Frequently Asked Questions

Multi-Factor Authentication FAQs

Get answers to your most frequently asked questions about multi-factor authentication at Merrimack College.

Currently, Merrimack College faculty and staff who have an account to access college systems and services are required to enroll in MFA.

No. You will only be prompted for MFA when logging in to an MFA-protected system or service. This list will continue to grow over time.

MFA is required for access to email and many other college systems such as myMack and Canvas. Merrimack account holders should expect to use MFA to log in to an increasing number of the college’s most frequently used sites.

Microsoft is the company that provides the SSO and MFA services used by the college. The Authenticator app can be downloaded and installed on smartphones and tablets. The app makes MFA simple without the need for typing in a code.  The app can also be used when cellular service is not available, or when traveling internationally.

Select “Deny” in your Authenticator app if you did not initiate the request. Then contact the Office of Information Technology via askit@merrimack.edu or x3500.

Visit myaccount.microsoft.com and log in with your Merrimack credentials. You will be prompted for MFA. After authenticating you can click on “Security Info” in the left nav, and then click “Add sign-in method.”

Yes. The Microsoft Authenticator app can be used in instances where there is no internet connection or reliable cellular data service (for example, while on an airplane or traveling internationally).The Microsoft Authenticator app can be used for two different types of MFA: notifications sent to your phone or time-based passwords. If you use the time-based password option then Microsoft Authenticator won’t use the phone network or internet on your phone. Notification MFA does require phone or internet signal to work, so you may not wish to use this option unless you have a local SIM card and data plan.

Yes. The Microsoft Authenticator app can be used in instances where there is no internet connection or reliable cellular data service (for example, while on an airplane or traveling internationally). The Microsoft Authenticator app can be used for two different types of MFA: notifications sent to your phone or time-based passwords. If you use the time-based password option then Microsoft Authenticator won’t use the phone network or internet on your phone. Notification MFA does require phone or internet signal to work, so you may not wish to use this option unless you have a local SIM card and data plan.

You can install and configure the Microsoft Authenticator app on your iPad or other mobile device. Click here for instructions on how to configure and use the Authenticator app.While most people choose to use their cell phone for authentication, users can also use any mobile device such as an iPad, and faculty/staff can use their office phones as a backup method for receiving a verification code via phone call.

While most people choose to use their cell phone for authentication, users can also use any mobile device such as an iPad, and faculty/staff can use their office phones as a backup method for receiving a verification code via phone call.

Tablets can be configured with the Microsoft Authenticator app in lieu of a cell phone. Office phones can also be used as a backup method for receiving an MFA code.

If a cell phone is inconvenient, MFA can be set up on your Merrimack-issued iPad.

Any mobile device can be configured for authentication, including a school-issued iPad. Faculty and Staff can also set up an office phone as a backup authentication method. If none of these options are available, call the help desk at x3500 and they can assist you.

Contact the Office of Information Technology immediately if you lose your cell phone, or any device configured to receive MFA prompts. IT will help to disable MFA on that device and will assist you with a temporary way to log in.