SUNY Broome requires MyCollege MFA to further secure our Portal Logins.
Multi-Factor Authentication (MFA) is a technology that protects your accounts from being hacked, phished, brute-forced or otherwise compromised. MFA combines something you know (your username and password) with something you have (your cell phone and personal email) in order to login to your SUNY Broome account.
Let’s show you the “On-boarding” of our MFA system. This procedure only has to be done once and consists of these few steps.
-
- The first time you go to MyCollege it will automatically direct you into the on-boarding process.
- Login using your Campus/BCCNET username and password.
- It will prompt you to Re-enter your password a 2nd time on your first login. Keying your password is a required step when ever going into this MyMFA secured area.
If by chance it does not take you into the MFA on-boarding, look at the middle of the page for My Apps and select MFA Reset.
- Set up your Account Recovery Settings (used for MFA answers). Notice the amber color tabs. These are the factors that still need to be entered. Once completed they will turn green like the Email Recovery shows.
- Finish entering your recovery factors. You can choose one, or all of them, but at least one second factor (phone, security questions or authenticator ) needs to be filled besides your primary email and personal email, which is automatically set.
- Enter in your security questions. Follow these best practices for choosing and using security questions. Even though this is the first authentication setup area, these security questions will only be used for recovering your account or password. (HINT: A student couldn’t get in and said, “I know when I was born! 7AM -(failed because they entered 7(space)00(space)am(in lowercase)) Make your answers simple in order to remember when you need to get in when you don’t have your phone or email account handy.)
- Your secondary email address is now brought in from our database. You may update the secondary email address that is brought in however, you cannot update the Primary email address. Enter your Secondary email address and select “Verify” to send a 7-digit code to your updated email address. Once verified you are all set with the Secondary email update.
- Enter your verification code. Enter in the 7-digit code that you received in your secondary email.
- Enter your phone number. Enrolling your personal phone number is voluntary and is subject to your own phone rates.
- Enter your verification code. Enter in the 7-digit code that you received on your cell phone.
- Your tab will turn from amber to green once it’s successfully verified.
- Enter in your security questions. Follow these best practices for choosing and using security questions. Even though this is the first authentication setup area, these security questions will only be used for recovering your account or password. (HINT: A student couldn’t get in and said, “I know when I was born! 7AM -(failed because they entered 7(space)00(space)am(in lowercase)) Make your answers simple in order to remember when you need to get in when you don’t have your phone or email account handy.)
- Your settings are saved. When you are done filling out your information, select the “Go to My Apps” or notice the browser tab to the left of where you are working, is your MyCollege portal landing page.
- Login with MFA. The NEXT time you Login to the MyCollege portal using your username and password, you will have on-boarded and will receive a prompt for “Additional security verification” and show you the factors you can you. Select a verification option to continue.
- Selecting the “Send me an Email” will show a partial piece of your Primary and Secondary (it only show a partial in case someone is looking over your shoulder, where you don’t want them to know your addresses)
Students are allowed to TRUST their devices so they can bypass this verification on a device the often login on. THIS TRUST only last 30 days. We recommend NOT TRUSTING devices in public areas, like SUNY Broome computer labs or any place they have free wifi and devices to log into. ONLY Trust the devices you know and own. - Enter your secure code sent to your email address you selected.
Note: The OTP (One Time Password) timer is 59 seconds and counts down to zero. This is only important if you need to SEND another key code. Each code will last 15 minutes before another key code is needed. - [Optional] View or change your MyMFA settings. After Onboarding you can go back into the MFA area by selecting MFA Reset under My Apps. You can update your MFA settings from “Account Recovery Settings”, view devices you’ve logged in from and untrust devices from “My Devices” and even change your password.
Change Your Password on NEXT Login – View the Procedure to Change Your Password