NOTE: Security keys are currently only compatible with the Chrome web browser.įor step by step instructions see: Using a Security Key for 2 factor authentication Backup Codes (Used as a backup to the other options)īackup codes come in sets of 10 that you generate at. Requires FIDO U2F Security Key device, typically a USB device, to be attached to the computer you are logging in from. Install the authenticator app BEFORE turning on this option for NMU Services.įor quick set-up instructions see: 2FA Quick Steps USB Security Key (Requires extra hardware) Google Authenticator works on Android and Apple iOS devices. Authy has versions for Android, Windows, Apple iOS, and Apple OSX devices. Authy and Google Authenticator are 2 authenticator apps that will work. Enabling this option will require that you enter a code generated by the authenticator app as a second factor during the login process.
Using a mobile authenticator app on your smartphone, tablet, or computer as a second factor during login. Authenticator App (Best for mobile devices - tablets or smartphones) There are 3 options for setting up 2 Factor Authentication for NMU services like MyNMU and MyUser an authenticator app, USB security key, and backup codes. The browser/device trust is managed through the use of browser cookies, so if you clear your browser's cookies then you remove any existing 30 day trust and cause the two factor authentication prompt to occur when you next login.ģ Options for Setting Up 2 Factor Authentication for NMU Services It's best if you don’t trust multiple devices on the same day so they don’t all expire at the same time. This will trust that device for 30 days and you will not be required to enter the additional 2 factor code on that device during the 30 day period. Do this on different days for each browser/device so they both don't reach the 30 day limit on the same day. Remember / Trust more than one browser/device by clicking the checkbox at the bottom left corner of the login prompt before logging in.Enable more than one 2 factor authentication method such as using both an Authenticator app and Backup Codes!.You can also click a checkbox at the login page to trust a device for 30 days so you can just use your username and password to log in on that device. You will login as usual with your username and password, then enter an additional code from either an Authenticator App, a Security Key, or a set of Backup Codes to verify that it is in fact you.
This additional form of authentication (sometimes referred to as 2FA or TFA) is completely independent from your username and password. You can also add a second layer of protection with "2 Factor Authentication" so even if somebody manages to steal your password, it is not enough to get into your account.