For a better experience, click the Compatibility Mode icon above to turn off Compatibility Mode, which is only for viewing older websites.

Drexel Multi-Factor Authentication

Setup Tips

While Multi-Factor Authentication (MFA) works with multiple device types, we recommend using your smartphone for secondary authentication codes.

Supported Devices and Software

Instead of your device's built-in mail app, use the Outlook mobile app.

MFA on an Apple device is only supported on iOS version 11+ or macOS version 12. Once MFA is enabled on these devices, you will need to remove and re-add your account to be able to authenticate against the Office 365 servers:

Set Up Email in iOS Mail

Set Up Email in Outlook for Android

1. Register at least two methods

It is important to have at least two devices enrolled in MFA to prevent difficulty authenticating if there is a problem with your first method (i.e. you or your device deleted the Microsoft Authenticator App). For instance, if you have both your mobile phone and office phone enrolled, you can still authenticate from your office if you accidentally leave your mobile phone at home. If you delete the App but have your phone, you can still receive texted verification codes if you set up that secondary method.

2. Select a default device and authentication method

  1. Sign in to portal.office.com.
  2. Click on your user profile icon in the upper right corner.
  3. Click on My account.
  4. Click on Security & privacy.
  5. Click on Update your phone numbers used for account security.
  6. On what's your preferred option? Choose an option in the drop-down.
  7. On how would you like to respond?:
    1. Authenticator App (Recommended): This is where you can configure the Microsoft Authenticator app.
    2. Authentication phone: This can be a mobile device (that can accept calls or text) or landline phone.
  8. Click on Save when you are ready to save your changes.

3. Test devices once enrolled

If you enrolled a smartphone or tablet, you can test your device(s) to make sure that the enrollment has been successful.

  • Go to the portal.office.com site.
  • If the authentication is successful, then your enrollment has been completed properly for that device. Repeat the test authentication for each enrolled device.

For more information and Frequently-Asked Questions regarding Multi-Factor Authentication, see this FAQ on Microsoft's Web site.

Frequently-Asked Questions

What is MFA?

MFA is security method that ensures that only you can log into your account. It does this by requiring at least 2 methods of authentication – your password and another piece of information (Microsoft Authenticator App, Text message code or a phone call.)

How does it work?

You log into your account with your Drexel username and password.

You will then get a notification via the method you selected during set up (a mobile app verification, text, or phone call) to verify it is you logging into your account.

How often will I be prompted for multi-factor authentication?

Initially you will be prompted on all devices for each Microsoft Office application. Sometimes you can select “Don’t ask again for 60 days” or until you change your password.

What are the different methods I can setup?

 Method Process
Notes 
 Notify me via the App
 Uses Microsoft Authenticator app to push notifications
 Recommended option for default method. You only need to select "Approve"
 Use Verification code from the App
 Uses Microsoft Authenticator app to retrieve code
 Good option if you are traveling where you may not have cell service
 Text a code to my mobile phone
 Text message to mobile phone
 Text messages charges may apply
 Call my phone
 Automated phone message to selected phone
 Voice minutes may be used
 Call my alternative phone
 Set your office or home phone a backup method
 This can be a landline or secondary mobile phone

What if I do not receive the App notification, text message, or phone call?

When prompted to log in, there is a link to "Sign in another way". Depending on how you have set up MFA you can choose an alternative method you've setup:

  • Approve request or use a verification code from Microsoft Authenticator app
  • Receive a text message with a code
  • Phone call to your mobile phone (only available if you have added another number in MFA)
  • Phone call to an alternate phone (only available if you have added another number in MFA)

I was prompted for MFA while signing in to Drexel Connect, but I didn't receive a a verification code.

If you did not receive a verification code, then:

  1. If you are using your browser, DO NOT REFRESH the page and DO NOT PRESS THE "Back" BUTTON. Doing so might corrupt MFA. Wait a few minutes to see if verification comes through, or contact the IT Help Desk at 215.895.2020.
  2. If you are accessing Drexel Connect through an app, wait a few minutes or try refreshing the app.

What if I delete the Microsoft Authenticator App?

You will lose access to authentication codes sent there, and thus the App as an MFA method. If the App was your only method of MFA, you will not be able to access your MFA Drexel accounts until your MFA registration has been reset and set up again. To prevent getting locked out of your accounts, keep the App on your device and setup a second MFA method.

