Multi-Factor Authentication

Follow the steps below in Part 1 and Part 2. You can also watch a video of these steps on MediaSpace.

Part 1 - Install Microsoft Authenticator from your app store (on your mobile device)

We recommend the 'Microsoft Authenticator' app because it is the only authenticator application that supports push notifications, which are required by some services and offers the best experience.

You may first need to set up an account on the relevant app store in order to download the app.

• Google Play (Android)
• Apple App Store (iOS)

Download and learn more on the Microsoft website. 

Part 2 - Configure MFA (on your computer and mobile device)

Once the 'Microsoft Authenticator' app is installed on your mobile device, visit the MFA configuration page, by clicking the below button, on your computer and then follow the steps below: 

Configure MFA

1. You will need to login using your university email address and password. If you haven't set up MFA previously, you will then be prompted with the message "More information required".
2. Click 'Next'. This will take you directly to the Microsoft My Sign-Ins webpage where you will be asked to download the Microsoft Authenticator app (as per Part 1), once installed, click 'Next'.
3. Open the Microsoft Authenticator app on your mobile device, if prompted, allow notifications. Then select 'Add account (+)' on the Accounts screen and select 'Work or school account'.
4. Then select the 'Scan QR code' option.
   
   Note: You may be prompted to allow the app to access the camera on your mobile device.  Please choose allow (or similar). If your camera isn't working properly, you can enter the QR code and URL manually.
   
   
5. On your computer, click 'Next', a QR code will be displayed on-screen, scan it with the app and click 'Next'.
6. An approval notification will be sent to your mobile device, approve this by entering the number shown on-screen into the app and select 'Yes'.
7. Once approved, click 'Next'. This completes the set up, click 'Done' to finish.

Top tip: when using MFA to approve sign in requests, we recommend having the app open and ready.

Part 3 - Enable phone sign-in (recommended action)

What is phone sign-in? 

Phone sign-in is a Microsoft feature that allows users to authenticate MFA requests using their smartphone alone – no password is required. 

What is the benefit of enabling phone sign-in? 

Passwords are a primary target for cybercrime. Phone sign-in helps to mitigate this risk as you will not need to remember passwords or worry about others stealing them. Phone sign-in makes logging into systems quicker and more secure. 

What steps do I need to follow to start using phone sign-in?  

In order to start using phone sign-in, you must follow the steps below. You can complete these steps now. 

1. Open the Microsoft Authenticator app on your phone (or install it if you haven’t already) 
2. Your email address is displayed – click on it 
3. Select ‘Set up phone sign-in’ 
4. Follow the instructions in the app to finish registering your account for phone sign-in 

If you use the Microsoft Authenticator app on more than one phone, you will also need to follow the above steps on your other phone(s).  

What will I see when logging into a system that requires MFA? 

Once you have enabled phone sign-in, the next time you log onto a system that requires MFA, such as Microsoft 365, you will be prompted to enter your password as usual. After doing so, you should then see an option saying ‘Use app instead’ - click on this to start using phone sign-in.  

You may see a page saying ‘Request has not been sent’ in place of a number. This simply means there is a pending authentication that has not been approved/ denied within the app. You will need to open and approve or deny the authentication.

If you do not currently use the Microsoft Authenticator app to log into systems, you will experience no change and you will be able to log into your systems as usual. 

What if I don’t follow the steps above?  

We strongly recommended you enable phone sign-in on your phone. It is more secure, and you will no longer need to enter your password into systems that use MFA. 

If you do not enable phone sign-in, you will need to enter your email address and password into systems, followed by the number matching element in the Microsoft Authenticator app. 

If you have any questions, please contact the IT Service Desk in the first instance.

Using the verification code method, you can set up an app of your choice on a mobile device or laptop / desktop computer. 

You may first need to set up an account on the relevant app store in order to download the app.

Part 1 - Install an authenticator app (on your mobile or computer)

Choose an authenticator app, here are some suggestions:

• Microsoft Authenticator (smartphone Android and iOS)
• Google Authenticator (smartphone Android and iOS)    
• WinAuth (for Windows only)

There are other apps available. Part 2 gives generic instructions for setting up the verification code method. However, we have a more detailed guide for WinAuth.

