Multifactor authentication (MFA) is an extra layer of security for your ACE account that requires you to provide extra verification to verify your identity when signing in with your ACE account. By requiring extra verification to sign in, it makes it difficult for unauthorized users to access your personal information and university resources.
Get Help with MFA from Scarlet
Choosing your Second Factor
ACE offers multiple options to use for your second factor to complete extra verification.
You must have this factor available any time you sign into your ACE account. Select an option that you can always keep with you. You can set up multiple factors.
| Factor |
How it Works |
Requirements |
Okta Verify
(Recommended) |
Sends a push notification to your smartphone to complete verification
Supports offline authentication.
Multiple devices can be registered |
Smartphone with iOS 14+ or Android 8+
Free Okta Verify App
Tablets not recommended |
| Security Key or Biometric Authenticator |
A Security Key is a special USB key you'll insert or tap on your device when prompted.
Supports offline authentication
Multiple devices can be registered |
Any FIDO2 Security Key. See setup instructions below for more information. |
| Google Authenticator |
Supports offline authentication. Uses time-based one-time password. |
Smartphone with iOS 14+ or Android 8+
Free Google Authenticator App (or other OTP generator app)
Tablets not recommended |
Security Keys and Biometric Authentication will not work in Respondus Lockdown Browser
Respondus Lockdown Browser does not support the use of security keys and biometric authentication (Windows Hello and Face ID / Touch ID).
As a workaround, students will need to setup Okta Verify in the ACE Dashboard from a normal browser, and then login to Lockdown Browser.
Students who cannot setup another method will need to call the IT Help Desk for assistance.
Adding multiple devices to your account
You can register as many methods as you would like. For Okta Verify and Security Key or Biometric Authenticator, you can register multiple devices to your ACE Account.
- For Okta Verify
- When you request a push notification, all devices will receive the push notification
- If you cannot receive the push notification, you can use a code generated by any Okta Verify app registered to your account
- For Biometric Authenticator
- You can only register a biometric authenticator on the device you are currently using
- We strongly recommend setting up Okta Verify in addition to biometrics in case you sign in on a new device
The instructions to set up new or additional devices is the same though the ACE Dashboard.
Setting Up MFA
To update your MFA settings you'll need to log in to the ACE Dashboard first to start the process.
Launch ACE Dashboard Settings
- On your computer or mobile device, go to ace.unlv.edu and sign in with your ACE Account. If you forgot your ACE username or password, you can attempt self-service recovery by selecting Need help signing in?, or contact the IT Help Desk.
- On the ACE Dashboard, select your name in the upper right.
- Select Settings.
- Select Edit Profile. If you do not see Edit Profile, continue to the next step.
- You may be prompted to sign in again. Enter your password, then select Verify.
- You may be prompted to satisfy MFA before you can change methods. If you cannot complete MFA, contact the IT Help Desk.
- Navigate down to Extra Verification.
- If you want to add another device for Okta Verify or Security Keys, select Set up another in that section
- If you need to replace a factor, select Remove for that option. Then select Set up to begin the setup process.
- If you are setting up a new factor, select Set up for that factor.
- Set up your chosen factor with the instructions below.
- Once you have completed your changes, you may sign out and/or close the ACE dashboard.
Setting Up Factors
Once the enrollment process starts, follow the on-screen instructions to enroll in MFA, or select the factor you are enrolling in below.
Okta Verify will send a "yes/no" push notification on your mobile device to confirm your authentication attempt. Since internet access is not required, Okta Verify’s offline mode allows you to provide a factor with a limited connection.
- Under Okta Verify, select Setup.
- Select your device type.
- Download Okta Verify
from the App Store (for iOS) or Google Play (for Android).
- Open Okta Verify on your mobile device.
- Tap Add Account.
- Tap Organization.
- Return to your computer, verify you have selected iPhone or Android, then select Next.
- A QR code will appear on your computer.
On your mobile device, tap Yes, Ready To Scan, and point your camera at the QR code displayed in the browser on your computer.
- If prompted, allow push notifications on your device so that you can approve future sign-in notifications without opening the Okta Verify app.
- If prompted, enable biometrics (such as Face ID or Touch ID). Tap Enable or Allow.
- Tap Done to complete the account enrollment.
- Return to the enrollment web page on your computer.
- Once the app has finished downloading, go back to the setup wizard (usually in your web browser).
