User Accounts - Technology Support Services

Documentation

Students who graduate with a degree from NMU after 2018, are able to keep their current NMU email as long as they log into the gmail website at least once a year.

Otherwise, the NMU Alumni Association office offers alumni "E-mail for Life," a free, full-service email account through the Google Education system available to all alumni of Northern Michigan University.

To request your alumni account, visit this page. You will be contacted at your current NMU email address with your new username and password when your request is processed. 

For more information on alumni email accounts, visit the Alumni Association's page here. 

Documentation

Your password protects your account. You can also add a second layer of protection with "2 Factor Authentication" so even if somebody manages to steal your password, it is not enough to get into your account. This additional form of authentication (sometimes referred to as 2FA or TFA) is completely independent from your username and password.

How It Works

You will login as usual with your username and password, then enter an additional code from either an Authenticator App, a Security Key, or a set of Backup Codes to verify that it is in fact you. You can also click a checkbox at the login page to trust a device for 30 days so you can just use your  username and password to log in on that device.

Recommendations

• Enable more than one 2 factor authentication method such as using both an Authenticator app and Backup Codes!
• Remember / Trust more than one browser/device by clicking the checkbox at the bottom left corner of the login prompt before logging in. Do this on different days for each browser/device so they both don't reach the 30 day limit on the same day.

This will trust that device for 30 days and you will not be required to enter the additional 2 factor code on that device during the 30 day period. It's best if you don’t trust multiple devices on the same day so they don’t all expire at the same time. The browser/device trust is managed through the use of browser cookies, so if you clear your browser's cookies then you remove any existing 30 day trust and cause the two factor authentication prompt to occur when you next login.

3 Options for Setting Up 2 Factor Authentication for NMU Services

There are 3 options for setting up 2 Factor Authentication for NMU services like MyNMU and MyUser; an authenticator app, USB security key, and backup codes.

Authenticator App (Best for mobile devices - tablets or smartphones)

Using a mobile authenticator app on your smartphone, tablet, or computer as a second factor during login. Enabling this option will require that you enter a code generated by the authenticator app as a second factor during the login process. Google Authenticator  and Microsoft Authenticator are 2 authenticator apps that will work. Google Authenticator works on Android and Apple iOS devices. Install the authenticator app BEFORE turning on this option for NMU Services.

For quick set-up instructions see: 2FA Quick Steps 

USB Security Key (Requires extra hardware)

Requires FIDO U2F Security Key device, typically a USB device, to be attached to the computer you are logging in from. NOTE: Security keys are currently only compatible with the Chrome web browser.

For step by step instructions see: Using a Security Key for 2 factor authentication

Backup Codes (Used as a backup to the other options)

Backup codes come in sets of 10 that you generate at https://myuser.nmu.edu/user. Each of the 10 Backup Codes can only be used once. When a backup code is used it will become inactive. Typically you print them out, keep them in a secure location, and check them off as you use each one. You can generate a new set codes at any point, automatically making the old set inactive. If you use back up codes it is recommended you get a new set of 10 codes before you use the last code and run out of the current set of backup codes you are using.

For step by step instructions see: Using Backup Codes for 2 factor Authentication

     Notes:

• Once you complete these steps, you will be required to use 2 factor to log into MyNMU, MyUser, and other NMU services that require it.
• If 2 factor authentication is preventing you from accessing NMU Services verify the problem also occurs at https://myuser.nmu.edu/user . If it doesn't work there then use MyUser's recovery link to reset your password and change or verify your 2 factor authentication settings.

NMU G Suite Account 2 Factor Authentication

2 factor authentication on your NMU G Suite account is a separate feature unique to Google. A good overview with links to set up 2 factor authenticaton for your NMU G Suite account is available at https://www.google.com/2step.

See also: 2 Factor Authentication Frequently Asked Questions

Documentation

All computers that wish to use the NMU Wireless or Wired connections on campus must be registered. Current NMU Faculty, Staff, Students, and Retirees can register machines on the network. If there is a guest on campus that needs internet access, currently only Faculty and Staff can sponsor them. To sponsor a guest:

1. Open a Web Broswer
2. In the URL bar, go to http://register.nmu.edu and click the Need to sponsor someone, go here link. You can login with your current NMU UserID and password.
   
3. Once you login, you will see a window similar to the one below. Click on "Enter Guest Sponsor Function" to continue.
   
4. Fill in the top portion of the screen to add a new sponsor. Be sure to carefully type in each requested piece of information, as it may be needed later. You can choose a start date up to a month in advance. If you know a guest is arriving, and they need internet access, it is best to complete this prior to their arrival. It can take up to an hour for this part to register in our system.
   
