Multi-Factor Authentication (MFA) | University of Strathclyde (2024)

Table of Contents
Information and advice on Multi-Factor Authentication (MFA) Setup Registration Download the Microsoft Authenticator app Add your account to the app Set up additional methods of authentication FAQs FAQs

Information and advice on Multi-Factor Authentication (MFA)

The University uses Multi-Factor Authentication (MFA) for access to services such as email off-campus. This page contains more information on the service and the steps that you should take before setting up MFA.

MFA is live forallDS accounts by default. You'll most likely be prompted to sign up for MFA right away when accessing your account for the first time. If you are not prompted or appear not to be on MFA, your account will be MFA enabled shortly. You shouldregister.

Setup

MFA provides an additional layer of security. It adds an extra step to the login process, requiring you to confirm your identity via a mobile device.

If you use mobile banking, you'll most likely have come across Multi-Factor Authentication already. You may need to enter your login details and then use your device to generate a code to verify your identity. This will give you access to your account.

MFA adds an additional layer of security by requiring an extra login step to validate your login. This extra step makes it significantly more difficult for an attacker to access your account, even if they manage to discover your username and password.

This extra login step is called your Second Factor, is usually carried out using a mobile device and can be configured in the following ways:

  • a push notification through the Microsoft Authenticator app; this is the most secure and convenient method and is recommended by Information Services
  • a text message to your phone, containing a six digit code; this option is intended for those without a device capable of installing the Authenticator app

MFA is active in the University so there are a few steps you must take to ensure you are able to authenticate and access your account:

  • for Android phones, navigate to the Playstore, for iOS phones, navigate to the App store; then search for Microsoft Authenticator, click install
  • open the Authenticator App
  • if you are prompted about Data Privacy, click OK, then skip all steps until you have the option to add your first account
  • you have now installed the Authenticator app; you can now continue on to the MFA User Registration

Registration

To use MFA, generally, you'll need a mobile device which you can register and use as your 'second-factor' for logging in.

Download the Microsoft Authenticator app

If you're using a smartphone, you should download the Microsoft Authenticator App.This is the easiest way to use MFA and the method Information Services recommends.

  1. The first step in the registration process is to visitMFA setup on your desktop.
  2. You'll then be prompted to login; enter your email and Click Next
  3. you'll now be asked for credentials, Enter your password and click Sign in
  4. you'll now be prompted to provide additional information, Click Next

Add your account to the app

If you haven't installed the Microsoft authenticator app on your phone go back to the home screen and follow the guide. Otherwise, Click Next:

  1. In the Authenticator App, click ADD ACCOUNT.
  2. In the Authenticator App, choose Work or school account.
  3. If you receive a permission prompt, click Allow.
  4. Once you have completed the above steps on the Authenticator App, in the MFA Wizard, click Next.
  5. In the Authenticator App, Scan the QR Code. In the MFA Wizard, click Next.
  6. Click Approve on your phone screen.
  7. Once the Notification is approved successfully, click Next
  8. You have now set up the authenticator app as your second method of authentication. click Done.

Set up additional methods of authentication

You'll now be taken to your security info page. This is where you can set up additional methods of authentication. We recommend adding your mobile in case something happens to your authenticator app. Click Add Method:

  1. From the dropdown, Select Phone and click Add.
  2. Enter your mobile phone number and click Next.
  3. You'll now be sent a 6-digit code to your mobile, enter it here and click Next.
  4. SMS should now be verified, click Done.
  5. you'll now be taken back to security info. To change your default sign-in method, click Change.
  6. From the dropdown, Select Microsoft Authenticator notification and click Confirm.
  7. You have now registered your information for MFA.
  8. Once you are registered for MFA, you can manage your authentication methods at My Sign Ins.

FAQs

Even if you've registered, MFA will not be active until your local IT support team has enabled it.

The rollout will be on a department-by-department basis. Any information on when it will be active should be available from your local IT support team.

Some departments will be enabled for MFA much later than others.

You'll have to authenticate:

  • off-campus only
  • the first time you use a new device
  • every 30 days after first use
  • you may be asked more frequently if logging on to web pages from a device configured to forget sessions
  • you'll not have to change your password every 30 days

MFA protects a growing range of services at the university, including Freshdesk, Zoom, email and OneDrive, however, you won’t see it every time you use one of these services and you'll only see it when off-campus.

iOS device requirements: Requires iOS 13.0 and watchOS 6.0 or later. Compatible with iPhone, iPad, and iPod touch.

Android Phones system requirements:

Outlook for Android can be installed on any of the supported Android versions that have an ARM-based or Intel x86 processor. This includes KitKat1 (4.4 - 4.4.4), Lollipop1 (5.0 – 5.1.1), Marshmallow (6.0 – 6.0.1), Nougat (7.0 – 7.1.2), Oreo (8.0 – 8.1), and Pie (9.0).

If you do not have a smartphone for the authenticator app, you can still use MFA. A text message to your phone, containing a six-digit code, which will allow you to log in.

To register for this method of MFA, visitMFA Set U. Hereyou can enter your mobile number as your chief method of authenticating.

If you would like to change your method of authenticating after registering, you canvisit My Security Info.

For additional support or other options, contact your IT helpdesk.

Please see ourMFA Additional Guide for further help.

