Multi-Factor Authentication

Follow the steps below in Part 1 and Part 2. You can also watch a video of these steps on MediaSpace.

Part 1 - Install Microsoft Authenticator from your app store (on your mobile device)

We recommend the 'Microsoft Authenticator' app because it is the only authenticator application that supports push notifications, which are required by some services and offers the best experience.

You may first need to set up an account on the relevant app store in order to download the app.

• Google Play (Android)
• Apple App Store (iOS)

Download and learn more on the Microsoft website. 

If you are unable to use the 'Microsoft Authenticator' app, we can suggest some alternative apps and methods to approve MFA requests. Further information can be found here (log in required).

Part 2 - Configure MFA (on your computer and mobile device)

Once the 'Microsoft Authenticator' app is installed on your mobile device, visit the MFA configuration page, by clicking the below button, on your computer and then follow the steps below: 

Configure MFA

1. You will need to login using your university email address and password. If you haven't set up MFA previously, you will then be prompted to enter additional information.
2. Click 'Next'. This will take you directly to the 'Additional security verification' webpage.
3. You will then be asked 'How should we contact you?' Select 'Mobile App' from the drop down menu, and check the option for 'Receive notifications for verification'.
4. Click on the 'Set up' button. The Configure mobile app screen will appear with a QR code for you to scan with the Microsoft Authenticator app on your mobile device.
5. Open the Microsoft Authenticator app on your mobile device, select Add account (+) on the Accounts screen and then Work or school account.
6. Choose 'Scan QR code'. Use your mobile device's camera to scan the code displayed on your computer.
   
   Note: You may be prompted to allow the app to access the camera on your mobile device.  Please choose allow (or similar). If your camera isn't working properly, you can enter the QR code and URL manually.
   
   
7. On your computer, click 'Next' on the Configure mobile app screen, and 'Next' again on the 'Additional security verification screen'.
8. A notification will be sent to the app on your mobile device. Click 'Approve'
9. Once approved, you will be prompted on your computer to enter a mobile phone number. It is highly recommended that you complete this.
10. Enter your mobile phone number.
    
    Note: Users with a Chinese mobile phone number should not enter their phone number, and just click 'Finished'.
    
    
11. Click 'Finished'.
12. The set up is complete. Sign out by clicking on the email address in the top right-hand corner.
13. Now move on and secure your Microsoft 365 account by completing this form.

Top tip: when using MFA to approve sign in requests, we recommend having the app open and ready.

Part 3 - Enable phone sign-in (Recommended action)

What is phone sign-in? 

Phone sign-in is a Microsoft feature that allows users to authenticate MFA requests using their smartphone alone – no password or username is required. 

What is the benefit of enabling phone sign-in? 

Passwords are a primary target for cybercrime. Phone sign-in helps to mitigate this risk as you will not need to remember passwords or worry about others stealing them. Phone sign-in makes logging into systems quicker and more secure. 

What steps do I need to follow to start using phone sign-in?  

In order to start using phone sign-in, you must follow the steps below. You can complete these steps now. 

1. Open the Microsoft Authenticator app on your phone (or install it if you haven’t already) 
2. Your email address is displayed – click on it 
3. Select ‘Set up phone sign-in’ 
4. Follow the instructions in the app to finish registering your account for phone sign-in 

If you use the Microsoft Authenticator app on more than one phone, you will also need to follow the above steps on your other phone(s).  

What will I see when logging into a system that requires MFA? 

Once you have enabled phone sign-in, the next time you log onto a system that requires MFA, such as Microsoft 365, you will be prompted to enter your password as usual. After doing so, you should then see an option saying ‘Use app instead’ - click on this to start using phone sign-in.  

You may see a page saying ‘Request has not been sent’ in place of a number. This simply means there is a pending authentication that has not been approved/ denied within the app. You will need to open and approve or deny the authentication.

