Phish-Resistant Number Matching Multi-Factor Authentication
NOTE: This does not become available to the Norwich Community until August 12th 2024.
We are excited to announce a significant upgrade to our Identity Security with the introduction of Phish-Resistant Number Matching Multi-Factor Authentication (MFA). Phish-Resistant Number Matching enhances security by requiring users to verify a unique number presented during the login process. This number must match the prompt on your authentication device, ensuring that only legitimate login attempts are approved.
Phish-Resistant Number Matching Multi-Factor Authentication is only available to those using the Microsoft Authenticator Application. Other authentication apps and Hardware tokens do not support this feature.
To check if you already have Phish-Resistant Number matching, you can start by trying to sign in, and if you are met with a notification like the one below on your mobile device, you are all set. To authenticate, type the numbers on your computer screen on your phone.
Adding Phish-Resistant Number Matching Multi-Factor Authentication Method:
If that push notification doesn't appear when logging in, let's add it. First, follow the steps in this article to navigate to your account security information so we can add the new method. Once that is complete, click on Add sign-in method, and then we will select the method Authenticator App and click Add.
From here, we will click Next in the web browser on your computer until we get to the screen with the QR Code and then switch to your mobile device. Open the Authenticator App and click the + in the top right-hand corner. Then click Work or School Account and Scan QR Code.
IMPORTANT NOTE: You may have to Enable Notifications for the Microsoft Authenticator Application in your mobile device's settings.
Scan the QR Code on the screen and click Next. Then, you will see a window like the one below with a random number. Type that number into the notification that appears on your mobile device. If everything worked, you should see that the Notification was Approved.
Setting Phish-Resistant Number Matching Multi-Factor Authentication as your default method:
Now that we have our new method set up, let's set that method as our default so that we will get the push notification to our mobile device every time we log in.
At the top of the security info screen in the web browser on your computer, you should see a line that says either Set Default Method or the word Change next to your current method:
Click the blue text on either, then make sure you have an App-based authentication method- notification. You are all set; each sign-in will prompt you for a number match.
