2 factor authentication FAQs

Where can I get a mobile authenticator app?

  • Google Authenticator App
    • Available in the iOS App Store and the Android PlaY Store.
  • Passwords App built into most aPPLE devices (iOS/iPadOS 18+).
    • Exclusive to iOS, iPadOS, and MacOS. 
    • Pre-installed on your phone, and is typically stored in iCloud so it can be accessed easily if you get a new phone and set it up with the same Apple/iCloud account.
  • Microsoft Authenticator App
    • Available from the iOS App Store and the Android Play Store.

Where can I get a FIDO U2F Security Key (Physical Security Key)

Check out these links, and search for "FIDO U2F Security Key":

Can I turn off 2 Factor Authentication once I have turned it on?

  • All of the methods have options to remove them.
    • Go to MyUser, locate the security tab, 2FA Options (the first option top the page), and you can add/remove any option at any time by clicking their respective Add/Remove buttons.
    • See this page for more information for disabling 2FA: Disabling 2FA.

How do I recover from losing my mobile authenticator app (new phone), backup codes, or security key?

  • If you need to change the settings and the normal 2 factor authentication login process is no longer available to you, the recovery process at myuser.nmu.edu/recover can be used to change your password and update your 2 factor authentication settings. It does not “use” 2 factor verification, and you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process.
  • Once you have changed your password, stay logged into myuser.nmu.edu and click on the Security tab. There you can update or modify your 2fa options.
What 2 factor authentication method do you recommend?
  • We recommend you enable at least 2 of the 2 factor authentication methods, generally the smart phone app is most convenient, and generate a new set of backup codes once you have used the 9th one in your current list. This way you always have more than one backup code available to you.
  • With any of the 2 factor authentication (sometimes referred to as 2FA or TFA) options, you should then use it to “trust” a number of computer browsers.
    • You “trust” a device by selecting “Remember this computer for 30 days” option when you use the authenticator app.
    • You should never select the Remember/trust option on someone else's device that you are only using for a one-time login.
    • If you own or have “secure” access to multiple computer devices then you should trust more than one device.

Can I use myuser.nmu.edu/recover with 2 Factor Authentication on, and I don't have a way to verify the second factor?

  • The recovery process started at myuser.nmu.edu/recover does not “use” 2 step verification, and you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process.
  • The https://myuser.nmu.edu/recover process does allow you to select Mobile Authentication app as a method of proving your identity, but it does supply you with a temporary password recovery code which you use at https://myuser.nmu.edu/user.
  • Temporary passwords codes can also be supplied by the helpdesk staff (upon photo ID verification) & will also not require 2FA to get you into your Account Management settings to disable/re-enable 2FA.

How can I tell which type of code is required for the 2 Factor Authentication if I have enabled the authenticator app and backup codes?

  • You can use either one when prompted for a code.
  • The “Use a different method” option may list the options separately if you have enabled both, but you can actually use either source in the Enter Code field.

What happens once I run out of backup codes if that is the only 2 Factor option I am using?

  • It is highly recommended that you do not rely on backup codes as your main source of 2FA.
    • They are meant to be a backup for when the other options are unavailable.
  • If you have trusted a browser (a browser where you have signed into recently) you have 30 days (or less) to login from that browser/device and generate a new list of backup codes before it prompts you to use a code again after you have run out.
  • We recommend after using up 9 codes that your next action should be to generate a new list at https://myuser.nmu.edu/user from the Security tab, and two factor options.
  • Otherwise, you will need to use the recover option to change your password and access your account settings.

What happens if Google Authenticator stops working?

See also: Setting Up 2 Factor Authentication

Rate this Article: 
No votes yet