Faculty and Staff FAQ’s

Do I have to enroll?

Enrollment for all UWM Faculty and Staff is required as part of Information Security Administrative Procedure 1030.A.

Do students use MFA?

Yes. Currently, enrolled students at UWM must authenticate using Microsoft MFA when logging into UWM apps.

Authentication Methods
Can I use my UWM office number for an authentication method?

No. You must authenticate with Microsoft MFA in order to access Microsoft Teams; therefore, you MUST NOT use a Teams phone number as a verification method. When choosing security verification methods, phone number refers to any mobile or landline – you cannot submit a Teams phone as a verification method.

I have a flip phone that receives calls and texts. What authentication methods can I use?

When configuring MFA, you may use the “Text” and “Call” options.

Microsoft Authenticator App
If we are logging into MFA on multiple devices, do we need to download the app on each device?

No. You will only need to download the application on one single device to be able to authenticate using the Microsoft Authenticator app.

Do I need to be connected to the internet to use the Microsoft Authenticator app?

The Microsoft Authenticator App is the recommended authentication method. To successfully install the app, you must be connected to the internet. However, after setting the application up, there is an authentication option that does not require data or WiFi use. A “Code Entry” can be utilized for this purpose or if you ever have connectivity concerns. For more info on this please review our instructions.

By using the Microsoft Authenticator App on my personal device, will my personal communications or data be subject to Wisconsin's Public Records Law or be subject to a subpoena request?

The contents of strictly personal communications (texts, emails, voice messages) or data are not subject to the Wisconsin Public Records Law simply by using the app to verify your identity. Strictly personal means that it is not related to university business. If you were using your personal device to conduct university business (such as responding to emails, texting a colleague about a work-related issue or leaving or receiving voice messages on work-related subjects, or accessing UWM digital assets) those communications which relate to the university business could be subject to the Wisconsin Public Records Law or could be the subject of a university-related subpoena. The contents of your personal communications that do NOT involve university business would not be subject to the Wisconsin Public Records law or to a university-related subpoena for university business records.

Hardware Tokens (Fobs)
Are there fobs (tokens) available?

For Microsoft “Authenticator” MFA, all UWM faculty and staff members will be encouraged to use:

  • a cell phone or tablet that is configured to use the “Authenticator” app (Recommended)
  • a cell phone that can receive text messages (SMS)
  • a non-Teams phone that can receive voice calls. Voice calls can be received by landline or cell phone.

Because Teams is Microsoft authentication-dependent, you *MUST NOT* submit your Teams phone number for either Microsoft MFA or your Microsoft Self-Service Password Reset (SSPR).

Limited quantities of hardware tokens (Fobs) will be available in the UWM TechStore. See the Enroll in Microsoft MFA section on the Faculty and Staff MFA page for information about Microsoft MFA compatible hardware tokens.

For a range of compelling reasons, UWM faculty and staff members are discouraged from requesting hardware fobs/tokens, including: the possibility of loss/theft; environmental impact considerations; cost containment; and consistency with higher education “best practices.”

Even so, provision of fobs/tokens will be done under the following circumstances:

  1. To accommodate accessibility of a user
  2. When a user lacks both a cell phone and a non-Teams landline
  3. To support a user who works in a location without connectivity
  4. When a user lacks a text plan on their cell phone
  5. When a user’s cell phone plan assesses charges for individual text messages and/or call minutes
Can I use my fob (token) from Duo?

No, they are incompatible with Microsoft MFA. Old Duo hardware tokens can be dropped off at the UWM TechStore for safe, e-waste disposal.

What should I do with my old fob (token)?

The UWM Tech Store will collect them and dispose of them as e-waste. Visit them in the UWM Panther Shop to drop your old Fob off.

How do you set up the new fob (token) as your primary authentication method with MFA?

Visit our KB articles for step-by-step instructions on how to add your fob as your authentication method:

Other Questions
How does this impact my privacy?

When using the Microsoft Authenticator mobile app, UWM will not be able to see the personal information on your device. The only data collected is related to the use of the app (operating system, application version, IP address of authentication attempt, etc.). Please feel free to review Microsoft’s data and privacy information in more detail here: https://www.microsoft.com/en-us/trust-center/privacy

How does this work with traveling abroad?

If you enroll a smartphone or tablet with the Microsoft Authenticator App and have a cellular connection or a WiFi connection, you can authenticate as you normally would. If you are able to access these services with a cellular or WiFi connection, you will be able to authenticate.

Can I use a device with the Teams mobile device on it to authenticate using the Microsoft MFA app?

Yes! You may use the phone number connected to the device as an authentication method. However; you cannot use your Teams phone number as an authentication method.


Student FAQ’s

Is MFA mandatory and why is it important?

Yes, students currently enrolled at UWM will be required to enroll in multi-factor authentication to deliver an additional level of protection for their accounts. MFA is an essential element of cybersecurity and it will aid in protecting their online information as well as UWM’s.

