MFA Questions

Yes! You will need to use the MS Authenticator app when you want to login to many of your EMU accounts. See the complete list here: Services Requiring MFA

The YubiKey will not work with Microsoft Authentication. It can be returned to the Helpdesk if you no longer need it.

You do not need it to access your EMU accounts. You may need it if you have used it for a personal account.

No, registering a device gives your device access to EMU services and doesn't allow EMU access to your device.

App Lock helps keep your one-time verification codes, app information, and app settings more secure. When App Lock is enabled, you’ll be asked to authenticate using your device PIN or biometric every time you open Authenticator. App Lock also helps ensure that you’re the only one who can approve notifications by prompting for your PIN or biometric any time you approve a sign-in notification. You can turn App Lock on or off on the Authenticator Settings page. By default, App Lock is turned on when you set up a PIN or biometric on your device.

The Authenticator app collects three types of information:

• Account info you provide when you add your account. After adding your account, depending on the features you enable for the account, your account data might sync down to the app. This data can be removed by removing your account.

• Diagnostic log data that stays only in the app until you Send feedback in the app's top menu to send logs to Microsoft. These logs can contain personal data such as email addresses, server addresses, or IP addresses. They also can contain device data such as device name and operating system version. Any personal data collected is limited to info needed to help troubleshoot app issues. You can browse these log files in the app at any time to see the info being gathered. If you send your log files, Authentication app engineers will use them only to troubleshoot customer-reported issues.

• Non-personally identifiable usage data, such "started add account flow/successfully added account," or "notification approved." This data is an integral part of our engineering decisions. Your usage helps us determine where we can improve the apps in ways that are important to you. You see a notification of this data collection when you use the app for the first time. It informs you that it can be turned off on the app's Settings page. You can turn this setting on or off at any time.

You might see a 30-second timer counting down next to your active verification code. This timer is so that you never sign in using the same code twice. Unlike a password, we don't want you to remember this number. The idea is that only someone with access to your phone knows your code.