If you receive a call, text message, or a notification through an authenticator app asking you to approve a login attempt and you were not trying to login, do not approve and immediately hang up, then change your password immediately.
Introduction
Multi-factor authentication increases security for our company and decreases the likelihood of successful phishing attacks by adding an extra layer of protection during the login process.
In May of 2021 Xpress Global Systems began rolling out multi-factor authentication to better secure our network and prevent unauthorized use. Multi-factor authentication is a process in which a user is prompted during the sign-in process for an additional form of identification, such as entering a code from their mobile phone or acknowledging a text message or phone call to their office phone or cell phone.
Setting Up Multi-Factor Identification
Before you can take advantage of multi-factor authentication (often called MFA or 2-step verification), you need to set up your secondary authentication method. It sounds more complicated than it is and we will walk you through each step below. Once you have configured your MFA settings, the IT department needs to enable MFA for you. And that’s it. Let’s begin!
Video Instructions
Personalize and secure your login options
- Start by visiting https://aka.ms/mfasetup to configure additional methods of authenticating.
- Once you are at the setup screen using the link above, watch the two-minute video below that will walk you through each step. Note that the video below does not have sound. Written instructions for the same steps as in the video are available below.
You can click here to watch the video below in full screen.
The video above does not have sound. Click here to watch it in full screen.
You’re done!
Written instructions
These instructions are identical to the video directions. If watching a video is not your thing, then follow the instructions below.
Step 1: Personalize and secure your login options
- Start by visiting https://aka.ms/mfasetup to configure additional methods of authenticating.
- Under How should we contact you? in the dropdown, pick Office phone.
- Under Select your country/region dropdown, select United States (+1).
- Enter your office phone number without an extension (or your cell phone number if you prefer using your own cellphone*) May require personal mobile phone use for authentication
*Some features above may require you to use a mobile phone. XGS does not reimburse employees that choose to use their personal phone as a second factor for authentication.
- In the Method region, select how you would like our server to verify your identity.
- Click Next
- The system will now be calling your office phone (or cellphone if that is the choice you picked). Please make sure you answer and listen to the prompt (it will simply ask you to push # on your phone).
- After you answered the phone and pushed # you have completed all the steps.
Optional: If you want to use the Microsoft Authenticator app, you can follow the steps below on how to install and configure the app.
Sign in using the Microsoft Authenticator app notification on your mobile device
- When setting up authentication methods on https://aka.ms/MFASetup. On the drop-down menu, click “Mobile app”. Choose your preferred use (i.e. Receive notifications for verification or Use verification code). Click “Set up”
- Download the Microsoft Authenticator app from the Apple AppStore or Google Play store.
- In the app, add an account and choose “Work or school account”
- Sign in to your XGS account with your email address and password.
- Scan the QR code on the screen or manually enter the code and click “Next”
- Confirm your preferred method and click “Next”
- You will receive a message asking to respond via the verification app on your mobile phone.
- Select Approve from the approval notification sent to your mobile device.
- On your mobile phone, the Microsoft authenticator app will ask if you deny or approve sign-in. Tap “Approve”.
- For added security, you will be prompted for a phone number. Please enter your phone number and click “Next”
- Once the phone number is verified, you will receive an app password. You can copy this password and keep it in a secure location. Click “Next” a. This secure password can be used for specific applications that cannot use a phone to secure the account (i.e. Microsoft Outlook, Apple Mail, etc.…). This password will only work for these types of applications and will not work anywhere else.
Option 4 – Sign in using an authenticator app code on your mobile device
- Sign in to your account with your username and password.
- Open your authenticator app and type the randomly generated code for your account into the Enter code box.
PLEASE NOTE: It is important to have an alternate method of authentication configured so that if your default method is not working, you can click Sign in another way to try a different method.
*Some features above you may need to use a mobile phone. XGS does not reimburse employees that choose to use their personal phone as a second factor for authentication.
Frequently Asked Questions
-
When will I have to use Multi Factor Authentication?
It is expected that most XGS employees will not have to use multi-factor authentication frequently. In general, you will need to use multi-factor authentication when you are outside of the XGS network and one of the following is true:
- You are setting up a device for the first time.
- You are required to sign in again on the device.
- You have just changed your password and need to reauthenticate a device/app.
-
I just got a phone call on my mobile phone asking me to authenticate, but I wasn’t trying to log in. What should I do?
If you receive a call, text message, or a notification through an authenticator app asking you to approve a login attempt and you were not trying to login, you should change your password immediately.
If you choose the option to authenticate by receiving a phone call or by acknowledging a notification on an authenticator app, it is extremely important not to approve an authentication request unless you were just trying to login. Someone may have your password and be trying to login as you. If you approve the request, you have just given them access to your MS Office 365 account including all of your files and emails. -
Where can I learn more about multi-factor authentication?For more information on multi-factor authentication, please read the Microsoft article: What is: Multi-factor authentication.
-
How do I setup the Microsoft Authenticator App on my phone?
Please read the Microsoft Article Set up your Microsoft 365 sign-in for multi-factor authentication for additional information on setting up multifactor authentication.
-
How do I change my authentication method?
To change your authentication method, visit https://aka.ms/mysecurityinfo
-
Will I get a phone reimbursement from XGS if I use my personal cell phone for MFA?
Using your cell phone is probably the most convenient method to authenticate. Because using your cell phone is optional, XGS does not reimburse employees that choose to use their personal phone as a second factor for authentication. Alternatives are calling your office desk phone or using a hardware token. Request a hardware token by clicking here.
-
What is a hardware token?
The hardware token is a keychain device that will provide a 6-digit number for you to enter as your second form of authentication. The 6-digit number changes every 30 seconds.