5. Click on "Submit Request" to add the sponsor request. You will notice a green bar at the top of the screen that indicates your sponsor request was successful. 
   
6. It may take up to an hour for the request to be active. Once it is active, the guest should connect to the WiFi access point named "NMU", open a web browser, and navigate to "http://register.nmu.edu" on the machine that needs internet access. The guest can use their email address that was used in the request for the User ID and password fields.
   
7. After clicking "Sign In", the guest will be able to register their machine. The registration will stay active for one day, so if they need to access the internet during the next day, they will need to register using "http://register.nmu.edu" again. The guest will be able to register their computer for as long as was requested when the guest sponsor entry was added. Once that time period expires, a new entry will have to be made by a current NMU Faculty or Staff member.

Documentation

When is the NMU Network User ID created?
Once a person is admitted as a student, an account is created with the status of “Admitted.”   Enrollment in a course will trigger the creation of an account if one does not already exist.  Access to the account takes 24-hours to process.
 
What happens if the person never uses the NMU Network User ID?
If an admitted student becomes a “no show” (doesn’t come for orientation or register for classes) and the person never logs into the account, the user account is deleted.
 
What happens if the student leaves school?
If a student is not currently enrolled, the account takes on a “non-student” status.  This occurs if the student graduates, withdraws, fails to register for classes, or misses the tuition-due deadline without making payment or other arrangements. 
 
What happens with a “non-student” status?
With a “non-student” NMU User ID and account, the individual

• Can receive/send e-mail; can access MyUser to view account status
• Cannot register devices (computers, mobile, LTE, etc.); any previously registered devices are automatically de-registered
• Cannot use VPN access
• Cannot access EduCat

 
How long does the “non-student” status last?
If an individual returns to NMU in good standing as a student, the NMU User ID and account is enabled with an “active” student status.
 
“Non-student” status accounts become “disabled” after a set amount of time:
            1 year for undergraduate students
            3 years for graduate students
A disabled account cannot receive/send email, register devices, or access the network.
 
What happens if an account is locked (e.g. password expired, spam activity, password recovery errors, password reset)?
The student can access account information using MyUser to find out the reason for the lock.  In most circumstances the user can take appropriate action and unlock the account. 
 
What happens if a student has his/her account disabled?
If an NMU User ID and account are disabled due to violations of the Acceptable Use Policy, appropriate steps must be taken to resolve the situation. 
 
Where can a student get additional help about computing resources?
Contact the NMU Computing HelpDesk at 906-227-2468 or visit the HelpDesk in the Learning Resources Center. 

Documentation

When is the NMU User ID created?
The NMU Network User ID is created once the appropriate employment documentation is entered into the Human Resources system, but no more than 30 days prior to the effective date of employment.
 
What happens when the Temporary Labor appointment ends?
The NMU Network User ID becomes “expired” on the employment end date.  The “expired” status lasts for one year.  During this window, the individual can receive/send email, and can access MyNMU (including payroll information), MyUsesr network account information, and EduCat. 
 
The individual cannot register devices on the network and does not have access to network services such as VPN.  Any previously registered devices are automatically de-registered.
 
What happens to an “expired” account after one year?
After one year, an expired account becomes “disabled.”  A disabled account has no network access, cannot receive/send email, and cannot register devices on the network.
 
What happens if the person resigns or is terminated before the end date of their temporary labor appointment?
The Network User ID and account immediately becomes expired. The account may be set to disabled status immediately if circumstances warrant. If the account is set to expired status, after 30 days the account becomes disabled. 
 
What happens if an account is locked (e.g. password expired, spam activity, password recovery errors, password reset)?
The employee can access account information using MyUser to find out the reason for the lock.  In most circumstances the user can take appropriate action and unlock the account. 
 
What happens if a temporary labor employee has his/her account disabled?
If an NMU Network User ID and account are disabled due to a violation of the Acceptable Use Policy, the employee must work with the appropriate supervisor(s) and/or Human Resources to resolve the situation.
 
Where can a person get additional help regarding computing resources?
Contact the NMU Computing HelpDesk at 906-227-2468 or visit the HelpDesk in the Learning Resources Center.
 
 
 
Notes:   Individuals with Personal Services contracts are not considered to be NMU employees.
  Spouses are not eligible for network User ID and services.

Documentation

When is the NMU User ID created?
The NMU Network User ID is created once the appropriate employment documentation is entered into the Human Resources system, but no more than 30 days prior to the effective date of employment.
 
