Information Technology

Reminder: Students must enroll in Microsoft Multifactor Authentication by May 8

Most students must enroll before deadline to ensure a seamless transition and avoid disruptions signing into secure Penn State systems, services

Beginning May 8, most Penn State students will be required to use Microsoft Multifactor Authentication (MFA) to access secure University-affiliated sites and services such as Outlook email, Canvas and LionPATH. Credit: Pat Besong. All Rights Reserved.

UNIVERSITY PARK, Pa. — Beginning May 8, most Penn State students will be required to use Microsoft Multifactor Authentication (MFA) to log in via the Penn State sign-in process. Students who are not enrolled by their enrollment deadline will not be able to register for classes, retrieve grades or access any secure University-affiliated sites and services such as Outlook email, Canvas and LionPATH until they complete their enrollment.  

Students who are not enrolled by their deadline date will be prompted at the next time of their required authentication to enroll in Microsoft MFA. Once enrolled, they may continue the sign-in process.

Microsoft MFA is replacing Duo as Penn State’s identity verification system. Already, more than 50,000 students have enrolled in Microsoft MFA. Enrollment is easy and takes about 15 minutes. Students who have not enrolled should do so now at accounts.psu.edu/mfa to avoid login disruptions after their enrollment deadline.

The new Microsoft MFA authentication is different from the Duo authentication method, but its purpose and functionality remain the same. Although Microsoft MFA is the University’s primary authentication method moving forward, students should not uninstall Duo, as there may be some systems and services within the University that still require it. Some students also may be using Duo for other non-Penn State instances outside the University.  

As cyberattacks become an ever-increasing reality for higher education institutions, cybercriminals can get into a student’s account if they are able to guess the correct password, have tricked the student into sharing their password using a phishing email, or use a stolen password that has leaked on the internet. While passwords can be guessed, phished or stolen, only the actual account owner can provide the right response on their mobile device, tablet or landline at the right time through MFA.  

Step-by-step enrollment instructions are available on the Knowledge Base at MFA: Microsoft Authenticator Enrollment.  

Frequently asked questions are available on the Knowledge Base at MFA: Common and Frequently asked questions about Microsoft MFA

To learn more, visit MFA: Finding Help with Multifactor Authentication – Master List of Knowledge Base Articles.   

For help, contact the IT Service Desk via chat, submit a Get Help ticket, phone at 814-865-4357, or email at ITservicedesk@psu.edu.   

Last Updated May 2, 2023