This summer, Information Services made a change that will affect DePaul users' access to some DePaul systems. Most DePaul employees should be familiar with performing a second approval step, referred to as BlueKey multi-factor authentication or BlueKey MFA, when accessing some resources, such as BlueSky, the DePaul VPN or the Microsoft Security Password Reset Portal. As of Aug. 24, DePaul community members
using the Microsoft Authenticator mobile app will experience a change to the user experience.
More multi-factor authentication detailsUsers of the Microsoft Authenticator app configured for the “Microsoft Authenticator – notification" default method, DePaul’s recommended configuration, will notice a change in the authentication experience, as illustrated below. Users will see two additional pieces of information:
- The name of the application or service you are logging into.
- A map of roughly where the authentication is happening (based on geo-location data of the IP you’re logging in from)
Information Services encourages everyone to make note of the application name that is displayed on the screen (e.g. “BlueSky” or “DePaul Pulse Secure VPN”) to ensure it matches the system you are trying to access.
Two-digit verificationUsers will also be presented with a two-digit number on their login prompt screen, which they must enter into their Authenticator app before they can approve the login.
Why are we making this change?The addition of the contextual information (application/service name and location) and the number-matching feature will improve the security of DePaul’s BlueKey multi-factor authentication service. These changes give you more information about logins to help protect your identity, and prevent attackers who may have compromised your username and password from sending you hundreds of prompts in the hope that you might accidentally approve one and allow them access.
If you have any questions or run into any issues, please contact
DePaul’s Help Desk.