Set up multi-factor authentication on your account

Sometimes called two-step verification, multi-factor authentication (MFA) makes you prove two factors from independent categories at login, denying access if either are incorrect. You enter:

1. your username and password as normal, proving something you know
2. a code or respond to a verification request sent to your device, proving something you have

Login factor 2 can be sent to your device by call, text, or by way of an app called Microsoft Authenticator.

If you’ve ever had to put in an extra code to get into your PayPal or online banking, you've used a type of it before.

Set up multi-factor for the first time

The first time you log in as a student, or member of staff, you'll see one of these screens, you'll need to follow the instructions for the screen you see.

• I can see the More information required screen
• I can see the Enter code screen

I can see the More information required screen

Click next to reach the page where you register your settings. Select your preferred contact method from the drop-down list.

You will reach a page asking for you to choose how you would like to be contacted:

• Authentication phone
• Office phone [DO NOT use this]
• Mobile app

Mobile app

There two ways you can get your second login factor using the Microsoft Authenticator app:

Verification notice (strongly recommended)
This will send you a notification with the option to Deny or Approve the sign-in. It is a single tap process, but there can be a short wait to be approved at the login side. (If you have dyscalculia you will probably find this the best method.)

Verification code
This will show you a six digit code with a 30 second countdown. It will work immediately when you enter it on your login page, but if you don't copy numbers very well this might be difficult.

• Pick how you want to use the app
• Click setup and a QR code will appear

Set up the app on your device

• Install the the Microsoft Authenticator app on your phone or tablet  
• On your PC browser, logged on the UoD network, go to the web page My Sign-ins 
• Click on the “+ Add sign-in method” and choose a method “Authenticator app”, then ADD
• On the next screen, click ‘next’
  
   
• Open the app
• Tap add profile, then work or school account
• Allow access to your camera to scan the QR code, or select or enter code manually
   
  
  • On ‘mysign-ins’ click ‘NEXT’, the QR code will be displayed on your PC
  • Use you phone to scan the QR code on the system, and confirmation will be given that the authenticator is ready
  • On ‘my sign-ins’ click next, this will then send a test authentication to your phone, follow the on-screen instructions

Finish setup

• Click next, give it a minute to check the activation status, then click next again
• Open the Microsoft Authenticator app to get the code or respond to the verification request, then click verify
• Select your country or region from the drop-down list and enter your phone number then click next
• Click done at step 4 to complete your MFA setup

Authentication phone

If you don't have a smart phone, you can also use a phone call or text message to authenticate.

• Select your country or region from the drop-down list and enter your phone number then click next
• Pick whether you want to receive a text or call
• Select contact me to verify your phone number
• Microsoft (MSFT) will text or call your phone number to supply a code - if asked to press the 'pound' key, press #
• Enter the code, then select verify
• Click done at the next page to complete your MFA setup

If you choose to receive a phone call but have a call protect service (such as BT Call protect or Phone Guard) on your phone line then this may block the automated phone call. Check your service's instructions for how to allow expected calls through.

Office phone (do not use)

Even though you can pick this option from the drop-down list, you won't be able to fill in your number. Unfortunately, it isn't possible for us to disable and remove it from the list of options. Again, we don't advise you use your office phone to receive your second login factor, as you won't be able to access things when away from the campus network.

I can see the Enter code screen

Now you've reached the enter code page, you should know that your MFA setup has defaulted to using the phone number and contact method you specified when you setup your self-service password reset in the past.

A code will be sent by call or text to that phone number. Enter the code to sign-in.

Didn’t get the code?

If you’ve changed phone since then and not updated the number, or don’t get the code through, contact the Service Desk to have your MFA setup reset for you, after which you will reach the more information required page and should follow the alternate instructions.

Got and entered the code?

If you’re happy to continue getting the code sent to that phone number in that way, you don’t need to do anything else – setup complete!

Want to change your setup?

If you’d rather get the code a different way or switch to using the mobile app, do the following:

1. Go to mysignins.microsoft.com/security-info
2. Change your preferred contact method in the drop-down list (if picking a mobile app option, click the setup authenticator app button, then follow the configure app instructions) and follow any prompts
3. Click save - setup complete!

Call charges - users of text or call option

As a general rule with UK mobiles, if you don’t get charged to receive calls or texts from your friends, it’s unlikely you will be charged to receive them from Microsoft for multi-factor authentication.

For roaming outside the EU or with non-UK/EU phone plans, occasionally users are subject to charges by their call provider.