2 factor authentication FAQs
- Where can I get a mobile authenticator app?
- Where can I get a FIDO U2F Security Key?
- Can I turn off 2 Factor Authentication once I have turned it on?
- How do I recover from losing my mobile authenticator app, backup codes, or security key?
- What 2 factor authentication method do you recommend?
- Can I use myuser.nmu.edu/recover with 2 Factor Authentication on and I don't have a way to verify the second factor?
- How can I tell which type of code is required for the 2 Factor Authentication if I have enabled the authenticator app and backup codes?
- What happens once I run out of backup codes if that is the only 2 Factor option I am using?
- What happens if my Google Authenticator stops working?
Where can I get a mobile authenticator app?
- Google Authenticator App
- Available in the iOS App Store and the Android PlaY Store.
- Passwords App built into most aPPLE devices (iOS/iPadOS 18+).
- Exclusive to iOS, iPadOS, and MacOS.
- Pre-installed on your phone, and is typically stored in iCloud so it can be accessed easily if you get a new phone and set it up with the same Apple/iCloud account.
- Microsoft Authenticator App
- Available from the iOS App Store and the Android Play Store.
Where can I get a FIDO U2F Security Key (Physical Security Key)
Check out these links, and search for "FIDO U2F Security Key":
Can I turn off 2 Factor Authentication once I have turned it on?
- All of the methods have options to remove them.
- Go to MyUser, locate the security tab, 2FA Options (the first option top the page), and you can add/remove any option at any time by clicking their respective Add/Remove buttons.
- See this page for more information for disabling 2FA: Disabling 2FA.
How do I recover from losing my mobile authenticator app (new phone), backup codes, or security key?
- If you need to change the settings and the normal 2 factor authentication login process is no longer available to you, the recovery process at myuser.nmu.edu/recover can be used to change your password and update your 2 factor authentication settings. It does not “use” 2 factor verification, and you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process.
- Once you have changed your password, stay logged into myuser.nmu.edu and click on the Security tab. There you can update or modify your 2fa options.
- We recommend you enable at least 2 of the 2 factor authentication methods, generally the smart phone app is most convenient, and generate a new set of backup codes once you have used the 9th one in your current list. This way you always have more than one backup code available to you.
- With any of the 2 factor authentication (sometimes referred to as 2FA or TFA) options, you should then use it to “trust” a number of computer browsers.
- You “trust” a device by selecting “Remember this computer for 30 days” option when you use the authenticator app.
- You should never select the Remember/trust option on someone else's device that you are only using for a one-time login.
- If you own or have “secure” access to multiple computer devices then you should trust more than one device.
Can I use myuser.nmu.edu/recover with 2 Factor Authentication on, and I don't have a way to verify the second factor?
- The recovery process started at myuser.nmu.edu/recover does not “use” 2 step verification, and you will not be prompted for 2 factor authentication when you go to myuser.nmu.edu/user to complete the recovery process.
- The https://myuser.nmu.edu/recover process does allow you to select Mobile Authentication app as a method of proving your identity, but it does supply you with a temporary password recovery code which you use at https://myuser.nmu.edu/user.
- Follow this link for our documentation on password resets: Password Recovery Instructions.
- Temporary passwords codes can also be supplied by the helpdesk staff (upon photo ID verification) & will also not require 2FA to get you into your Account Management settings to disable/re-enable 2FA.
How can I tell which type of code is required for the 2 Factor Authentication if I have enabled the authenticator app and backup codes?
- You can use either one when prompted for a code.
- The “Use a different method” option may list the options separately if you have enabled both, but you can actually use either source in the Enter Code field.
What happens once I run out of backup codes if that is the only 2 Factor option I am using?
- It is highly recommended that you do not rely on backup codes as your main source of 2FA.
- They are meant to be a backup for when the other options are unavailable.
- If you have trusted a browser (a browser where you have signed into recently) you have 30 days (or less) to login from that browser/device and generate a new list of backup codes before it prompts you to use a code again after you have run out.
- We recommend after using up 9 codes that your next action should be to generate a new list at https://myuser.nmu.edu/user from the Security tab, and two factor options.
- Otherwise, you will need to use the recover option to change your password and access your account settings.
What happens if Google Authenticator stops working?
- It quite possibly is out of sync with the correct time. The following website has instructions for Android and iPhone: my two factor codes aren't working.
See also: Setting Up 2 Factor Authentication