Skip to content
Contact USI

What is Multifactor Authentication? 

Multifactor Authentication (MFA) is an authentication mechanism used in addition to your username and password in order to verify your identity.  This added layer of security keeps your account and personal information safer and should be used whenever possible.  Even if hackers discover your password, they won't be able to access your account without completing the second authentication.

How do I enroll?

Your MFA verification device is not your computer, but another device that you have with you, such as your smartphone.  It is easy to get set up with MFA.  First, IT will enable MFA on your account.  Once that is done, on your next logon to myUSI you will be prompted to setup MFA. USI has selected Okta as a vendor to provide this service, and all employee and student accounts are being configured to require multifactor authentication.

If you have a smartphone, the easiest way to use MFA is with the Okta Verify app that you can download from the Apple or Android store.  If you don’t have a smartphone or prefer not to download an app, you can configure MFA to send you a text message, or you can configure it to call your phone.  Once you have this setup, we recommend that you configure a second option as well so that you have more than one way to satisfy the MFA requirement.  

If a cell phone is not an option for your multifactor device, you can purchase a USB security key, which looks like a small flash drive. Please visit this page for more information on the USB security keys.

Set Up Multifactor Authentication

Multifactor Frequently Asked Questions

If you forget your device or if it stops working, you can request an MFA bypass for the day. Contact the IT Help Desk at 812-465-1080, or use the self-service bypass MFA form. If calling the Help Desk, you will be required to verify your identity, and then your account will be configured to not require MFA until the next business day.  Please note when setting this up it may take up to one hour to take effect, although it usually is much quicker. 

Once you have authenticated using MFA on a device or web browser, you should not be challenged again on that device or web browser during that day.

If you use multiple browsers such as Firefox, Chrome, and Edge, each one will prompt you for MFA.  Also, if you use incognito or in-Private-Browsing, you will be prompted during each session.

You may see an MFA pop-up on your phone when you are not working, or while you are working but not from your location.  If you don’t recognize it – don’t approve it!  It may mean a hacker has gotten your password and is trying to access your account. 

USI runs a number of services in the cloud, and some of these are hosted in Chicago.  If the pop-up coincides with when you are logging in to something you should be fine to approve it.  But if it doesn’t make sense – don’t approve it!

Once you have enrolled in MFA you can add or change your authentication options 

Yes, these will work with Okta.  However, using the Okta Verify app is simpler, so we recommend it.

Physical USB security keys are useful when you do not have a cell phone to use as your MFA device.  They also provide the highest security for logons and are the most difficult for a hacker to get past.  USB security keys have to be purchased, so we don’t anticipate most people will use them. However, in cases where you have no cell phone or the highest security is needed you can purchase a key and use it as your second factor device.

If you are configured with Okta Verify, you will need to re-enroll for MFA with your new phone.  Learn how do do this here or contact the IT Help Desk at 812-465-1080 for assistance in setting this up.