Note: Some devices have been set by users to delete unused/inactive apps after a select period of time. If your device is set up this way, turn off this setting to prevent deletion of the Microsoft Authenticator App, which might fall into the "unused" category if you checked the box for MFA to remember you for 60 days.

Can I use a different authenticator app?

The Microsoft Authenticator app is recommended and supported by Drexel IT. There are a variety of "authenticator" apps (e.g., Google Authenticator) that can work. The other apps do not provide the same functionality with Office 365.

How do I authenticate if I am traveling?

We recommend using the Microsoft Authenticator App if you travel or need to access your Drexel account while out of the country.

The app does a push notification (a pop up on your phone you approve to verify that it is you logging in). It also generates a code every 30 seconds if the push notification is not available. The code does not require you to be on the internet or connected to data, so you do not need phone service to sign in.

Is my device compatible?

Apple iOS - MS Outlook app recommended (requires iOS 11.0 or later), native Mail client (requires iOS 11.0 or later)*

Android - MS Outlook app recommended (requires Android 4.4 or later), native Mail client (depends on your manufacturer)

Windows - Outlook 2016 is the only Outlook version that supports Multi‐Factor Authentication. If you have a Drexel‐owned machine you can install it by going to Software Center. For personally owned devices, install the latest Office version (for free) by going to https://portal.office.com and sign in your Drexel account.

Apple - You must be running High Sierra or above in order to use Microsoft Outlook 2016 or the native Apple Mail client.

*If you had previously manually configured your Drexel account or has just upgraded to iOS 11.x, you will need to delete and re-add your Drexel account.

What is not compatible?

Apple iOS - Native Mail clients prior to iOS 11

Android - Some native Mail client (depends on your manufacturer), Nine

Windows - Outlook 2013 or earlier, Thunderbird

Apple - Office for Mac prior to 2016 version,  the native Apple Mail client with Sierra or earlier, Thunderbird

I have/updated to macOS Mojave, but I no longer receive new messages in Apple Mail.

After you update, or if you already have a supported OS, you may need to REMOVE your Drexel Account and re-add it in order to continue to retrieve messages. To remove the account, go to System Preferences > Internet Accounts > select the Drexel account and hit the minus sign ( ‐ ). Wait a few moments, click the plus (+) and select Exchange.

I checked the "Don't ask again for 60 days" box, but it doesn't remember.

The "Don't ask again" feature for Multi-Factor Authentication should remember your selection for 60 days, as long as you don't clear your browser cookies. However, some settings might interfere with this feature, and cause it to lose your selection (and thus prompt you for your second factor every time you sign in).

Private Browsing Modes

Are you using an Incognito Window (Chrome) or Private Window (Firefox)? These modes are designed to forget what you do while you’re browsing. Also, separate user profiles won't remember settings from other profiles.

Browser Privacy Settings

Your browser won't remember "Don't ask again" selections if your privacy settings are too strict. Note that the cookie comes from the site https://*.microsoftonline.com, so even if you allow cookies from "sites you've visited," it may be blocking this cookie.

Google Chrome:

  1. You should be able to "Open your Preferences," click the "Show Advanced Settings" link at bottom, look for the "Privacy" section, click the "Content Settings" button.
  2. The easiest option is to check "Allow local data to be set." However, if you would like a stricter privacy option, you can choose to add an exception for https://*.microsoftonline.com. Here's a Chrome article about cookies.

Mozilla Firefox:

  1. Go to "Preferences" > "Privacy."
  2. In the "Privacy" section, set it to "Firefox Will... Remember History," or if you want to "Use Custom Settings for History," make sure "Remember Cookies" is checked. Here's a Firefox help article about cookies.

macOS Safari:

  1. Go to Safari "Preferences" > "Privacy" and click "Always Allow." Note: Safari 12 for macOS 10.12 or later does not allow setting exceptions for third-party cookies.

Browser Extensions

Browser extensions you might be using can interfere with the “Don’t ask again” feature. You can temporarily disable an extension to see if that resolves the issue. Here are some we found that interfere:

  • VisualPing
  • Browser extensions that block cookies (such as ad blocking or privacy plugins)