See the following for information on setting up Microsoft MFA upon first login to your new CUNY email account or Microsoft 365 applications:
- If you have the Microsoft Authenticator app, see the Overview of Multi-factor Authentication video on YouTube
- For any supported authentication method (Microsoft Authenticator app, hardware token,
SMS text, or phone call), see either of the following:
- Set up your Microsoft 365 sign-in for multi-factor authentication on the Microsoft website
- Set up Security info from a sign-in page on the Microsoft website
For More Information, See
- FAQs for Microsoft Multi-factor Authentication in CUNY IT Help for information specific to the CUNY implementation of Microsoft Multi-factor Authentication
- How to add your accounts to Microsoft Authenticator on the Microsoft website to add your Microsoft 365 account to the Microsoft Authenticator app
- Set up SMS sign-in as a phone verification method on the Microsoft website
- Set up a phone call as your verification method on the Microsoft website
For Help
Please contact your campus help desk if you have problems setting up or using Microsoft MFA.