UM System has implemented Microsoft's Multi-Factor Authentication (MFA) system which is required for all active accountholders. MFA is an effective way of stopping fraudulent account access by notifying you and requiring you to approve usage of your account. When accessing a MFA-protected service, you will be prompted to enter your UMKC username and password and authenticate the login process with multi-factor authentication.
It is important to set up multiple ways to authenticate in case something happens to one of your devices, like losing your smartphone. Using multiple options will help you maintaintain access to your account at all times, even if one method becomes unavailable.
- Non-UMKC email address
- Microsoft Authenticator App
- A device that can receive text messages
- Phone number that can receive calls
Establish/ Forgot/ Change your UMKC Password
- Go to https://passwordreset.microsoftonline.com/
- Type your UM System email address, example: email@example.com
- You must use the @umsystem suffix or the system will not recognize you.
- Enter the Captcha characters in the picture and click Submit.
(If you receive a message stating password self service has not been enabled that means there is no authentication information on your account and you will need to contact the Technology Support Center at 816-235-2000.)
- You will be prompted to choose a delivery method for your passcode.
- Options include methods you entered in either myHR or Pathway:
- Alternate email
- Text Message
- Call my mobile phone
(Please be aware it can take up to 10 minutes for the new password to take effect.)
Manage Your Multi-Factor Authentication
The best and most convenient way to use Multi-Factor Authentication, is to download the Microsoft Authenticator app from either the iPhone App Store or the Google Play App Store.
- Set up Multi-Factor Authentication by going to https://aka.ms/mfasetup to register.
- You will be redirected to the Microsoft MFA page.
- You only need to setup registration once.
- For more information on how to set up MFA, please visit our Multi-Factor Authentication instructional page.
Password Best Practices
Password complexity will be controlled at the Domain Policy level through the use of Group Policy Objects. Complex passwords provide a basic and important component of overall information security. The "strong" password will include the following guidelines:
Avoid using words from a dictionary, common or clever misspellings of words, and foreign words.
Avoid using incrementing passwords with a digit.
Avoid preceding or appending passwords with a number.
Avoid using passwords that others can easily guess by looking at your desk (such as names of pets, sports teams, and family members).
Avoid using words from popular culture.
Avoid thinking of passwords as words per se; think secret codes.
Enforce using passwords that require you to type with both hands on the keyboard.
Enforce using uppercase and lowercase letters, numbers, and symbols in all passwords.
The practice of enforcing password history ensures that passwords are not reused in a short period of time or that a short, cyclic list of passwords is not used. Reusing passwords allows the user, in essence, to never change their password. Thus, this practice helps maintain the effectiveness of password security of the SSO account.
For more information please visit the UM System Microsoft 365 Login Information.
If you have questions, need to report an IT issue, request a new IT service, or require additional help please visit ithelp.umkc.edu