If you do not currently use the Microsoft Authenticator app to log into systems, you will experience no change and you will be able to log into your systems as usual. 

What if I don’t follow the steps above?  

We strongly recommended you enable phone sign-in on your phone. It is more secure, and you will no longer need to enter your password into systems that use MFA. 

If you do not enable phone sign-in, you will need to enter your email address and password into systems, followed by the number matching element in the Microsoft Authenticator app. 

If you have any questions, please contact the Service Desk in the first instance.

Using the verification code method, you can set up an app of your choice on a mobile device or laptop / desktop computer. 

You may first need to set up an account on the relevant app store in order to download the app.

Part 1 - Install an authenticator app (on your mobile or computer)

Choose an authenticator app, here are some suggestions:

• Microsoft Authenticator (smartphone Android and iOS)
• Authy (supports most operating systems)
• WinAuth (for Windows only)

There are other apps available. Part 2 gives generic instructions for setting up the verification code method. However, we have more detailed guides on Workspace for Authy and WinAuth.

Part 2 - Configure MFA (on your computer and authenticator device)

Once the authenticator app of your choice is installed on your mobile device or computer (laptop / desktop), visit the MFA configuration page, by clicking the Configure MFA button, on your computer and then follow the steps below.

Configure MFA

Generic instructions

1. You will need to login using your university email address and password. If you haven't set up MFA previously, you will then be prompted to enter additional information.
2. Click 'Next'. This will take you directly to the 'Additional security verification' webpage.
3. You will then be asked 'How should we contact you?' Select 'Mobile App' from the drop down menu, and check the option for 'Use verification code'.
4. Click on the 'Set up' button.
5. The Configure mobile app screen will appear with a QR code, you must click the 'Configure app without notifications'.
6. Copy the Secret Key that is shown on screen.
7. Open the authenticator app on your mobile or computer, select Add / Add Account (+).
8. Paste or type in the Secret Key when asked for the 'Secret Key' or 'Enter Code given by the website'.
9. The authenticator app should now display a six-digit code.
10. On your computer, click 'Next'.
11. Now click 'Verify now'.
12. Enter the verification code that is displayed on the authenticator app.
13. Click 'Verify'.
14. This should complete the set up of the authenticator app and allow you to use it for code verification with Microsoft services.
15. Once approved, you will be prompted on your computer to enter a mobile phone number. It is highly recommended that you complete this.
16. Enter your mobile phone number.
    
    Note: Users with a Chinese mobile phone number should not enter their phone number, and just click 'Finished'.
    
    
17. Click 'Finished'.
18. Sign out by clicking on the email address in the top right-hand corner.
19. Now move on and secure your Microsoft 365 account by completing this form.

Top tip: when using MFA to approve sign in requests, we recommend having the app open and ready.

Before you start, have your mobile phone ready and in range of signal to receive text messages.

Note: Users with a Chinese mobile phone number should not use this authentication method. Please use the Microsoft Authenticator app or Verification code as an alternative.

When ready, visit the MFA configuration page by clicking the below button on your computer and then follow the steps.

Configure MFA

1. You will need to login using your university email address and password. If you haven't set up MFA previously, you will then be prompted to enter additional information.
2. Click 'Next'. This will take you directly to the 'Additional security verification' webpage.
3. You will then be asked 'How should we contact you?' Select 'Authentication phone' from the drop down menu.
4. Select your country or region from the list and then enter your phone number.
5. Then click 'Next'.
6. You will be sent a text message from Microsoft with a verification code.
7. Use the code in the text message on the next screen to verify your phone number.
8. Once complete, you will get an SMS text message when MFA approval is required for Microsoft services.
9. Click 'Finished'.
10. The setup up is complete. Sign out by clicking on the email address in the top right-hand corner.
11. Now move on and secure your Microsoft 365 account by completing this form.

Top tip: when using MFA to approve sign in requests, we recommend having your mobile phone ready.