Two-Factor Authentication

What is Two-Factor Authentication (2FA)?

Multi-factor authentication (MFA) is an extra layer of security to prevent cyber-criminals from gaining unauthorized access to your personal information as well as sensitive and confidential KSU resources and data.

Two-factor authentication (2FA) is a subset of multi-factor authentication that requires you to verify your identify a second time by providing something that you have (mobile phone, key fob, other device) in addition to your password (something you know). It helps to make certain that your account is being used by you by making it more difficult for cybercriminals to log into your KSU One account.

Why is KSU Moving to 2FA?

Higher education institutions are targets of cybercriminals due to technology resources and sensitive information. In order to protect these resources, there must be several layers of security in place. 2FA provides an additional layer of protection and assists in reducing the risk of unauthorized access.

Is enrolling in 2FA @KSU required?

Enrolling in 2FA became madatory 11/02/2020.

Want to Know More information about 2FA?

Inherence factors include biological traits that a user must have in order to log in. This includes a number of biometric items such as fingerprint scans, retina scans, facial or voice recognition.

This category includes items that a user must have in their possession in order to log in. This includes a mobile device, key fob, employee ID cards or one-time password tokens.

Once a second factor is introduced, it is more difficult for a hacker to steal a user’s password and something that they have in their possession.

Items that typically fall into this category are known to the user such as passwords, user names and PINs. However, passwords alone are not enough because users often use the same passwords or use passwords that are simple to determine. So entering two different passwords will not work.

Multi-factor authentication (MFA) provides additional layers of security because a user’s credentials must come from at least two of three different factors or categories. With two-factor authentication (2FA), only two credentials are required, but MFA can use any number of factors for credentials. Credentials will fall into the following categories: Something you know, something you have or something you are.

Installing 2FA by phone or mobile app

1. From the Kentucky State University Home Page, click email

Email icon

2. Enter your KSU email and password

Two-factor Sign In

Enter-Password

3. On the More information required screen, click Next

Step-02-More-Info-Required

4. Verify by one of the following methods:

Verifying via text message

1. Select Authentication Phone

2. Enter your phone number

3. Select Send me a code by text message

4. Click next

2FA-by-phone-text

5. Enter the six-digit verification code

6. Click Verify

verification-code-and-verify

7. Click Done, you will be prompted to verify via phone when logging into any of your KSU One Login accounts (E-mail, WIRED, Banner, Library)

2FA-phone-text-verification-success

Verifying via phone call

1. Select Authentication Phone

2. Enter your phone number

3. Select Call me

4. Click next

2FA-Call-Me

5. Answer the call, press the pound # sign

6. Click Verify

2FA-phone-call-verify

7. Click Done, you will be prompted to verify via phone when logging into any of your KSU One Login accounts (E-mail, WIRED, Banner, Library)

2FA-Phone-call-verify-success

Verifying by mobile app notification

1. On your mobile device, download the Microsoft Authenticator App from the App Store (iOS) or Google Play (Android)

app-store-iOS-Google

2. Select Mobile app

3. Select Receive notifications for verification

4. Click Set up

2FA-mobile-notify

5. On the Microsoft Authenticator App, select Add account

2FA-Mobile-add-account

6. Select Work or school account

2FA-mobile-work-or-school-account

7. Use your device’s camera to scan the QR code from the Configure mobile app screen

8. Click Next

2FA-QR

9. Return to the Additional security verification page, make sure you get the message that says your configuration was successful

10. Click Next.

2FA-mobile-configured

11. Click Approve on the notification you receive on your mobile device

2FA-Mobile-app-Approve

12. On your mobile device, enter your mobile phone number when prompted

13. Click Next

14. Click Done, you will be prompted to verify via Microsoft Authentication App when logging into any of your KSU One Login accounts (E-mail, WIRED, Banner, Library)

2FA-Mobile-app-done

Verifying by mobile app verification code

1. On your mobile device, download the Microsoft Authenticator App from the App Store (iOS) or Google Play (Android)

app-store-iOS-Google

2. Select Mobile app

3. Select Use verification code

4. Click Set up

2FA-Verify-code

5. On the Microsoft Authenticator App, select Add account

 

2FA-Mobile-add-account

6. Select Work or school account

2FA-mobile-work-or-school-account

7. Use your device’s camera to scan the QR code from the Configure mobile app screen

8. Click Next

2FA-QR

9. Return to the Additional security verification page, make sure you get the message that says your configuration was successful

10. Click Next.

2FA-Mobile-Verify-Code-Setup

11. Copy the six-digit Verification code from the Microsoft Authenticator app to the verification code box on the Additional security verification screen

12. Click Verify

2FA-Enter-Verification-Code-Mobile

12. On your mobile device, enter your mobile phone number when prompted

13. Click Next

14. Click Done, you will be prompted to verify code via Microsoft Authentication App when logging into any of your KSU One Login accounts (E-mail, WIRED, Banner, Library)

2FA-Mobile-app-done

Change your phone number or authentication email for two-factor authentication (2FA)


Click here if you are changing the phone number and verification email you use for 2FA.

NOTE: This change must be completed prior to de-activating the old phone number or email.