Accessing Secure Authentication Tools
Secure Authentication Tools can be accessed by going to infosec.missouri.edu and clicking on the Secure Authentication toolkit in the left-hand navigation. The tool options are as follows:
What is the purpose of Secure Authentication?
Secure Authentication provides two-factor authentication (2FA) services for IT systems containing confidential information. Passwords by themselves are increasingly an insufficient security measure for a number of reasons. 2FA technologies protect resources by introducing an additional ‘factor’ – something you have on your person or know in addition to a password, in this case a passkey or code.
*Note: This will not include password reset for Office 365 student accounts and sponsored accounts at this time.
What do first time users need to do?
- Complete the user registration process at the link above (New User Setup). You will be asked to provide your mobile phone number, an external (non-University) email address that you own and answers to a series of knowledge-based questions;
- Download and install the Authenticate application for your mobile device. While not required, most users will find the application is the most convenient way obtain a login code.
Note: Your cell phone number and/or personal email address will not be used except for official University purposes and as required by law. The University does not market or sell personal information to outside entities.
Will this slow down my daily work?
Not much at all. After registration, most users interact with Secure Authentication via the mobile device application. Various IT systems (MyHR, Canvas, Email, etc.) have been configured to ask for a 2FA passkey for different reasons and at different times. The overall goal is to ensure that the person logging in is a legitimate user while at the same time, not being overly burdensome.
What should I do if I don’t have a mobile phone?
If you don’t have a mobile phone, you may use a home or work phone to access a Secure Authentication passcode. Any phone used for this purpose must be a direct line uniquely assigned to you. Make sure the number is one you can access quickly to receive the phone call providing a single-use passkey.
Why do I need to provide a secondary (external) email address?
A non-University email address is required as another means to contact you if security professionals note suspicious login activity from your work account, and it may be used as one of the ways to receive a passkey for some electronic resources.
What should I do if I do not have an secondary (external) email address?
Create one! Most email services are free for use (see resources below). If you have a secondary email already, but do not feel comfortable sharing it with the University, you may create a new external email account for this purpose.
What if I choose not to register with Secure Authentication?
If you are not registered, you will not be able to access resources protected by this type of technology. For example, Secure Authentication is required to use the Forgot Password tool to recover your password. Many University resources already require 2FA, and the list is growing rapidly as we work to further secure our information systems.
I’m having a hard time answering some of the knowledge-based questions, what should I do?
If you would like to change a question option, use the pull down menu on the question field and select from a new set of pre-approved questions. Still having issues? The key with the knowledge-based answer is that you can remember what answer you have given the system for a particular question. You do not have to provide the correct answer, just be able to always give a consistent answer when prompted with that question. For example, it is acceptable if the question is “What is your favorite color?” to answer “elephant”, so long as you can remember the answer is “elephant” when prompted with the question: “What is your favorite color?”
What is the purpose of the help desk verification question?
The help desk may choose to use the “help desk question” to verify identity over the phone. IT support personnel cannot see answers to your other knowledge-based questions, only the help desk verification question.
How do I update my information after I have registered?
You can update information in Secure Authentication toolkit at any time. Go to InfoSec.missouri.edu and click on Secure Authentication toolkit in the left-hand navigation. You can then log into the User Registration/Manage Settings to update your information.
If you need additional assistance, please contact your IT Tech Support team.