Also known as Multi-factor or Dual Factor Authentication, this technology requests a second form of verification when logging into an account. The key part is that the phone or hardware token is likely to be in your physical possession. Someone else might have your password (via a successful phishing scam, for instance), but they won’t likely have your phone, too, or that hardware token. Obviously, if you get an alert when you haven’t been trying to log in, go right away and change your password, too. But it’s good to know that an unauthorized user can’t get in without that second factor.
We are adding 2-Factor Authentication to the Application Portal to immediately protect you for your G Suite (Gmail, Drive, etc), Workday activities, the Canvas LMS and a number of other services all in one fell swoop. We consider your email just as important as your Workday activities, for instance. As we continue to add applications to the portal, it is critical to safeguard your account.
If you do not have a smartphone or tablet, SMS (text messaging) is a 2-Factor option. A hardware token called a Yubikey may be requested for faculty and staff. Students may purchase them independently.
If your smartphone is lost/stolen or broken, contact the Support Desk immediately at 484-664-3566. Upon verifying your identity, the Support Desk will generate a one time passcode for your account. Once you have access, you will need to revoke the existing factors on your account. We will issue a Yubikey on loan until you obtain a new device.
This means that someone else with your password is trying to access your account. Any unexpected notification to verify access to your account should be denied. You will want to change your Muhlenberg network password immediately. Next step, contact the Support Desk to report this occurrence and we will open an incident to look into this suspicious activity.
As long as you have installed the OneLogin Protect and/or Google Authenticator app on your device and registered your factor(s) your second factor(s) in the portal, you will be ready for access from any location.
OneLogin Mobile SMS is available to use as a second factor. Setting up an SMS is not as secure as using the OneLogin Protect App or Google Authenticator; we only recommend using this if your phone cannot support running the application due to an older OS or lack of memory.
You will need to add your mobile number to your OneLogin application portal profile first. After doing so, you register your mobile device for 2-Factor Authentication by selecting OneLogin SMS as a device. You will be sent a verification code via text to confirm this factor. Please note, charges may apply depending on your wireless plan. This is a standard text message.
In order to login with 2FA, you do not need internet or cell service. Simply go into the OneLogin Protect App, or Google Authenticator, and use the six digit passcode to enter into the application portal. When you are logging in, be sure to press on the “enter passcode” button to input the 6 digit code. Similarly, the hardware token does not need internet access; follow the directions here.