MFA Onboarding Instructions for Faculty/Staff

SUNY Broome moves to MFA to further secure our Portal Logins. 

Multi-Factor Authentication (MFA) is a technology that protects your accounts from being hacked, phished, brute-forced, or otherwise compromised. MFA combines something you know (your username and password) with something you have (your cell phone or email account) in order to protect logins to your account.  SUNY Broome is again ahead of the curve when it comes to information systems and in this case, IT Security.

The current MFA roll out plan covers three (3) Tiers.

TIER 1 - Elevated Security Users - no Security Questions, no Trusted Device(s)

TIER 2 - Faculty & Staff - No Security Questions, Trust Device(s) allowed (trust lasts 30 days)

TIER 3 - Students - Security Questions allowed, Trusted Devices allowed (trust lasts 30 days)

Let’s move through the “Onboarding” of the MFA system.  This procedure only has to be done once and consists of these few steps.

  1. Go to MyCollege at  mycollege.sunybroome.edu
  2. Login using your Campus/BCCNET username and password.
    MyCollege Login Screen
  3. Re-enter your password. A required step when going into this secured area. If you are seeing this screen after logging in, it means you haven’t onboarded with MFA yet and will be required to do so during the next steps.
  4. Set up your Account Recovery Settings (use for MFA answers).  Select "Get Started" under "Account Recovery Settings" on the left tab.
  5. Fill out at least one recovery method. You can choose one, or all of them, but at least one second factor (email, phone) needs to be filled out besides your primary email, which is automatically set.
    • Enter a secondary email address. Your sunybroome.edu email address is automatically entered as the Primary verified email address. If you do use a secondary email address, it is recommended that you secure that account with MFA as well. Enter in a secondary email address and select “Verify” to send a 7-digit code to your email address.
    • Enter your verification code. Enter in the 7-digit code that you received in your secondary email.
    • You will see a green check mark next to your email address once it’s successfully verified.  The tab color will also turn green.
    • Enter your phone number. Enrolling your personal phone number is voluntary and is subject to your own phone rates. Select “verify” to send a 7-digit code to your phone via SMS text message.
    • Enter your verification code. Enter in the 7-digit code that you received on your cell phone.
    • You will see a green check mark next to your phone number once it’s successfully verified. You can select update if you wish to change it to a different number.
  6. Login with MFA. The NEXT time you Login to the MyCollege portal using your BCCNET credentials, now that you have onboarded, you should receive a prompt for “Additional Security Verification”. Select a verification option to continue.
  7. Enter your secure code sent to your second factor.

     

    Notes: The OTP timer is 59 (displayed at 38 seconds above) seconds and counts down to zero.  This is only important if you need to SEND another key code.  Each code will last 15 minutes before another key code is needed.
  8. [Optional] View or change your MyMFA settings. After Onboarding you can go back into the MFA area by selecting the MyMFA under the QuickLaunch. You can update your MFA settings from “Account Recovery Settings”, view devices you’ve logged in from and untrust devices from “My Devices” and even change your password 
     
Print Article

Details

Article ID: 10684
Created
Mon 4/29/24 3:41 PM
Modified
Mon 4/29/24 3:41 PM