Many Luther services are protected by a Multi-Factor Authentication (MFA) sign-in that uses your Norse Key.
Note: This is a separate sign-in and multi-factor process than the one for your Norse Apps (i.e. email). Learn more about 2-Step Verification for Norse Apps.
Services that currently use MFA sign-in include:
The first time you sign in to any of the services listed at the top of this page you’ll be prompted to turn on Multi-Factor Authentication. Alternatively, visit mfa.luther.edu to set up or alter your Multi- Factor Authentication settings.
You’ll see a Microsoft prompt—Sign in with your Luther Email address and Norse Key password. If you’re asked, choose “Work or School Account”.
After signing in, you’ll see a “More information” prompt.
You have several options for your 2-factor authentication. For your primary method, we strongly recommend the Microsoft Authenticator app’s push notifications or phone calls. Some services don’t support verification through text message or app-generated codes.
Here’s how to set up each method:
Note: The Microsoft Authenticator app is only available for mobile devices.
Make sure you don’t get locked out! Enter a backup phone number, like your office phone number.
Note: This options doesn't work when logging in to the Remote Computer Lab.
Q: How do I change my MFA settings?
Q: What do I do if I get locked out? Are there backup codes?
Backup codes don’t exist yet for this system. Call the Technology Help Desk for help altering your MFA settings.
Q: The verification options above don't work well for me. What should I do?
If you don't have a phone number at all, we recommend the Authenticator.cc browser extension; if you have a phone number but prefer to authenticate from a computer, we recommend Authy. Both of these methods will work for most MFA services, but not the Remote Computer Lab. Both of these methods can be set up using the other authenticator app instructions above.
Q: The verification code from my authenticator is always rejected. What am I doing wrong?
It's important to know that verification codes are time based, and that each code only covers a 30 second window. Our first recommendation is to wait until a new code is generated so that you have the full 30 seconds to complete the sign-in or setup process. If that still doesn't work, make sure that the clock and time zone on both devices are exactly the same. Also make sure your clock is getting the correct time "automatically" rather than using a manual setting.