Multi-Factor Authentication, or MFA, is a security measure that requires anyone off campus or not connected to the Lone Star College network to use a two-step process to prove their identity.

Multi-Factor Authentication is sometimes called two-factor authentication or two-step verification and is often abbreviated as MFA. No matter what you call it, MFA is a cybersecurity measure for an account that requires anyone signing in to prove their identity with more than just entering a password. ?It makes it twice as hard for criminals to access an online account.

How do I set up MFA on my LSC account?

Takes less than 5 minutes in most cases!

1. Go to LoneStar.edu/MFA-Setup and log in using your LSC email address and password.
    
2. Choose your preferred method of verification. The options are:
   Option 1 – Receive a Verification Code by Text message (Message and data rates may apply)
   Employees, if you use VPN to connect to the network when off-site, it is recommended that you do not choose text as your default verification option.
   Option 2 – Receive a Verification Code by Phone Call (Call rates may apply)
   Option 3 – Use the Microsoft Authenticator App on Your Mobile Phone
   Option 4 – Use a Different Authenticator App on Your Mobile Phone
   f you are already using Duo or another authenticator app for another institution, you can add your Lone Star College account to your existing authenticator app.
   
   If you do not want to use the Microsoft Authenticator app, click I want to set up a different method in the bottom left corner of the screen.
   
3. Complete the steps necessary to set up your preferred verification method.

Step-by-Step Instructions Are Available

For step-by-step instructions with screenshots, click the link below (if prompted, log into ServiceNow using your LSC credentials):

• Setting Up MFA for Verification via Text Message
  NOTE: Employees, if you use VPN to connect to the network when off-site, it is recommended that you do not choose text as your default verification option.
• Setting Up MFA for Verification via Phone Call
• Setting Up MFA for Verification via Microsoft Authenticator App
• Setting Up MFA for Verification via Alternate Authenticator App (e.g. Duo)
  NOTE: If you are already using Duo or another authenticator app for another institution, you can add your Lone Star College account to your existing authenticator app.
• Updating Your MFA Authentication Settings

To read more about MFA, review all of the step-by-step setup instructions, and review the FAQs, go to Setting Up Multi-Factor Authentication (MFA) on Your LSC Account.

En Español: Configurar la Autenticación Multi-Factor (MFA) en tu Cuenta de LSC
 

MFA FAQs

How does MFA work?

By adding one additional simple step when logging into an account, multi-factor authentication greatly increases the security of your account.

Here’s how it works. Just like logging into your account, the first step is giving your password or passphrase. The second step is to provide an extra way of proving that you’re you, like entering a PIN code or texting/emailing a code to your mobile device, or accessing an authenticator app.

Think of it this way -

Adding that extra verification step is like adding a keycode lock to your door.

Your password (step 1) is the key to the door  ?  it helps keep unwanted intruders out, but criminals may find ways around it. Time and time again we are seeing malicious actors figure out passwords and compromise accounts. It’s time for added protection!

Your MFA verification code (step 2) is the added keypad lock to the door  ?  a unique code makes it much more difficult for those unwanted intruders to get around. Lock them out of your account. Register and started using MFA today!

Once MFA is required and I have not set it up, what happens?

MFA was required for all employees and retirees at the end of April 2023 and all students at the end of June 2023.

If you access email via a browser (https://portal.office.com), you will be prompted to set up MFA and will not be able to access email when off-site or not connected to the network until you set it up.

If you access email via a client app (e.g. Outlook for android/IOS, Mail for iPhone, etc.), you will not receive a prompt to set it up. Instead, you will stop receiving email while off-site or not connected to the network until you set up MFA. Based on our pilot group findings, you will also need to log out and log back into the client app once you set it up.

NOTE: You should continue to receive email normally when on-site and connected to LSC network.
 

How often will I be asked to re-authenticate?

If you are using the same device, same network, same browser (no inPrivate/InCongnito) and the account is not suspected of being compromised, then the next prompt should be in 90 days. You will be prompted for a code again using the method you chose when you registered and enabled MFA.

If any of those change, then you will be prompted again before the 90-day mark. However, if you find that you are being prompted every time, there may be an external factor and OTS will need to investigate. At this time, we are aware of the following scenarios that will prompt every time if you:

1. Sign-out of your applications rather than closing the close browser windows without signing out (Not recommended on public devices), or
    
2. Clear your browser cache every time the browser is closed, orUsing InPrivate/Incognito mode, or Use different browsers, or
    
3. Your account is suspected of being compromised, or
    
4. You use Apple Private Relay (Apple paid subscription).
   NOTE: OTS is still investigating this one.

 

Which services will require authentication when I am trying to connect from home or when not on the network?

The services that will require authentication when you are not on the network include, but are not limited to:

• All Microsoft 365 Apps (Email, OneDrive, SharePoint, MS Teams)
• Adobe Creative Suite for Employees
• D2L Alternate Login
• LSC-Zoom and Webex
• ServiceNow
• LinkedIn Learning
• SafeColleges

If you need the full list, please contact OTS for the full list of services that will require authentication. Keep in mind, this tool is being implemented to increase security to our services. More services will continue to require MFA as we move forward to ensure they have enhanced security.
 

What if I already use an authenticator app for another school or employer? Can I use it for this?

Yes! If you are already using an authenticator app such as Duo or Trulioo for another institution you can use it for LSC. Add your Lone Star College account to your current app.

 

When I sign into the MFA setup site when on campus (connected to the network), it's prompting me to authenticate, even after I set up MFA. I thought I didn't have to get a code to sign in on campus. What's up?

The MFA setup site is an exception. For security reasons, the site needs to ensure that you are you before any changes can be made to your MFA options, so you will be prompted for a code anytime when accessing the MFA setup site whether you are on the network or not.
 

Do retirees need to set up MFA?

Yes. Since retirees have an LSC account, they are also required to set up MFA on their LSC account.