Securing Authentication at NIU (Project)


Multi-Factor Authentication (MFA)

MFA is a method of providing multiple credentials to access a computer system. MFA is currently being used in all financial system sites (banks, credit card companies) to ensure proper identity management. MFA consists of at least two of the following methods for identity authorizations: Knowledge (something you know), Possession (something you have), and Uniqueness (something only you have).

Compromised credentials are the primary attack vector used to breach systems. Implementing MFA reduces our threat landscape across the NIU enterprise, while safeguarding the NIU brand.


Self-Service Password Reset (SSPR)

In the past three years, the Division of Information Technology (DoIT) has performed approximately 20,000 password resets over the phone each year. IT Service Desk management has estimated the cost of this service at close to $120,000/year. To save money and make use of the self-service password reset (SSPR) technologies that many of us already use on a regular basis with banks, Amazon, and Google, NIU implemented true SSPR for all active faculty, staff, and students in November 2017.

The Microsoft-based SSPR asks for alternate contact methods (text to a phone; call to a phone; non-NIU email address). And then when you need to change your password or if you've forgotten it entirely, SSPR will use one of your stored contact methods to assist you.


Removing alias@niu.edu for Employee and Retiree Logins

Employees and retirees no longer log in with alias@niu.edu, but must use their AccountID@mail.niu.edu instead. These AccountIDs are generally in the form of A1234567@mail.niu.edu or R1234567@mail.niu.edu.  This has not changed the ability to send email to alias@niu.edu, but only changes the ability to login with that alias.

If you don't know your AccountID, please search your own entry at directory.niu.edu.

If you have trouble logging in, try these actions before calling the Service Desk:

  • If you're logging in at o365.niu.edu, quit your browser completely before trying again.  Consider trying a second web browser to see if the trouble is with your account or with your browser-cached credentials.
  • If you're logging in through an Outlook client, make sure you're using at least Outlook 2013 but preferably Outlook 2016.  Click your account preferences to ensure your AccountID@mail.niu.edu is your username instead of alias@niu.edu.

Outlook / Skype for Business / OneDrive

When your current session times out, you will be prompted to log in. If your current password fails, please verify the username Microsoft is using to log in. If your NIUalias@niu.edu is still displayed, click Sign in with another account and enter your username as AccountID@mail.niu.edu followed by your NIU password.

Native mail client on Mobile Device

You may need to delete the account and re-add using your AccountID@mail.niu.edu


Multi-Factor Authentication

Getting Started: NIU Video

                OR

Getting Started: Microsoft