SUNY Broome moves to MFA to further secure our Portal Logins.
Overview
Multi-Factor Authentication (MFA) is a technology that protects your accounts from being hacked, phished, brute-forced, or otherwise compromised. MFA combines something you know (your username and password) with something you have (your cell phone or email account) in order to protect logins to your account. SUNY Broome is again ahead of the curve when it comes to information systems and in this case, IT Security.
The current MFA roll out plan covers three (3) Tiers.
TIER 1 - Elevated Security Users - no Security Questions, no Trusted Device(s)
TIER 2 - Faculty & Staff - No Security Questions, Trust Device(s) allowed (trust lasts 30 days)
TIER 3 - Students - Security Questions allowed, Trusted Devices allowed (trust lasts 30 days)
Jump to changing your MFA settings
MFA Onboarding Guide
Let’s move through the “Onboarding” of the MFA system. This procedure only has to be done once and consists of these few steps.
Step 2: Enter your credentials
Login using your Campus/BCCNET username and password.
Step 3: Re-enter your password
A required step when going into this secured area. If you are seeing this screen after logging in, it means you haven’t onboarded with MFA yet and will be required to do so during the next steps.
Step 4: Set up your Account Recovery Settings
Select "Get Started" under "Account Recovery Settings" on the left tab.
Step 5: Fill out at least one recovery method
You can choose one, or all of them, but at least one second factor (email, phone) needs to be filled out besides your primary email, which is automatically set
Step 5.1a: Enter a secondary email address
Your sunybroome.edu email address is automatically entered as the Primary verified email address. If you do use a secondary email address, it is recommended that you secure that account with MFA as well. Enter in a secondary email address and select “Verify” to send a 7-digit code to your email address.
Step 5.1b: Enter your verification code
Enter in the 7-digit code that you received in your secondary email.
You will see a green check mark next to your email address once it’s successfully verified. The tab color will also turn green.
Step 5.2a: Enter your phone number
Enrolling your personal phone number is voluntary and is subject to your own phone rates. Select “verify” to send a 7-digit code to your phone via SMS text message.
Step 5.2b Enter your verification code
Enter in the 7-digit code that you received on your cell phone.
You will see a green check mark next to your phone number once it’s successfully verified. You can select update if you wish to change it to a different number.
Step 6: Login with MFA
The next time you Login to the MyCollege portal using your BCCNET credentials, now that you have onboarded, you should receive a prompt for “Additional Security Verification”. Select a verification option to continue.
Step 7: Enter your secure code sent to your second factor
The OTP timer is 59 (displayed at 38 seconds below) seconds and counts down to zero. This is only important if you need to SEND another key code. Each code will last 15 minutes before another key code is needed.
Success!
After entering your secure code, you will be logged into MyCollege.
After Onboarding you can go back into the MFA area by selecting the MyMFA under the MY APPS in the right side menu. You can update your MFA settings from “Account Recovery Settings”, view devices you’ve logged in from and un-trust devices from “My Devices” and even change your password.
Additional Information
Need additional information or assistance? Submit a ticket or call the ITS Help Desk.