Multi-Factor Authentication (MFA)

If you do not set up MFA, you will not be able to access key services including your email, Office 365 applications, Merced College Portal, Zoom, Canvas, and others.

MFA is a mandatory security measure implemented by Merced College to protect both personal and institutional data.

To register for MFA, you will need to install two applications on your Smartphone (Android or iOS) or Tablet:

1. Microsoft Authenticator – This app is used for securing your email and Office 365 applications.
2. Okta Verify – This app is necessary for Self-Service Password Reset, accessing Zoom, Canvas, and other college-provided services.

No, because Microsoft Authenticator and Okta Verify are designed to work with specific services. Microsoft Authenticator secures Microsoft-related services, and Okta Verify is used for a broader range of Merced College services.

Certainly, for those without a smartphone, engaging in Multi-Factor Authentication (MFA) is accessible via a FIDO2 security key, eliminating the need for a smartphone. Faculty and Staff looking to utilize a FIDO2 security key must complete the Employee Alternate Multi-Factor Authentication Request Form and secure approval from their supervisor. Students interested in alternative MFA options, they have the option to purchase their own FIDO2 security keys. ITS stands ready to assist in the setup, ensuring all users can securely access their accounts.

Information Technology Services (ITS) emphasizes that it will never ask for your passwords in this or any process.

If you lose your phone/FIDO2 security key, get a new phone, or accidentally uninstall the authentication application, students will need to contact the help desk at myhelp@mccd.edu and staff will need to contact the help desk at helpdesk@mccd.edu. It’s important to act promptly to ensure your account remains secure and accessible.

You can purchase a security key if you do not have a smartphone to set up MFA. The price of a FIDO2 Security Key typically ranges from $15 to $50. This cost variance largely depends on the specific features each key offers. Features like biometric authentication, which allows for fingerprint recognition, and NFC (Near Field Communication) capability, enabling wireless communication between your security key and other devices, can contribute to a higher price. Additional attributes, such as water resistance or a more durable design, may also affect the cost. When deciding on a security key, consider which features align best with your needs to ensure you’re getting both the security and functionality you require.

• A basic FIDO2 key primarily serves as a security device used for authentication by proving possession of the key without revealing sensitive information. These keys typically connect to devices via USB and are used to authenticate access through protocols supported by FIDO standards, such as Universal 2nd Factor (U2F) or Web Authentication (WebAuthn). User interaction is required, such as pressing a button on the key, to complete authentication. This action confirms that the user is physically present, adding an additional layer of security.

• NFC-capable FIDO2 keys offer the same functionalities as basic FIDO2 keys but also include Near Field Communication (NFC) technology. This feature allows the key to communicate wirelessly with devices that support NFC, providing a more convenient authentication method by enabling the user to simply bring the key near an NFC-enabled device to verify their presence without needing a physical USB connection. This can be especially useful for mobile devices and other portable technology.

Yes, definitely! You are free to set up both the authentication app and the security key and choose whichever you prefer, especially if you are purchasing and using your own key.

Yes, once MFA is set up, you’ll be prompted for a second form of verification after entering your username and password. This extra step is a crucial security measure, though it may slightly extend your login process.

Yes, MFA can be configured across several personal devices. It’s critical to only register personal devices under your control for MFA to prevent unauthorized access. Should you need assistance setting up MFA on a new device, contact the help desk at myhelp@mccd.edu for students or helpdesk@mccd.edu for staff, managers and faculty.

If your receive an MFA prompt unexpectedly, without trying to log in, this could signal an unauthorized attempt to access your account. DO NOT APPROVE THE PROMPT. Instead, immediately change your password and contact the help desk at helpdesk@mccd.edu to report the incident and ensure your account security.

In classrooms or labs where, multiple users access the same computer, MFA ensures secure, individual access by requiring each user to authenticate with their unique credentials and chosen MFA method for services. After using these shared computers, users must log out of their sessions and any accessed services to maintain security. This practice prevents unauthorized access to personal accounts and data, safeguarding each user’s information in a shared environment.

Okta Verify and Microsoft Authenticator allow you to generate One-Time Passwords (OTPs) for MFA without an internet connection. However, remember that accessing services like email, Office 365, Zoom, and the Merced College Portal still requires an internet connection.

No, we do not recommend this method.