This information explains some reasons MFA may be triggered on your account.

Service Authentications

More and more services are requiring MFA to ensure you are you. UCCS requires MFA to access the following services:

  • MyUCCS Portal - Given multiple applications within the portal require MFA, UCCS OIT has opted to use MFA to login to the portal so that all apps meet security requirements placed on us by service providers. 
    • Nelnet - tuition and fee billing system
    • Student Support Network - faculty alert and kudos system for students to help students succeed in the pursuit of their degree

Risky Sign-in's

We are using Risky Sign-ins as the trigger for MFA. 

What are Risky Sign-in's? 

Microsoft collects our sign in data and runs algorithms against it to determine normal and abnormal behavior. That, "abnormal behavior" is what triggers a Risky Sign-in.   

Risk Event Type
Risk Level
Additional Explination
Sign-ins from anonymous IP addressesMediumYou're using Tor browser, anonymous nodes/VPN's. This would be triggered as an anonymous IP address.
Impossible travel to atypical locationsMediumYou're in Colorado Springs at 2:20pm and Mumbai at 2:22pm. This is would be triggered as impossible travel.
Sign-ins from unfamiliar locationsMediumYou're always in Colorado Springs, now you're in England? This would be triggered as an unfamiliar location.
Sign-ins from infected devicesLowYour credentials were used on a network that is hosting malware. This would be triggered as an infected device.
Sign-ins from IP addresses with suspicious activityMediumMicrosoft has seen this IP doing shady stuff and now you are signing in with that IP address. This would be triggered as suspicious activity.