Part 2 - Configure MFA (on your computer and authenticator device)

Once the authenticator app of your choice is installed on your mobile device or computer (laptop / desktop), visit the MFA configuration page, by clicking the Configure MFA button, on your computer and then follow the steps below.

Configure MFA

Generic instructions

1. You will need to login using your university email address and password. If you haven't set up MFA previously, you will then be prompted with the message "More information required".
2. Click 'Next'. This will take you directly to the Microsoft My Sign-Ins webpage where you will be asked to download the Microsoft Authenticator app (this is the recommended option).
3. If you cannot use this app or wish to use an alternative authenticator, click 'I want to use a different authenticator app'.
4. In the menu that appears, click the 'Authenticator app' option in the list.
5. Click 'Confirm'.
6. Now open your chosen authenticator app on your mobile or computer and select Add / Add Account.
7. Click 'Next' on the computer and a QR code will be displayed. 
8. Using your authenticator app, scan the QR code. 
   
   Note, if you cannot use a camera to scan the code, click the 'Can't scan image?' button. This will display the Account name and Secret key text, use this information to set up the authenticator app.
   
   
9. Once scanned QR code or entered the Secret key, click 'Next'.
10. Now enter the six-digit code shown in the authenticator and click 'Next'. 
11. This completes the set up, click 'Done' to finish. 
12. We recommend you set up another method of approval, for example phone or email - you can do this anytime by signing into the Microsoft My Sign-ins page.

Finally, sign into portal.office.com to access your university Microsoft 365 account. Enter the six-digit code displayed in the authenticator app on your device and click 'Verify' to sign in. 

Top tip: when using MFA to approve sign in requests, we recommend having the app open and ready.

Before you start, have your mobile phone ready and in range of signal to receive text messages.

Note: Users with a Chinese mobile phone number should not use this authentication method. Please use the Microsoft Authenticator app or Verification code as an alternative.

When ready, visit the MFA configuration page by clicking the below button on your computer and then follow the steps.

Configure MFA

1. You will need to login using your university email address and password. If you haven't set up MFA previously, you will then be prompted with the message "More information required".
2. Click 'Next'. This will take you directly to the Microsoft My Sign-Ins webpage where you will be asked to download the Microsoft Authenticator app (this is the recommended option) - if you cannot use this app, click 'I want to set up a different method'.
3. In the menu that appears, click the 'Phone' option in the list.
4. Then click 'Confirm'.
5. Now choose your phone country code (e.g., +44 for UK) and enter your phone number.
6. Then click 'Next'.
7. Now enter the 6 digit code sent to your phone and click 'Next'. 
8. You will then have a message saying "SMS verified. Your phone was registered successfully.".
9. Click 'Next'.
10. You will then be asked to download the Microsoft Authenticator app - if you cannot use this app, click 'I want to set up a different method'.
11. From the menu select another option, for example 'Email' and click 'Next'.
12. Now enter a secondary email address and click 'Next'.
13. Now enter the code sent to your email and click 'Next'.
14. This completes the set up, click 'Done' to finish.

Finally, sign into portal.office.com to access your university Microsoft 365 account. You will be sent a verification code to your phone. Enter the code and click 'Verify' to sign in. 

Top tip: when using MFA to approve sign in requests, we recommend having your mobile phone ready.

Follow these steps if you still have access to a method of authentication that you previously set up, such as the app on a mobile device, your phone number, or you are currently signed in on a device.

1. Visit the MFA configuration page 
2. You may need to log in using your university email address and password
3. You may be prompted to carry out MFA. At this point, either use the default preferred method you have set up, or select ‘I can't use my Microsoft Authenticator app right now’ or ‘Sign in another way’, then select the method you have access to
4. On the ‘My Sign-Ins’ page, continue to set up MFA for your new method using the relevant guidance above.
5. When your new MFA method is set up, remove any obsolete MFA method by clicking ‘Delete’ next to it.

If you cannot access your previous authentication method, please contact IT support.