Doc::MFA
Computer Science Multi-factor Authentication
Introduction
Computer Science login using a simple form of multi-factor authentication (MFA) by sending a one time use token (OTP) to an email address that you have configured. Most all cell phone carriers provide a way to receive an email as a text message so you can set up your CS MFA to utilize your cell phone to authenticate.
Change your CS MFA email address
- Your CS Profile: https://admin.cs.vt.edu/my-profile/
By default, CS MFA uses your "preferred" email address that is configured in your profile. If you set the "MFA Email" field in your profile, then it will use that address instead. Use caution when changing your MFA email, you could lock yourself out of your CS account if the address does not work. You should leave your profile page open, and then in a new "Private/Incognito" browser go to https://2fa.admin.cs.vt.edu to test your change, and make sure you can log in.
Email to MMS
Most all major cell providers offer a service that will receive a text message from a special email address. For example, if the phone number is 123-456-7890 and the carrier is AT&T, the email address is 1234567890@txt.att.net
. Even 3rd party cell providers will use the network's gateway address. For example, Visible and Total Wireless both run on the Verizon network and would use the @vtext.com address.
Carrier | SMS Gateway | MMS Gateway |
---|---|---|
AT&T | @txt.att.net | @mms.att.net |
Boost Mobile | @sms.myboostmobile.com | @myboostmobile.com |
Cricket Wireless | @sms.cricketwireless.net | @mms.cricketwireless.net |
T-Mobile | @tmomail.net | @tmomail.net |
UScellular | @email.uscc.net | @mms.uscc.net |
Verizon | @vtext.com | @vzwpix.com |
Don’t know your carrier? Use a website like https://freecarrierlookup.com/ to look it up.
Tips
- Be sure not use a MFA email address that is accessible from your CS account. For example, do not use
<pid>@cs.vt.edu
or<pid>@vt.edu
that forwards to your<pid>@cs.vt.edu
address. If a hacker got your password, then they could login to your email to retrieve the OTP. - The OTP is formatted such as
CASMFA-123456
Entering the "CASMFA-" part is optional. You can save time by just entering the numbers. - You can enter multiple addresses by separating them with commas. This is a good way to add redundancy.
- Use caution when updating your MFA email address, you can accidentally lock yourself out of your account. Test your change in a private/incognito window before closing your profile page.
- As a fail-safe, you can login into your CS account without MFA if you are connected to the VT VPN.