Purdue email to require Microsoft Multi-Factor Authentication to enhance account security

ITaP is implementing Microsoft Multi-Factor Authentication (MFA) for faculty, staff, and students on the West Lafayette campus to help protect users’ personal information.  

Microsoft MFA protects users by requiring a second form of authentication, in addition to a password, when signing into Office 365 applications (including Outlook email). Options include using text messages, an audio phone call, or the Microsoft Authenticator App to authenticate.  

Users are encouraged to sign up for Microsoft MFA by clicking this link. At this time, registering a device for MFA is voluntary but strongly encouraged to protect your personal information. In January 2022 Microsoft MFA will be required for all West Lafayette faculty and staff; students will be added throughout the spring semester. Microsoft MFA will also be implemented on the campuses of Purdue Fort Wayne and Purdue Northwest; users there will receive more information from their local IT departments

Once users are registered, they will receive a notice when signing into Microsoft accounts that more information is required. Users will then be walked through the steps to register a device and set up MFA for their account.  

To learn more about Microsoft MFA, visit itap.purdue.edu/mfa. 

Frequently Asked Questions about Microsoft MFA:  

Q: Am I required to use Microsoft Multi-Factor Authentication? 

A: Currently, ITaP is requiring any users who experience a security breach of their email to use MFA to protect their account. The goal is for all faculty, staff, and students at the West Lafayette campus to be using MFA by the end of the spring semester. Registering for MFA now ensures you have continued access to your email and an added layer of protection from phishing attacks.  

Q: Will I still need to use BoilerKey? 

A: Purdue will continue to use BoilerKey two-factor authentication for access to most of the University’s technology applications. Microsoft MFA will be used to access Microsoft Office 365 applications found at portal.office.com, including Outlook, Teams and OneNote.  

Q: What if I do not have a smartphone? Can I still use MFA? 

A: Microsoft multi-factor authentication allows users to verify authentication using three methods: the Microsoft Authenticator App, SMS text messaging, or an audio phone call. 

Users without a smartphone can request to receive a verification code via text messaging or as an audio phone call, either to a cell phone or a landline phone. 

Q: Will MFA be required for Purdue retirees email? 

ITaP is working with the Purdue University Retirees Association to implement multi-factor authentication for retiree accounts; additional information will be announced soon. However, retirees may also sign up now following the link listed above.  

Last updated: October 14, 2021