Multi-Factor Authentication (MFA)
Many Luther services are protected by a Multi-Factor Authentication (MFA) sign-in that uses your Norse Key .
Note: This is a separate sign-in and multi-factor process than the one for your Norse Apps (i.e. email). Learn more about 2-Step Verification for Norse Apps .
Set Up Multi-Factor Authentication
The first time you sign in to any of the services listed at the top of this page you’ll be prompted to turn on Multi-Factor Authentication. Alternatively, visit mfa.luther.edu to set up or alter your Multi- Factor Authentication settings.
You’ll see a Microsoft prompt— Sign in with your Luther Email address and Norse Key password. If you’re asked, choose “Work or School Account”.
After signing in, you’ll see a “More information” prompt.
You have several options for your 2-factor authentication. For your primary method, we strongly recommend the Microsoft Authenticator app’s push notifications or phone calls. Some services don’t support verification through text message or app-generated codes.
Here’s how to set up each method:
Note: The Microsoft Authenticator app is only available for mobile devices.
- On your computer, navigate to mfa.luther.edu . If this is your first time setting up MFA, choose Mobile App and then Receive Notification . If you are adding this method later, you’ll see a “Set up Authenticator App” button.
- Download the Microsoft Authenticator app on your mobile device ( iOS , Android , Windows Phone ).
- Use the app to Scan the QR code displayed on your computer screen.
- Accept the push notification on the Microsoft Authenticator app
Make sure you don’t get locked out! Enter a backup phone number, like your office phone number.
Phone call or text message
- At the multi-factor setup page , choose Authentication Phone and enter a phone number.
- You’ll get a call or text with a one-time verification code
- Enter the one-time verification code on the 2-factor setup page and click Done .
Other authenticator app
- On your computer, visit mfa.luther.edu . If this is your first time setting up MFA, choose Mobile App and then Verification Code . If you are adding this method later, you’ll see a “Set up Authenticator App” button.
- When you see the QR code, choose Configure app without notifications .
- If your app can scan QR codes, scan the new code; otherwise, enter the alphanumeric “Secret Key” into your authenticator. If successful, your authenticator should display a 6 digit numeric code that cycles every 30 seconds.
- After you click next on the MFA setup page, you’ll be prompted for the rotating code from your authenticator app. If successful, you should be taken back to the main mfa.luther.edu setup screen.
Q: How do I change my MFA settings?
Q: What do I do if I get locked out? Are there backup codes?
Backup codes don’t exist yet for this system. Call the Technology Help Desk for help altering your MFA settings.
Q: The verification options above don’t work well for me. What should I do?
If you don’t have a phone number at all, we recommend the Authenticator.cc browser extension; if you have a phone number but prefer to authenticate from a computer, we recommend Authy. Both of these methods will work for most MFA services. Both of these methods can be set up using the other authenticator app instructions above.
Q: The verification code from my authenticator is always rejected. What am I doing wrong?
It’s important to know that verification codes are time based, and that each code only covers a 30 second window. Our first recommendation is to wait until a new code is generated so that you have the full 30 seconds to complete the sign-in or setup process. If that still doesn’t work, make sure that the clock and time zone on both devices are exactly the same. Also make sure your clock is getting the correct time “automatically” rather than using a manual setting.