A: If you have already set up your MFA (using these instructions), using it to log in when off campus (or connected to WIU-OPEN) is relatively straightforward. Simply open the Google Authenticator app on your device and enter the 6-digit token when prompted. Complete instructions (with screenshots) on how to use MFA can be found here.

A: In December 2024, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) advised against using SMS codes for multi-factor authentication (you can read more here). Additionally, CISA has noted that threat actors have used multiple methods to exploit MFA codes sent via voice to a phone (you can read more here). As a result, many platforms have begun phasing out these options. To align with these best practices, receiving MFA tokens via text/voice message will not be available at Western.

A: In addition to smartphones, you can use an iPad, Kindle Fire, or Android tablet as your second device for MFA. Affordable Android devices are available at many retailers for under $50. University Technology is also actively investigating other options.

University Technology has a very limited number of devices that can be loaned out to employees. If interested, please submit a request to support@wiu.edu and uTech will work with your VP area to determine the best path forward.

A: No. If you are at an off-campus location but connected using WIU's VPN (available to WIU employees), an additional MFA to reach Google resources is not required.

A: For now, yes. During this initial phase, logging into Gmail will not automatically grant access to other services like Western Online or Zoom. This is temporary; over time, all services will move to the new Central Sign-On platform, allowing you to log in once and access multiple services seamlessly.

A: When logging in through a standard browser, you will need to provide your MFA token every 14 days (per device) or if you manually log out of a system.

Note: if you access Google apps on your smartphone, these apps use a long-lived secure token stored on your phone. Unless the token is revoked, expired, or suspicious activity is detected, you won't be asked to MFA after your initial setup.

A: University Technology recommends and provides support for Google Authenticator, which is free, widely used, and easy to set up. However, you may also use other compatible authenticator apps such as Microsoft Authenticator, Authy, 1Password, LastPass Authenticator, or similar time-based one-time passcode (TOTP) apps.

Please note that while these apps generally work the same way and should function with our system, University Technology can only offer limited troubleshooting support if you choose to use something other than Google Authenticator.

A: To set up MFA on a new device, please call the Support Center at 309-298-TECH during regular business hours. After answering some security questions to verify your identity, a technician will reset your MFA registration so you can enroll your new phone.

A: These requirements apply to all individuals with access to university-owned systems. This includes employees, students, retirees, alumni and others with access to a WIU-owned email account.