How do I enable and authenticate through Multifactor Authentication (MFA) on my mail enabled service account?
Mail-enabled service accounts can now opt into MFA. Registering for MFA on the mail-enabled service account will use the same process as general IDMS accounts.
- Log onto the OSU MFA Portal using the service account credentials.
- Select Add Devices
- If a device is already setup on the account, you will need to authenticate using that device before proceeding to manage your devices.
- Select the type of device you are adding.
- Follow the on-screen prompts (detailed in the specific help entries).
We recommend each user adds a backup device for times where the primary device is not available to them. Please note: if the service account has multiple owners or users, once one user opts into MFA, all service account users must use MFA. As there may be multiple devices registered through MFA for the account, users may have to select ‘Other Options’ on the MFA prompt to select the appropriate device in order to successfully authenticate.
MFA will only be required for service account use off campus (this includes A&M and branch campuses.) Therefore, you will be prompted to authenticate through MFA when authenticating into an MFA-protected website, application, cloud service, etc. Websites and applications protected by MFA can be found here: What sites and applications may be protected by Multifactor Authentication (MFA)? | Oklahoma State University (okstate.edu).
Some websites, cloud services, and applications are not MFA protected, and you will not receive the prompt to authenticate through MFA; this should be the same for general IDMS accounts and mail enabled service accounts.
If you are on any OSU or A&M campus, the email service accounts should not be prompted for MFA.
The OSU VPN will require MFA if you login from your personal device and use the OSUVPN through your local network.