Massachusetts College of Pharmacy and Health Sciences

Multi-factor Authentication

MultiFactor Authentication for Off-Campus Access

The University continuously monitors threats to information security as well as best practices to address those threats. One of the biggest threats for security is a compromised account. To help protect your account, MCPHS University has been requiring multi-factor authentication (MFA) when accessing University resources from off-campus for employees since 2013 and students since 2019.

Apple, Google, Microsoft, and many other service providers have MFA as either an option or requirement.

MFA is a security enhancement that requires two forms of verification when using your MCPHS University Logon. MFA is a way of verifying that people logging into our systems are indeed the people we think they are. MFA provides a way to limit the impact of these attacks and help ensure that only authorized people are accessing our systems and adds critical protection for your sign-on credentials.

Instructions for Setting up MFA

iOS Self-Enrollment
Android Self-Enrollment

Instructions for Changing MFA Settings

Authenticator App - Recommended

The Authenticator App is strongly recommended, especially for anyone who plans to travel Internationally or when cellular service may not be available.

Instructions for Changing MFA Settings for VMWare - Faculty/Staff Only

Authenticator App - Recommended


Frequently Asked Questions

Multifactor Authentication can be defined as something you KNOW (your password) along with something you HAVE (your phone). With the implementation of Multifactor Authentication you will now need to utilize this method of authentication when logging in to Office 365 and other web applications when you are off-campus. There are a few options for Multifactor Authentication available:
  • Mobile App: Pop-up prompt using the Azure Authenticator app on your mobile device asking you to 'Verify' the login.
  • Token Code: Enter a token code generated by the Azure Authenticator app on your mobile device.
  • Phone Call: Receive a phone call each time you need to authenticate.
  • Text Message: Enter a code received by text message each time you need to authenticate.

Information Services strongly recommends the use of the mobile app or token code based authentication via the Azure Authenticator app.

This would only happen if someone else was trying to log into your account and they already knew your password. Multifactor Authentication occurs after the username and password are verified. If this happens, Multifactor Authentication has just saved your account from illicit access! Please report any unauthorized authentication requests to the Help Desk.
If you are traveling abroad and still require access to Office 365 or web-based applications, Information Services strongly recommends that you switch from phone call or text message-based authentications to the app-based authentication. If you travel abroad and are unable to receive phone calls or text messages at the number you provided, you will not be able to complete the authentication process.
When MFA is configured on your account, there are two different options for setting up email on your cell phone or mobile device.
  • Outlook App: Information Services recommends using the Outlook app as it’s easiest to setup and manage your email, calendar, and contacts in one place. This option also uses your MCPHS username and password.
  • Built-in Mail Apps: Varies from device to device. Should you prefer to use the built-in mail apps on your device, it's important to setup email when off-campus or using cellular data when on campus. Please see the instructions section for complete step-by-step instructions for setting this up.


Cookie Notice

Our website uses cookies to store information about your visit. This helps us to provide you with a good user experience and also allows us to improve our website.  Privacy Statement