For more details on the implementation of Microsoft MFA, please see this intranet page: https://intranet.columbiabasin.edu/resources/general-resources/technology-services/index.html
Once MFA is enabled on your CBC Microsoft account, here's what to expect the first time you sign in.
Existing Employees With Phone Numbers or Alternate Emails
If you have previously configured a phone number or an alternate email, you'll be prompted to verify your identity by either having Microsoft call, text, email or use an app and providing a verification code:
If you're on a private device, you can check "Don't ask again for 60 days" to not be prompted again for 60 days. Note that you will still be prompted if you sign in from a new device or location.
If you would like to add, delete or change your authentication methods, sign in at https://aka.ms/mfasetup. To change, click "Change" next to the method you'd like to change and follow the prompts to update it. To add, click "Add sign-in method", then choose one of the available sign-in methods:
Follow on-screen prompts to configure your chosen authentication method.
Options Available:
- Hardware/FIDO2 token like a YubiKey
- Cell phone number if not already added
- Office phone number if not already added, and Technology Services can assist with the office number being used by multiple staff members in a department.
- Passkey using Microsoft Authenticator App - uses the Microsoft Authenticator app to use the phone's biometric verification acting as a software version of a YubiKey. To use this option, must login on your cell phone to the options page, and when selected will add it into the Microsoft Authenticator app as an option.
- Microsoft Authenticator- If you select this option, it will allow you to use a third party authenticator app as well if you don't want to install the Microsoft Authenticator App like Google Authenticator or OKTA Verify app towards the bottom of the activation steps page.
New or Existing Employees Who Haven't Added a Phone Number or Alternate Email
If you're a new employee who just got their account or you've never added a phone number/email to your account, you'll be prompted to do so when you sign in:
Click Next and you'll be prompted to enter a phone number. Check "Receive a code" if it's a cell phone or check "Call me" if it's not a cell phone or you prefer to verify via a phone call.
If you prefer to use a different authentication method, click "I want to set up a different method" and choose one the methods available:
Follow the prompts to configure and verify your chosen authentication method.
Setting up YubiKey for use in MFA
To use a YubiKey, select the "Add sign-in method" that is above to get the options menu.
1. Select Security key
2. It will prompt you to insert in your YubiKey and will prompt when to tap. Windows 11 requires you to also enter in your YubiKey pin or create a pin, and is a 6 digit number. If you don't remember an existing pin, please stop by Technology Services for us to assist.
Setting up Microsoft Authenticator App for use in MFA (Also for third-party MFA code apps like Okta or Google Authenticator)
Please see this article for steps on how to download and setup Microsoft's Authenticator App or use a third party MFA app for use in this MFA process: How to Download and Set Up Microsoft Authenticator for MFA
Additional Help
If you run into any issues or require additional help, please contact us at tshelp@columbiabasin.edu or call 509-542-5553