MFA: Frequently Asked Questions

Multifactor Authentication (MFA) refers to an additional layer of security that is added to the login process.

MFA relies on two forms of authentication: something you know and something you have with you. The something you know is your password. The something you have with you can be a mobile device or your office phone. This means that even if your password is hacked, your account will remain secure.

Learn more about Microsoft’s Multifactor Authentication on their Overview Page. (Opens in a new window)

MFA is being phased in but will be required for anyone accessing the Integrated HR-Payroll System (formerly known as BEACON).

You will need to authenticate each time you login.

Use the MFA Registration link to register or change your settings.

You will be able to choose a primary authentication method when you register which you can change or update at any time. Current options are outlined below:

Verification Method	Description
Authenticator app	A push notification is sent to the authenticator app on your smartphone asking you to Authenticate your log in. (This option is recommended for international users)
Phone	A text or phone call is placed to your mobile phone. For a text message, a 6-digit code is sent to your mobile device that you input to complete the authentication process. For a phone call, you will be prompted to select '#' after answering the call to complete the authentication process.
Alternate phone	A phone call is placed to an alternate number. You will be prompted to select '#' after answering the call to complete the authentication process.
Email	Do not use. This option is not valid for the Integrated HR-Payroll System.
Security questions	Do not use. This option is not valid for the Integrated HR-Payroll System.
Office phone	A phone call is placed to your office number provided in the Integrated HR-Payroll System. You will be prompted to select '#' after answering the call to complete the authentication process.

You will be asked to set up a backup authentication method. Remember, the Microsoft Authenticator is the most secure method. Text message, which is the "Phone" option, is a good backup to help you access your account in case you forget or lose your mobile device. We recommend to use your office phone only if that is your sole option.

View the setup video (opens in a separate window) to learn how to set up the Microsoft Authenticator App.

Use How to Change or Update my authentication method link to register or change your settings.

Yes, you can use a personal device for MFA.

If you do not have your phone with you, please attempt to use your backup authentication method. If the backup method is not available, please notify your NCID Administrator.

If you LOSE your phone - please notify your NCID Administrator ASAP.

Please review Microsoft’s MFA Troubleshooting Page (opens in a separate window) as well as the other FAQs on this page. If you still need help, please contact your NCID Administrator.

Yes! Just Update Your MFA Settings and choose a new default method.

What is Multifactor Authentication (MFA)?

Who is required to use MFA for the Integrated HR-Payroll System?

How often do I have to authenticate?

How do I enroll in MFA?

What are my authentication options?

How do I set up the Microsoft Authenticator App on my phone?

How do I change or update my authentication method?

Can I use my personal device to set up MFA?

What if I lose my phone or forget to bring it to work?

What if I experience issues with MFA?

Can I change my default method of authentication?