- Verify iPhone or Android is selected, then select Next.
- A QR code will appear.
Select Can't scan?
- A screen will display asking to send an activation link via SMS. Enter your phone number and select Send.
- A text message will then be sent to the phone number provided. Select the link sent to you.
- If prompted, select Allow or Open Okta Verify.
- Okta Verify should automatically open. Follow the on-screen instructions to finish enrollment.
- If prompted, allow push notifications on your device so that you can approve future sign-in notifications without opening the Okta Verify app.
- If prompted, enable biometrics (such as Face ID or Touch ID). Tap Enable or Allow.
- Return to the enrollment web page (usually in your web browser).
The enrollment page will automatically advance once Okta Verify has been registered. Enrollment in Okta Verify is now complete.
Voice Call Authentication should only be used when you do not have a device that can use Okta Verify or SMS Authentication. Phone Authentication requires that you be near the phone to receive the phone call and follow the instructions.
Voice Call Authentication works by calling your phone and following the instructions to complete MFA.
- Under Voice Call Authentication, select Setup.
- Enter your phone number, then select Call.
- You will then receive a phone call and be given a code. Enter this code in Enter Code, then select Verify.
The enrollment page will automatically advance once Voice Call Authentication has been registered. Enrollment in Voice Call Authentication is now complete.
Security Keys and Biometric Authentication will not work in Respondus Lockdown Browser
Respondus Lockdown Browser does not support the use of security keys and biometric authentication (Windows Hello and Face ID / Touch ID).
As a workaround, students will need to setup Okta Verify in the ACE Dashboard from a normal browser, and then login to Lockdown Browser.
Students who cannot setup another method will need to call the IT Help Desk for assistance.
Using a Security Key or Biometric Authenticator allows you to satisfy MFA without using a phone at all. A Security Key is a special USB key you'll insert or tap on your device when prompted. Any FIDO2 certified security key is compatible.
If you setup a Security Key or Biometric Authenticator, OIT strongly recommends enabling SMS Authentication to prevent being locked out in case you lose or forget your security key.
Compatible Security Key
OIT recommends the purchase of the YubiKey 5 Series. Because you must either plug the device in to a USB port, or tap it against an NFC-comptaible device, be sure to select a security key with the correct connection type for your device.
If you plan on using campus computers, we recommend having a security key that works with USB-A ports:
Setting up a Security Key
- Under Security Key or Biometric Authenticator, select Setup.
- Select Enroll.
- Once you select Enroll, your device will walk you though the process to setup your security key. Be sure to select the options to setup a security key, as your device may prompt with multiple options. Your device will also prompt you when to insert or tap your security key.
The enrollment page will automatically advance once the security key has been registered. Enrollment for Security Key or Biometric Authenticator is now complete.
You may add additional security keys or biometric authenticators though the ACE Dashboard, similar to setting up another factor, like SMS Authentication.
Signing in with MFA
When signing in with ACE, you'll be automatically prompted to sign in with MFA when needed. This may not happen at every sign in, but you will be prompted if you log in to a new device. Make sure to always keep your second factors (such as your phone or security key) handy.
If you are prompted to satisfy MFA, you'll see a prompt to select which method you would like to use. Choose Select for your preferred method.
If you want to change your method, select Verify with something else
If your mobile device cannot connect to the Internet, you can either use a manual code from Okta Verify, or a Security Key (if enrolled).
For Okta Verify
- Verify Okta Verify is displayed as your authentication method. You should see the Send Push button.
- If it does not appear, select the drow-down menu, then select Okta Verify
- Below Send Push, select Or enter code.
- On your phone, open Okta Verify.
- Locate the entry for nshe-unlv.okta.com and confirm your ACE username is shown.
- Enter the six digit code shown below your ACE username in the Enter Code box on your computer.
- Select Verify.
For Security Keys
- Verify Security Key or Biometric Authenticator is displayed as your authentication method.
- If it does not appear, select the drow-down menu, then select Security Key or Biometric Authenticator.
- Follow the instructions on your device to insert or tap your security key.
Need Additional Help?
If you are locked out of your ACE account, you must
call the IT Help Desk. The IT Help Desk cannot reset MFA over email.
For additional assistance, please visit the Accounts, Access, and Identity Knowledge Base for additional articles or select a Related Service to submit a support ticket. You can also contact the IT Help Desk.