How do I register for BlueKey MFA
View the tutorial video on the registering for BlueKey MFA article.
Help! My smartphone or mobile device (with the Microsoft Authenticator app) is lost or stolen.
Hopefully, you have added multiple sign-in methods at bluekey.depaul.edu/multifactor. View these instructions to sign out of all devices, and remove the lost or stolen phone as a verification method. Do you need to got to class or work without the ability to verify your identity through MFA? You’ll need to contact the Help Desk at (312) 362-8765 or email helpdesk@depaul.edu. It’s important to know the Help Desk hours.
I don't know my password and I can't access my phone.
Do you need to access a DePaul application, system, or service without the ability to verify your identity through MFA? You’ll need to contact the Help Desk at (312) 362-8765 or email helpdesk@depaul.edu to have your MFA requirement temporarily suspended. It’s important to know the Help Desk hours.
Why is Microsoft Authenticator not displaying notifications?
Opening the Microsoft Authenticator app should display current notifications, but the following may enable automatic push notifications.
| Cause | Resolution |
| No internet connection | Check your phone's data and WiFi access. |
| Notifications are disabled | Check that push notifications are enabled for the app in your phone's settings. |
| App has crashed | Try to force close the app and restart the phone. |
| Battery saving features | Battery saving features might be blocking background processes. Change the priority of the notifications or turn off battery saving features. |
| Notifications set to low priority [Android] | Settings vary for different versions, but try to start the Settings app, select Applications > Notifications, then check the notification priority. |
| Can't receive over WiFi[iOS] | If you can only receive notifications with mobile data, select Settings > General > Reset > Reset Network Settings. Please note that this will forget all WiFi networks and passwords, mobile settings and VPN/APN. |
I can't access my default sign-in method for BlueKey MFA. What do I do?
Is your phone missing, dead, or broken? Do you need to got to class or work without the ability to verify your identity through MFA? You’ll need to contact the Help Desk at (312) 362-8765 or email helpdesk@depaul.edu. It’s important to know the Help Desk hours.
Why is DePaul requiring MFA for some systems?
Multi-factor authentication (MFA) is an important security improvement, and stops 99% of malicious hacking attempts.
I got a new phone. What should I do?
If possible, don't delete the Microsoft Authenticator app on your old phone BEFORE registering the app on your new phone. If this option is a possibility, you can verify your identity when setting up the new device on your old phone. Not an option? Don't worry. Read more detailed instructions for registering a new phone.
What DePaul systems use BlueKey MFA? When will new ones be added?
Information Services has now added MFA-requirements to dozens of systems in use at DePaul. Some systems require MFA for all users, while others only require it for a subset of the users accessing the system. DePaul is regularly reviewing the risk of its systems and services and will continue to add MFA requirements to existing and newly added systems depending on the risk to DePaul's users and data.
How do I know if a service requires BlueKey MFA?
Users will be prompted with a screen that says further authentication is needed. If your default verification method is set to Microsoft Authenticator - notification (recommended), have your mobile device with Microsoft Authenticator app ready. The login screen for the service you are accessing will notify you which verification method is necessary to proceed. Users utilizing Authenticator will also be presented with a 2-digit number in the login screen, which they will need to enter into the Authenticator app to complete the login process, additionally increasing the security of system access.
How often will I have to MFA?
You may experience differences in prompt frequency between various apps and browsers, as well as between DePaul-owned and personal devices. To minimize prompt frequency, we recommend the use of desktop or iOS/Android apps like Outlook and OneDrive to access the Microsoft 365 platform when possible, and reducing the number of times you close and reopen your web browser on trusted, secure devices. Always close the web browser completely after accessing DePaul services and data on a shared or public computer.
Web browsers
You can expect to see MFA prompts only as often as you are prompted for your username and password today, and in some cases less often.
Applications
Once you have provided your MFA to your client application software, it should not demand a second factor for another 90 days unless something changes (e.g. you change your password or your client software updates).
What is my default sign-in method? How do I check the settings?
You are required to select a default sign-in method during the registration process, but it’s highly recommended to double check this setting and make sure that it is set to the "Microsoft Authenticator - notification" option. Navigate to bluekey.depaul.edu/multifactor on your computer. Next to the “Default sign-in method” make sure that "Microsoft Authenticator – notification" is selected. If not, select change. This specific default method (using the app) is highly recommended for both its ease of use and level of security. Watch the 5 things to do after you register for MFA video, which addresses this topic.
Should I add more verification methods?
You may have input additional verification methods during the registration process. If you didn’t or you’re not sure, please visit bluekey.depaul.edu/multifactor. On this page, you have the option to add more verification methods. Generally speaking, the more secure verification methods you can add, the better. Secure methods are used only by you, secured by passwords (if applicable), and stored in a secured location (if applicable). Watch the 5 things to do after you register for MFA video, which addresses this topic.
Can I add the Microsoft Authenticator app to another device?
Add and register Microsoft Authenticator on an additional secure phone or tablet, or add a secondary phone number. A secure device is one that only you can access, is password protected, and stored in a secured location. By adding the app to another trusted device, you will have a backup in case something happens to your primary device. Watch the 5 things to do after you register for MFA video, which addresses this topic.
Is BlueKey multi-factor replacing the Duo Mobile app?
Yes. DUO is no longer used on DePaul systems.
Where can I find out more information about BlueKey multi-factor?
Learn How to setup security info
Watch this training video: