Facebook pixel MySTLCC ID Updates

MySTLCC ID

We are updating your MySTLCC ID login experience to make life simpler and more secure:

  • No more passphrase expirations: As of December 19, 2023, your next passphrase change will be your last one (unless you forget your passphrase or we suspect it has been compromised).
  • Passphrase protection: When you update your passphrase, we will let you know if the one you are trying to use has been compromised or is easy to guess.
  • Easier passphrase resets: You will be asked to update your security information to easily and securely reset your passphrase if forgotten or we suspect it is compromised. 

What Is Multifactor Authentication?

Multifactor authentication, also known as two-step verification or MFA, protects your MySTLCC ID if your passphrase is stolen.

When you sign in from a new device or location, we send a notification or code to a place you trust, such as your email or phone. You then enter this code to get access to your account. By taking this extra step, your grades and financial aid are secure from those who are trying to steal your account information.

We highly recommend the use of the Microsoft Authenticator app to simplify accessing and securing your account. 

If you have questions or comments, please contact the IT Help Desk at 314-539-5113 or csc@stlcc.edu.

Security Information Update

You will soon be asked to update your security information when signing in to STLCC sites and services. This will allow you to securely reset a forgotten or compromised password.

If you have already set up the Microsoft Authenticator app and a phone number for SMS/text messages for your two-step verification/multifactor authentication, then you will not need to make any changes.

When you are asked to update your information, follow the instructions for setting up your authenticator app and a phone/text number where you can receive a code to securely reset your account.

Update Your Security Info

If you would like assistance during this setup, please contact the IT Help Desk at 314-539-5113 or csc@stlcc.edu.

Tutorial Videos

MySTLCC Account Changes

How to Create a Passphrase

How to Update Your Security Information

How to Reset Your Forgotten Password

How to Use Microsoft Authenticator App

How to Set Up SMS & Text Codes

What If You Don't Have a Smartphone?

How to Use a Different Authenticator App

FAQs

What is changing at STLCC?

Resetting your passphrase used to rely on setting up and answering a few personal questions to proceed with the change. Now when you log in for the first time, you will set up your security information and then authorize your passphrase reset/change by entering a code that is generated or sent to your smartphone or personal email address.

Password protection will ensure that your new passphrases are secure and have not been publicly posted or compromised.

Passphrase expirations will be a thing of the past. You will no longer be required to update your passphrase every year. However, we will still disable accounts that have been inactive.

All employees and registered students will need to use two-step verification for their accounts to protect sensitive student and employee information. 

Why are you making these changes?

We are aiming to make it easier for you to manage and secure your account by using practices that have proven to be effective, such as those outlined by NIST SP800-63B: Digital Identity Guidelines

What are the passphrase requirements?

Passphrases are required to be at least 10 characters, and contain at least 3 out of the 4 following character classes:

  • Upper-case letter A - Z
  • Lower-case letter a - z
  • Number 0 - 9
  • Special character @ # $ % ^ & * - _ ! + = [ ] { } | \ : ' , . ? / ` ~ " ( ) ; < >

How can my password be stolen?

Cybercriminals can steal your password through phishing emails or malicious software (malware). Each year, we respond to over one hundred compromised student accounts.

What is phishing?

Phishing is when a cybercriminal uses an email or message to try to trick you into giving them your personal information. Typical phishing emails try to scare you into providing this information by saying that you will lose access to your account if you don't respond quickly.

What methods/locations should I use for my security information?

We recommend setting up three methods to make sure you can always get into your account.

  1. The Microsoft Authenticator app, since it is the easiest and most secure way to verify your information and log in.
  2. Your phone number for receiving text codes if there is an issue using the app.
  3. A personal email address (e.g. Gmail, Yahoo, Outlook, iCloud, etc.) that you can use if you lose access to your phone.

Where can I go to set up my security information?

You can set up your security information anytime by going to stlcc.edu/setup.

What if I forget my passphrase?

If you have forgotten your passphrase, you can go to stlcc.edu/reset to reset your passphrase or by contacting the IT Help Desk at 314-539-5113.

I set up password reset using the old system. What do I do?

If you remember your passphrase and your account is still active, you can just sign in to set up the new method. If you have forgotten your passphrase, you can still reset your passphrase by going to the old password reset application or by contacting the IT Help Desk. 

What if I update or replace my phone/device? Will the authenticator app still work?

We recommend backing up your authenticator app as part of your phone or device backup. If your backup includes the authenticator app, restoring your device settings to the new device will ensure your authenticator app continues to function. If you didn't include the authenticator app as part of your backup, then you will need to set up the authenticator app on your new device. 

What if I upgrade or replace my phone and my phone number changes?

We recommend backing up your authenticator app as part of your phone or device backup. If your backup includes the authenticator app, restoring your device settings to the new device will ensure your authenticator app continues to function. If you didn't include the authenticator app as part of your backup, and your phone number has changed so that you lost two methods of approving your password reset, then you will need to contact the IT Help Desk for assistance in resetting your security information. 

Can I setup SMS or text for a verification method?

Yes. Instructions to set up text message verification are available from Microsoft.

Can I set up an email address for a verification method?

You can set up a personal email address as a verification method for password reset only. It will not work for two-step verification or multifactor authentication. Instructions to set up email verification are available from Microsoft.

Can I use an app for verification?

Yes. We recommend using the Microsoft Authenticator app as a verification method for both password reset and two-step verification. Instructions to set up an app for verification are available from Microsoft.

Can I use a voice phone call for verification?

Yes. Instructions to set up phone call verification are available from Microsoft.

Back to top