2 factor authentication FAQs

Where can I get a mobile authenticator app?

Where can I get a FIDO U2F Security Key?

Can I turn off 2 Factor Authentication once I have turned it on?

All of the methods have options to remove them.

How do I recover from losing my mobile authenticator app (new phone), backup codes, or security key?

If you need to change the settings and the normal 2 factor authentication login process is no longer available to you, the recovery process at myuser.nmu.edu/recover can be used to change your password and update your 2 factor authentication settings. It does not “use” 2 factor verification, and you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process.

Once you have changed your password, stay logged into myuser.nmu.edu and click on the Security tab. There you can update or modify your 2fa options.

What 2 factor authentication method do you recommend?
 
We recommend you enable at least 2 of the 2 factor authentication methods, generally the smart phone app is most convenient, and generate a new set of backup codes once you have used the 9th one in your current list. This way you always have more than one backup code available to you.

With any of the 2 factor authentication (sometimes referred to as 2FA or TFA) options, you should then use it to “trust” a number of computer browsers. You “trust” a device by selecting “Remember this computer for 30 days” option when you use the authenticator app. You should never select the Remember/trust option on someone else's device that you are only using for a one-time login. If you own or have “secure” access to multiple computer devices then you should trust more than one device. If you trust more than one device trust them on different days so if you can't login into one device the other device will still work for you. If you have trusted a device/browser then you have the remainder of the 30 day period to login and alter your 2 step verification.

Can I use myuser.nmu.edu/recover with 2 Factor Authentication on, and I don't have a way to verify the second factor?

The recovery process started at myuser.nmu.edu/recover does not “use” 2 step verification, you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process. The myuser.nmu.edu/recover process does allow you to select Mobile Authentication app as a method of proving your identity, but it then supplies you with a temporary password recovery code which you use at myuser.nmu.edu/user. Temporary password recovery codes which can also be supplied by the helpdesk staff will never invoke 2 factor authentication.

How can I tell which type of code is required for the 2 Factor Authentication if I have enabled the authenticator app and backup codes?

You can use either one. The “Use a different method” option may list the options separately if you have enabled both, but you can actually use either source in the Enter Code field.

What happens once I run out of backup codes if that is the only 2 Factor option I am using?

Again if you have trusted a device, (and you should) you have 30 days (or less) to login from that browser/device and generate a new list of backup codes. We recommend after using up 9 codes that your next action should be to generate a new list at https://myuser.nmu.edu/user.

Otherwise, you will need to use the recover option to change your password as described above.

What happens if Google Authenticator stops working?

It quite possibly is out of sync with the correct time. The following website has instructions for Android and iPhone: my two factor codes aren't working

 

See also: Setting Up 2 Factor Authentication

 

Rate this Article: 
No votes yet
Keywords: 
2 factor
authentication
verification
security
myuser
Documentation Category: 
Accounts/Network Access
User Accounts
Services
MyNMU
MyUser
Virus/Security