MFA Onboarding Instructions for Students

SUNY Broome moves to MFA to further secure our Portal Logins. 

Multi-Factor Authentication (MFA) is a technology that protects your accounts from being hacked, phished, brute-forced or otherwise compromised. MFA combines something you know (your username and password) with something you have (your cell phone) in order to login to your accounts.  SUNY Broome is again ahead of the curve when it comes to information systems and in this case, IT Security.

Let’s move through the “Onboarding” of the MFA system.  This procedure only has to be done once and consists of these few steps.

1. 1. Go to MyCollege.
   2. Login using your Campus/BCCNET username and password.
      
   3. Re-enter your password. A required step when going into this secured area.
      
   4. Set up your Account Recovery Settings (use for MFA answers).  Select “Get Started” under “Account Recovery Settings” on the left tab.
      
   5. Fill out at least one recovery method. You can choose one, or all of them, but at least one second factor (email, phone) needs to be filled out besides your primary email, which is automatically set.
      • Enter in your security questions.  Follow these best practices for choosing and using security questions. Even though this is the first authentication setup area, these security questions will only be used for recovering your account or password.
        
      • Enter a secondary email address. Your sunybroome.edu email address is automatically entered as the Primary verified email address. If you do use a secondary email address, it is recommended that you secure that account with MFA as well. Enter in a secondary email address and select “Verify” to send a 7-digit code to your email address.
        
      • Enter your verification code. Enter in the 7-digit code that you received in your secondary email.
        
        You will see a green check mark next to your phone number once it’s successfully verified. You can select “update” if you wish to change it to a different email address.
        
      • Enter your phone number. Enrolling your personal phone number is voluntary and is subject to your own phone rates.
        
      • Enter your verification code. Enter in the 7-digit code that you received on your cell phone. You will see a green check mark next to your phone number once it’s successfully verified. You can select update if you wish to change it to a different number. 

        You will see a green check mark next to your phone number once it’s successfully verified. You can select update if you wish to change it to a different number.

        

   6. Save your settings. When you are done filling out your information, select the “Back to Account Security” tab to save your settings.
      
      Select “Yes” at the pop-up window if prompted to save your settings.

      

   7. Login with MFA. The NEXT time you Login to the MyCollege portal using your BCCNET credentials. Now that you have onboarded, you should receive a prompt for “Additional Security Verification”. Select a verification option to continue.
      
   8. Enter your secure code sent to your second factor.
      
      Notes: The OTP timer is 59 seconds and counts down to zero.  This is only important if you need to SEND another key code.  Each code will last 15 minutes before another key code is needed.
      
   9. [Optional] View or change your MyMFA settings. After Onboarding you can go back into the MFA area by selecting the MyMFA under the QuickLaunch. You can update your MFA settings from “Account Recovery Settings”, view devices you’ve logged in from and untrust devices from “My Devices” and even change your password.