Multi-Factor Authentication
The City University of New York (CUNY) has implemented enhanced security requirements to access applications that utilize the CUNYfirst credentials. Some applications include:
| Blackboard | CUNYfirst-Finance | LinkedIn Learning |
| BrightSpace D2L | DegreeWorks | One Search |
| Connect2 | Dropbox | Online Orientation |
| CUNYBuy | EAB Navigate | Quinncia |
| CUNYfirst - Campus Solutions | Ezproxy | Schedule Builder |
| CUNYfirst - Human Capital Management | FACTS | Top Hat |
| CUNYfirst - Self-Service | InfoReady | Zoom |
Multi-factor authentication (MFA) is a security measure designed to provide enhanced protection for digital accounts and systems. Rather than relying solely on a password, MFA requires users to verify their identity using two or more distinct methods. CUNY has instigated a two-step approach to authenticate access to their applications.
- Signing onto accounts utilizing your CUNYfirst username and password
- Security tokens from a smartphone authenticator APP or call back option.
By requiring multiple forms of verification, MFA significantly reduces the risk of unauthorized access, even if one factor—like a password—is compromised. It is widely used in both personal and professional settings to safeguard sensitive information and ensure that only authorized individuals can access protected resources.
This guide provides step by steps instructions to:
Video instructions – See below
Step-by-Step Setup Instructions – Create your MFA Account
Go to the CUNY MFA Self-Service Portal
Using a desktop computer, open an internet browser and visit: https://ssologin.cuny.edu/oaa/rui
Log In
Enter your CUNY Login username and password.
Grant Access
If prompted by Oracle Identity Management, click Allow to continue.
Image
Manage Authentication Factors
On the dashboard, click Manage under “My Authentication Factors.”
Image
Add a New Factor
Click Add Authentication Factor and select Mobile Authenticator – TOTP (Time-based One-Time Password)
Image
Set a Friendly Name
Enter a name like “CUNY Login MFA” to identify this account in your Authenticator app.
Image
Mobile Authenticator
Using your primary mobile device, download the Microsoft Authenticator App.
Scan the QR Code
After installing the Authenticator App:
Tap Add Account
Image
Choose Other Account
Image
Scan the QR code shown on your computer screen (see step 6).
Verify the Code
Open the Microsoft Authenticator app on your mobile phone to display the one-time password code.
Image
Enter this code in the Verification Code field on the setup page and click Verify and Save.
Image
You have successfully added the CUNY Login MFA account onto your My Authentication Factors page.
Image
Step-by-Step Setup Instructions – How to Authenticate using the Microsoft Authenticator APP
When accessing an application that requires additional authentication using MFA, you will be prompted to select the Authenticator account which you have configured specifically to access CUNYfirst applications (note- If you are also prompted to share your location with ssologin.cuny.edu, click Allow. Additionally, if you do not see a window prompting you to choose your MFA login method, your CUNY Login MFA setup may be incomplete. Clear the browser cache, close the browser window, and then follow the instructions “Step-by-Step Setup Instructions – Create your MFA Account” above.
Select the “Enter OTP from device link” corresponding to the friendly name you set up for CUNY Login MFA.
Image
You will be prompted to enter the OTP (One-Time Password) from your mobile device.
Image
Open the Microsoft Authenticator App on your mobile device used to configure your MFA account. Look for the six-digit code.
Image
Enter the six-digit code into the corresponding OTP field and select Verify.
Image
- After verification and completion of the MFA process, you will be directed to the CUNY resource.