2 factor authentication FAQs

Where can I get a mobile authenticator app?

Where can I get a FIDO U2F Security Key?

Can I turn off 2 Factor Authentication once I have turned it on?

All of the methods have options to remove them.

How do I recover from losing my mobile authenticator app, backup codes, or security key?

If you lose your Backup Codes or any of the other 2 factor authentication devices you should immediately go to myuser.nmu.edu/user and disable that method, or generate a new list of Backup Codes which will invalidate the old list. You can also change your password.

If you need to change the settings and the normal 2 factor authentication login process is no longer available to you the recovery process at myuser.nmu.edu/recover can be used to change your password and update your 2 factor authentication settings. It does not “use” 2 factor verification and you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process.

What 2 factor authentication method do you recommend?
 
We recommend you enable at least 2 of the 2 factor authentication methods and generate a new set of backup codes once you have used the 9th one in your current list. This way you always have more than one backup code available to you.
 

With any of the 2 factor authentication options, you should then use it to “trust” a number of computer browsers. You “trust” a device by selecting “Remember this computer for 30 days” option when you use the authenticator app. You should never select the Remember/trust option on someone else's device that you are only using for a one-time login. If you own or have “secure” access to multiple computer devices then you should trust more than one device. If you trust more than one device trust them on different days so if you can't login into one device the other device will still work for you. If you have trusted a device/browser then you have the remainder of the 30 day period to login and alter your 2 step verification.

Can I use myuser.nmu.edu/recover with 2 Factor Authentication on and I don't have a way to verify the second factor?

The recovery process started at myuser.nmu.edu/recover does not “use” 2 step verification, you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process. The myuser.nmu.edu/recover process does allow you to select Mobile Authentication app as a method of proving your identity, but it then supplies you with a temporary password recovery code which you use at myuser.nmu.edu/user. Temporary password recovery codes which can also be supplied by the helpdesk staff will never invoke 2 factor authentication.

How can I tell which type of code is required for the 2 Factor Authentication if I have enabled the authenticator app and backup codes?

You can use either one. The “Use a different method” option may lists the options separately if you have enabled both, but you can actually use either source in the Enter Code field.

What happens once I run out of backup codes if that is the only 2 Factor option I am using?

Again if you have trusted a device, (and you should) you have 30 days (or less) to login from that browser/device and generate a new list of backup codes. We recommend after using up 9 codes that your next action should be to generate a new list at https://myuser.nmu.edu/user.

 

See also: Setting Up 2 Factor Authentication

Rate this Article: 
No votes yet