Access Accounts
An Access Account is your login name which grants you access to most Penn State services. Your Access Account is your initials and a one to four-digit number (userid1234). Your email address includes your Access Account: [email protected].
You can use your Access Account to:
- Log on to a university-owned computer.
- Log on to lab and classroom computers.
- Sign in to WebAccess services such as Office 365, Canvas, LionPATH, and more.
To change your Access Account password, set security questions, and more, visit Penn State’s Account Management site.
Microsoft Multifactor Authentication
Enrolling in Microsoft MFA is easy and takes about 15 minutes. Go to accounts.psu.edu/mfa and click on the “Enroll in MFA” button to access the enrollment form and begin the enrollment process. Once you start the process, you will need to complete it, or you will be prompted to do so the next time you try to sign into your Penn State Account.
Enrollment in Microsoft MFA is mandatory for most students by May 8. Students not enrolled in Microsoft MFA by their deadline will not be able to register for classes, retrieve grades or access any secure University-affiliated sites and services such as Outlook email, Canvas and LionPATH until they enroll in Microsoft MFA.
After you add and register your MFA device(s), you will be able to select a verification sign-in method from a range of authentication options such as Microsoft’s Authenticator app, which is the preferred MFA method and is available via the App Store for iOS devices or Play Store for Android devices. Other sign-in methods include an alternate phone for calling or a security key/hardware token. Once enrolled, you will be prompted to verify your identity each time you log into a University-affiliated site or service through a notification sent to your enrolled device.
To prevent accidental approvals, those using the Microsoft Authenticator app on their smartphone will enter the two-digit number displayed on the sign-in screen when approving an MFA request in the Authenticator app. Each number-matching prompt generates a unique set of numbers for every login request. Those using the app cannot approve MFA requests without entering the numbers on their login screen. This guarantees that they do not accidentally approve an unrequested MFA prompt from muscle memory, as was possible in the Duo “Accept” or “Deny” prompts. Number matching is a key security upgrade to traditional second-factor notifications and is recommended by America’s cyber defense agency (the Cybersecurity and Infrastructure Security Agency) and is an industry best practice.
Currently, Apple Watch and Android wearable devices (such as Samsung Galaxy Watch) are incompatible with the Authenticator app’s security features. With the release of Authenticator 6.7.3 for iOS, the companion app was removed from the Apple Watch. This change only affects wearables, so you can still mirror Authenticator notifications from your phone to your wearable device. But how that experience looks will depend on your hardware's operating system.
The new Microsoft MFA authentication is different from Duo, but its purpose and functionality remain the same. Although Microsoft MFA is the University’s primary authentication method moving forward, do not uninstall Duo now, as there may be some systems and services within the University that still require it. You may also be using Duo for other non-Penn State instances outside the University.
Transitioning to Microsoft MFA enables the University to reduce costs by aligning with other Microsoft tools it’s already using, streamline service management and enhance Penn State’s security posture.
MFA is connected to WebAccess, including such services as Office 365, Canvas, LionPATH, and WebApps.
Enroll your devices and manage currently enrolled devices at Penn State’s Account Management site.