How to activate multifactor authentication (MFA)
- Download the Okta Verify Mobile App and/or Google Authenticator Mobile App (more info below)
- Go to login.iastate.edu and sign in
- Click on the Activate Multifactor Authentication tile
- Read the information about MFA and click Activate at the bottom of the screen. This will log you out.
- Log back in and follow the prompts to set up your preferred verification method(s). We recommend Okta Verify for ease of use. Setting up multiple options ensures you can still log in if one isn't available.
NOTE: If you are using a trusted personal device, you may bypass future requests for MFA by checking Do not challenge me on this device again.
MFA verification methods
There are several options for your additional factor. To ensure access when one is unavailable, we strongly recommend you set up as many factor types as you have. When challenged for MFA you can choose any one to use at that time. The factor types are:
Okta Verify Mobile App
The official Okta authentication app for your smartphone or device, available in the Apple App Store, or Google Play Store. It is recommended you install the app on your smartphone before you start the enrollment process. Once linked to your Okta account, it alerts you when a login is attempted and you can approve or deny it. You can only have this app active on one of your devices at a time.
Google Authenticator Mobile App
This authentication app (iOS and Android), once linked to your Okta account, generates a numeric code inside the app you enter to confirm your identity. If you have two mobile devices, this is a good alternative for your second device. Note: this app will not send a push notification. You'll have to open the app to retrieve the code.
SMS Text Message
Once you register a phone number, you will be sent a text message with a numeric access code to enter to confirm your identity. Note: phone number must be a domestic United States number to work properly. International phone numbers are not supported.
Once you register a phone number, you will be called and given a numeric access code to enter to confirm your identity. While your mobile phone number could be used for this option, if possible, it is recommended you chose another phone you can access, such as office or home number. Note: phone number must be a domestic United States number to work properly. International phone numbers are not supported.
A physical USB device that is inserted into your computer and touched when prompted for MFA. YubiKeys are available for purchase at Tech CYte in the ISU Bookstore.
NOTE: If using Okta Verify or Google Authenticator, keep the app(s) installed on your phone at all times to ensure you can receive/retrieve verification codes.
Run into an issue or have questions? Contact the IT Solution Center.
NOTE: Once you activate MFA, you will only be able to log into AccessPlus with your Net-ID information or through the Okta dashboard (login.iastate.edu). You will no longer be able to log in with your University ID number, Social Security number, or other methods. This improves the security of sensitive data stored in AccessPlus.
Multifactor Authentication Activation Schedule for Student Accounts
Information Technology Services (ITS) will change a login setting, and unactivated students will be automatically prompted to complete MFA activation before accessing their ISU accounts like CyMail, Canvas, CyBox, etc. Students are still able to activate voluntarily before the MFA requirement is in place, at which time they will receive the automatic prompt and be routed to enable MFA.
More Information about MFA
What is MFA?
Multifactor Authentication (MFA) is a way to protect your Iowa State login that requires knowing more than just your password. After inputting your password, you are prompted to complete a second login step.
Why is MFA important?
With MFA, you are better protected against phishing, in case you get tricked into putting your password into a malicious site. You are also better protected against password reuse, meaning if you use the same passwords for multiple sites and accounts, hackers cannot easily break into your primary email. MFA is also required by the United States Department of Education to secure your transcripts, financial aid data, and other sensitive information.