What happens when a person resigns or is terminated from employment at NMU?
The NMU Network User ID becomes “expired” on the employment end date.  The “expired” status lasts for one year. During this window, the individual can receive/send email; and can access MyNMU (including payroll information), MyUser network account information, and EduCat.
 
The individual cannot register devices on the network and does not have access to network services such as VPN.  Any previously registered devices are automatically de-registered.
 
What happens to an “expired” account after one year?
After one year, an expired account becomes “disabled.”  A disabled account has no network access, cannot receive/send email, and cannot register devices on the network. 

What if an employee retires from NMU? 
The person must first meet the NMU definition of a retiree (years of service + age ≥ 70).   Upon the retirement date, the NMU User ID and account are set to “retiree” status and the account stays active.  The individual can receive/send email, can use network services such as VPN and dial-up access, and can register devices for the network.  Note:  Spouses and surviving spouses are not eligible for these services.
 
What happens if an account is locked (e.g. password expired, spam activity, password recovery errors, password reset)?
The employee can access account information using MyUser to find out the reason for the lock.  In most circumstances the user can take appropriate action and unlock the account. 
 
What happens if an employee has his/her account disabled?
If an NMU Network User ID and account are disabled due to a violation of the Acceptable Use Policy, the employee must work with the appropriate supervisor(s) and/or Human Resources to resolve the situation.
 
Where can a person get additional help regarding computing resources?
Contact the NMU Computing HelpDesk at 906-227-2468 or visit the HelpDesk in the Learning Resources Center.
 
Notes:  Individuals with Personal Services contracts are not considered to be NMU employees.   
             Spouses are not eligible for network User ID and services.

Documentation

When is the NMU User ID created?
The NMU Network User ID is created once the appropriate employment documentation is entered into the Human Resources system, but no more than 30 days prior to the effective date of employment.
 
What happens when the Term, Contingent, or Adjunct contract expires? 
The NMU Network User ID becomes “expired” on the employment end date.  The “expired” status lasts for one year. During this window, the individual can receive/send email; and can access MyNMU (including payroll information), MyUser network account information, and EduCat.
 
The individual cannot register devices on the network and does not have access to network services such as VPN.  Any previously registered devices are automatically de-registered.
 
What happens to an “expired” account after one year?
After one year, an expired account becomes “disabled.”  A disabled account has no network access, cannot receive/send email, and cannot register devices on the network.
 
Does the Network User ID stay active if the person is teaching next semester?
If the individual receives a subsequent teaching assignment, a new contract will be processed.    The new contract takes effect only after the new employment agreement has been approved, signed by Academic Affairs, signed by the prospective employee, and entered into the Human Resources system.  To ensure continuation of network access, the employment agreement must be completed prior to the end date of the person’s current employment agreement.
 
If a term, contingent, or adjunct faculty member employed in Winter semester receives a completely processed employment contract for the following Fall semester prior to the employment end date of the Winter semester, network access will be extended over the summer and to the next employment end date.
 
What happens when a faculty member on a term, contingent or adjunct appointment resigns or is terminated from NMU?
 The NMU Network User ID becomes “expired” on the employment end date unless a determination is made to set the account immediately to “disabled” status.  The “expired” status lasts for thirty (30) days.  During this 30-day window, the individual can receive/send email; and can access MyNMU (including payroll information), MyUser network account information, and EduCat.
 
The individual cannot register devices on the network and does not have access to network services such as VPN.  Any previously registered devices are automatically de-registered.
 
What happens if an account is locked (e.g. password expired, spam activity, password recovery errors, password reset)?
The employee can access account information using MyUser to find out the reason for the lock.  In most circumstances the user can take appropriate action and unlock the account. 
 
What happens if an employee has his/her account disabled?
If an NMU Network User ID and account are disabled due to a violation of the Acceptable Use Policy, the employee must work with the appropriate supervisor(s) and/or Human Resources to resolve the situation.
 
Where can a person get additional help regarding computing resources?
Contact the NMU Computing HelpDesk at 906-227-2468 or visit the HelpDesk in the Learning Resources Center.
 
 
Notes:  Individuals with Personal Services contracts are not considered to be NMU employees.   
             Spouses are not eligible for network User ID and services.

Documentation

Setting up Backup Codes for 2 factor authentication

      1. On a computer or other device, go to https://myuser.nmu.edu/user, click “Account Status/Change my Password” and login with your NMU ID and password.

      3. Click the Security Tab, then“Setup Codes" button under “Backup Codes”.

      4. The 10 backup codes will be displayed. Record or print the 10 backup codes and keep them with you. Each backup code can be used only once. An email message summarizing the 2-factor authentication will be sent to your NMU email account.