Multi-Factor Authentication adds an additional layer of security to your login process to prevent your credentials from being compromised. If someone gains access to your account, not only do they have access to your personal information like credit card numbers, social security numbers, and home addresses, but they also gain access to our UWM internal ecosystem.

How do I get MFA?

When an applicant at UWM enrolls for courses, they are required to enroll in MFA the next time they log into a UWM online service. Upon logging in, you will be prompted to confirm and add additional factors.

If you feel you do not have the technology to successfully enroll, please call the UWM Help Desk at 414-229-4040 or visit uwm.edu/helpdesk.

What services require MFA?

All UWM online services require MFA. This includes (but not limited to): Microsoft 365, Canvas and PAWS.

What information do I need in order to log in to UWM services?

You will need your UWM email address that looks like your ePantherID@uwm.edu, your password and your method for MFA authentication.

What do I do if I lost my device, I left it at home, or I am experiencing difficulties authenticating?
Contact the UWM Help Desk for assistance.
Do I have to authenticate every time I log in?

No, you will be given a “remember me” option on a per browser, per device basis. This means that if you access your email from your laptop and your phone, you will be required to authenticate on each device, but it will offer a “remember me” option that will save your authentication on that device.

For session durations, see our KnowledgeBase article.

Authentication Methods
Do I have to use a smart phone to do this?

No, any telephone or smart device will work. Smart devices are recommended as they provide the quickest, simplest experience through the approval of notification prompts. Additionally, SMS or text messages can be sent to your phone along with receiving a phone call for verification to the phone number on record.

Should I enroll more than one method?

Yes, we encourage you to enroll more than one method in case your main device is lost or unavailable.

What if I don't have a smartphone or have an accessibility need?

Any student that feels they don’t have the technology to successfully enroll or has concerns about how the process will work for them should contact the UWM Help Desk. An IT professional will work directly with each student to find a solution that works best for them. Our IT staff can go through the authentication methods (mobile, app, text, and calling) with them, and ensure their phone is set up successfully or can determine an alternate path for MFA, if needed.

Are there fobs (tokens) or alternate authentication methods available for students?

A wide array of MFA authentication methods are offered for our students: dedicated smartphone and tablet app, text message to cellphone, and phone calls to cellphone or landline.

Any student with questions or concerns about the MFA enrollment process or required MFA technology should contact the UWM Help Desk. An IT professional will work directly with the student to identify the best solution. Our IT staff can review the authentication methods, ensure successful phone configuration, and explore special accommodation, if appropriate. Fobs (tokens) can be provided to students to address special circumstances such as accessibility needs and appropriate technology resources.

International Students
What is the recommended authentication type for international students/students traveling abroad?

For the best experience for students who leave the country and still need to access UWM services that have multi-factor authentication, we recommend using the Microsoft Authenticator app. When traveling to your home country or abroad, students may experience issues when trying to authenticate using either the text message or phone call option.

To configure your account to use the Microsoft Authenticator app, please see the UWM KnowledgeBase article: Set up and Reconfigure for International Use.

Is the Microsoft Authenticator app available worldwide?

It is available worldwide via the App Store and Google Play Store, but users in China may experience some obstacles when downloading the app.

  • To download it on IOS in China: The Microsoft Authenticator app can be downloaded through the apple app store.
  • To download it on Android in China: The Microsoft Authenticator app is not available via the Google App Store because the Google App Store is not available in China. However, the application may be available through the following phone app stores:
    • Baidu
    • Lenovo
    • Huawei
    • Samsung Galaxy Store
  • Functionality limitations in China: Push notifications are not available in China for Android devices because they depend on connectivity to the Google Play Services and Google’s Firebase Cloud Messaging system. Users in China will be able to use SMS, phone call verification, or the verification code through the authenticator app if they are able to download the authenticator app. For more information on MFA users based in China, visit Microsoft’s post.
Does the app work on phones that are set up in different languages?

Yes. Furthermore, the Microsoft Authenticator app supports the following languages: English, Arabic, Basque, Bulgarian, Catalan, Croatian, Czech, Danish, Dutch, Estonian, Finnish, French, Galician, German, Greek, Hebrew, Hindi, Hungarian, Indonesian, Italian, Japanese, Kazakh, Korean, Latvian, Lithuanian, Malay, Norwegian Bokmål, Polish, Portuguese, Romanian, Russian, Serbian, Simplified Chinese, Slovak, Slovenian, Spanish, Swedish, Thai, Traditional Chinese, Turkish, Ukrainian and Vietnamese.

Is there an option to send a text message or a phone call for verification to non-US phone numbers?

Yes. However, if you leave the country, you may experience issues with the text message or phone call option. For this reason, we recommend the Microsoft Authentication app option for students who leave the country.