Multi-Factor Authentication (MFA) for Office 365

Enrolling in MFA takes about 10 minutes and helps keep you and ECU secure.

MFA is another layer of protection for your most vital accounts. You may already be using MFA with your bank or other personal account. Once you activate MFA for Office 365, when off campus, you will be required to log in with both your ECU passphrase and an additional security measure, such as a code delivered via text, phone call or mobile app.

Why is MFA important?

  • Account compromise has been reduced by 97% since student MFA adoption.
  • A passphrase can meet complexity but still be vulnerable. See these passphrase creation tips to create a more complex, secure passphrase.
  • Easily-guessed answers to security questions can lead to account compromise.
  • Compromised accounts could be used to send phishing emails, which leads to compromised data and personal information.

Get Started

You will need your computer, mobile device and access to the Internet to complete this process. Setup can be completed from a computer on or off campus.

Faculty and Staff Options
Select one of the following options:

  1. Text message
  2. Phone call
  3. Mobile app

 

Student Options
New students should visit the first log-in page. If you have previously configured MFA and would like to adjust your notification settings, select one of the following options:

  1. Text message
  2. Phone call
  3. Mobile app

App Passwords

You will need to generate a separate app password for each Microsoft service or device that you use that doesn’t support two-step verification. Following is a list of commonly used apps or services, which will require app passwords:

  • Email apps on an iOS, Android or BlackBerry devices
    • Outlook email app on iPhone
    • Email app on Android
    • Outlook email app on Blackberry

Generate App Passwords


The first time you log in from off campus, you may be prompted to “trust your computer.” You will not be prompted to authenticate for 60 days.

 MFA Options Explained
Text MessageAfter signing in to Office 365 using your PirateID and passphrase, Microsoft texts a 6-digit code to your mobile phone. Enter the code to verify your identity. Carrier text messaging rates apply.
Phone CallAfter signing in to Office 365 using your PirateID and passphrase, Microsoft calls your phone. Select the pound (#) key to verify your identity.
Do NOT use your office phone because MFA is only required for accessing Office 365 from off campus.
Mobile AppDownload the Microsoft Authenticator app to your mobile device. After signing in to Office 365 using your PirateID and passphrase, either select verify in the app or use the one-time password to verify your identity.
Standard message and data charges from your carrier may apply. The mobile app is recommended for international travel.

Lost or Stolen Devices

If your trusted computer is lost or stolen, restore MFA to the device. This prevents an unauthorized user from accessing your Office 365 account. See the Trust a Device and Reset MFA instructions.