Skip to Main Content

Two-Step (Multi-Factor) Authentication

Protect your Downstate Office 365 account from unwanted intruders

MFA security consideration

It is crucial that you set up MFA as soon as it is enabled on your account, because any delay might put your account at risk for an account takeover attack and unauthorized MFA information might be entered by the attacker.  To reduce the risk, your account will be denied off campus access to Office 365 application portal if MFA is not configured after it is enabled for 30 days.

If you feel your account at risk at any time for any reason after you configure MFA on your account, you should immediately check on your authentication phone information and restore MFA on all previous trusted devices.

To do so, please follow the topic "How do I change the MFA verification method?".  When you get to Step 5, check and verify all the phone information and click on “Restore” button to restore MFA on all previous trusted devices.