Using Backup Codes for 2 factor Authentication

      1. When logging into an NMU service such as MyNMU after entering in your userID and password you will be prompted to enter a code for 2-step verification and a checkbox to “Remember this computer for 30 days” if this is a personal device you feel you trust will stay secure and you don’t want to be prompted for the 2-step authentication each time you access the service.

      2. Enter one of your 10 backup codes and click “Next”.

      3. Cross out the backup code you used since it can’t be used ever again.

      4. Once you have used 8 to 9 backup codes get more backup codes at https://myuser.nmu.edu/user before using the last one.

We recommend you also set up another form of 2-factor authentication such as the Google Authenticator or Authy Authenticator App so you have more than one method of 2-factor authentication.

Documentation

Setting up Google Authenticator for 2 factor authentication

These instructions provide an overview of the process and the process may have changed if the authenticator app was recently updated. If you find you need more assistance than provided here please contact NMU Technology Support Services.

We recommend you set up 2-factor authentication Backup Codes first so you have more than one method of 2-factor authentication to use prior to setting up an Authenticator App.

    1. Get the “Google Authenticator” app for your iOS or Android device from the Apple App Store or Google Play.

    2. Run the “Google Authenticator”  app.

    3. On a computer or another device, go to https://myuser.nmu.edu/user, click “Manage Your User Account” and login with your NMU ID and password.

    4. Click on the “Security” tab and then the “Display options” button under “2-Step Verification”.

    5. Click the “Setup App” button under “Authenticator App”. A QR Code will be displayed. If the “Setup App” button isn't available but a "Remove" button is then an authenticator app has already been configured for your account. If you want to delete the current one and set up the Google Authenticator click the "Remove" button and the “Setup App” button will become available.

    6. On your iOS or Android device click the "+" (plus sign) in the upper right of the screen and then the "Scan barcode" option at the bottom.

    7. Google Authenticator may prompt for you to allow access to the Camera. Click “OK”.

    8. Scan the QR Code displayed on the computer or other device.

    9. Google Authenticator will display NMU, your NMU email address as your account name and your current 6 digit token number. The 6 digit token number renews every 30 seconds.

    12. Enter the current 6 digit token number into https://myuser.nmu.edu/user on your computer or another device and click the “Verify” button.

    13. The screen will indicate if the app was successfully added and then revert to the previous screen showing the time and date the app was authorized. An email message summarizing the 2-factor authentication will be sent to your NMU email account.

    14. Log out of https://myuser.nmu.edu/user.

Using Google Authenticator for 2 factor authentication

    1. When logging into an NMU service such as MyNMU after entering in your userID and password you will be prompted to enter a code for 2-step verification and a checkbox to “Remember for 30 days” if this is a personal device you trust will stay secure and you don’t want to be prompted for the 2-step authentication each time you access the service.

    2. Open your Google Authenticator app on your iOS or Android device and enter the current token displayed and click “Next”.

Documentation

Setting up a Security Key for 2 factor authentication

A FIDO U2F Security Key is typically a USB or other device you can connect to your computer to be used as a second step in 2 factor authentication. Security keys are currently only compatible with the Chrome web browser.

We recommend you set up 2-factor authentication Backup Codes first so you have more than one method of 2-factor authentication to use prior to setting up a Security Key.

1. Have a FIDO U2F Security Key available prior to starting this process.
   
2. Use the Chrome web browser for setting up and using a FIDO security key. If you do not already have the Chrome web browser installed you can download it from https://chrome.com.
3. Using the Chrome web browser, go to https://myuser.nmu.edu/user, click “Account Status/Change My Password” and login with your NMU ID and password.
   
4. Click on the “Security” tab and then the “Add Security Key” button.
   
   

5. The following instructions will be displayed to add the security key. Follow the instructions:
   

    

6. Once you tap the button or gold disc on the security key you will briefly see the message: "Your security key has been registered." Then the web page will go back to the “2-Step Verification" screen and you will receive a confirmation via email. You can now remove the FIDO security key.
7. Log out of https://myuser.nmu.edu/user.

Using a Security Key for 2 factor authentication

1. The Chrome web browser is required for using a FIDO security key. If you want to use the Firefox web browser it will have to be configured to allow using the USB security key.
2. When logging into an NMU service such as MyNMU after entering in your userID and password you will be prompted to insert your security key. You can also check the “Remember this computer for 30 days” check box if you want to trust this computer.
3. Insert the FIDO security key.
4. Press the gold disk or button on the key and the 2 factor authentication will be accepted and you will be logged in.
5. You can remove the FIDO Key and store it in a safe place.