For additional support or other options, contactIS Enquiries athelp@strath.ac.uk

A common fix for any problems with the authenticator app is to update your software. Ensure your device and all apps are up to date.

For more support on the authentication app, you can view the authenticator app set-up video, or you can visitMicrosoft'ssupport pages.

For any further assistance, contact your IT helpdesk.

Even in the absence of Wi-Fi and signal, you can still use the Microsoft Authenticator app to generate a "one-time passcode". This will grant you access to the service you are accessing:

  1. When you receive the MFA prompt click “Sign in another way”.
  2. Select “use a verification code from my mobile app”.
  3. A box will appear to type in a number code.
  4. On your phone, open the Microsoft Authenticator app.
  5. On the device you are trying to access on, type the passcode into the login box (before the code expires, you can see how long you have on the countdown timer) and click Verify.

If you have a mobile signal, but no internet, you can authenticate via SMS instead of using a push notification. That is why entering your mobile number as a method of authentication, in addition to the Authenticator App, is important.

  • To register your mobile number, visit MFA Set Up.
  • To change your method for authenticating or to opt for this type of authentication as default, visit My Security Info.

ou can change your settings by going toMy Security Info we recommend that you at least have a phone number set up and also the authenticator app if possible. Setting up a phone number makes it easier to migrate phones when you get a new one.

Watch our MFA User Registration Walkthrough video on YouTube which includes changing the method of authenticating.

To avoid things like this getting in the way of you accessing work services, you can back-up your authenticator app.

If your authenticator app has not been backed up, contact your helpdesk for assistance with logging in.

AtMy Account on Microsoft you can view recent logins. You may see some application names that you are not used to seeing. This should not be a concern to you.

With MFA enabled the risk of anyone other than you logging in is massively reduced. Microsoft is continually monitoring the environment and raising suspicious activities to the University security team who investigate and act on any accounts they deem necessary.

As the page recommends it is worth checking that no other phone number is registered on your account. If you see a phone number you are not familiar with, please contact your helpdesk.

If your email app no longer works on your phone, see the MFA phone troubleshooting guide.

If your contacts are no longer syncing on your phone, please see our MFA phone troubleshooting guide.

On a personal PC, you should use webmail by accessing Office. If it is a university PC, please contact your local helpdesk.

If you are experiencing a problem with Skype for Business and are repeatedly asked to authenticate, download and apply the following registration fix, SkypeMFAFix.

If the issue persists, contact your helpdesk.

In the first instance please reboot your PC and your phone to help clear down sessions. If issues persist please contact your helpdesk.

If you have accessibility issues, or other reasons why you can not use MFA, you can place a request to be exempt with your helpdesk. The Helpdesk has procedures in place to seek authorisation from your Head of Department.

After being enabled on MFA, some users have found when they organised a meeting on Zoom, the meeting did not appear on their outlook calendar.

If this happens to you, you can re-establish the link between both calendars at Zoom.

I'm an experienced cybersecurity professional with a deep understanding of Multi-Factor Authentication (MFA) and its implementation in various settings. I've been actively involved in deploying MFA solutions and providing guidance to organizations on strengthening their security measures. My expertise extends to both the theoretical aspects of MFA and practical, hands-on experience in configuring and troubleshooting MFA systems.

In the context of the provided information about MFA at the University, let's delve into the key concepts and steps involved:

  1. Multi-Factor Authentication (MFA):

    • MFA is a security measure that adds an extra layer of protection beyond the traditional username and password combination.
    • It requires users to provide a second factor of authentication, often something they possess (e.g., a mobile device), in addition to something they know (e.g., a password).

  2. Purpose of MFA:

    • MFA is implemented to enhance the security of accounts and services, such as email, off-campus access, Freshdesk, Zoom, and OneDrive.
    • It is designed to protect accounts even if usernames and passwords are compromised.

  3. Methods of Authentication:

    • MFA at the University offers multiple methods of authentication:
      • Push notification through the Microsoft Authenticator app (recommended for security and convenience).
      • Text message to the phone, containing a six-digit code (alternative for those without the Authenticator app).

  4. Setting Up MFA:

    • Users need to download the Microsoft Authenticator app on their mobile device.
    • The app is configured by scanning a QR code during the registration process.
    • Additional methods, such as adding a mobile number for SMS authentication, can be set up for backup.

  5. Registration Process:

    • Users log in to the MFA setup on their desktop, enter their credentials, and add their account to the Authenticator app.
    • The registration involves scanning a QR code, approving the notification on the mobile device, and completing the setup.

  6. Activation and Usage:

    • MFA activation is done on a department-by-department basis, and users will be prompted for authentication:
      • Off-campus only.
      • The first time using a new device.
      • Every 30 days after the first use.

  7. Device Requirements:

    • iOS devices require iOS 13.0 and watchOS 6.0 or later.
    • Android phones support various versions, including KitKat, Lollipop, Marshmallow, Nougat, Oreo, and Pie.

  8. Troubleshooting and Support:

    • Users experiencing issues with the Authenticator app are advised to update their software.
    • The University provides support through IT helpdesk services and offers resources like an authenticator app setup video and Microsoft's support pages.

  9. Exception Handling:

    • Users facing accessibility issues or other reasons preventing the use of MFA can request exemptions through their helpdesk.

  10. Additional Considerations:

    • Backing up the Authenticator app is recommended to avoid disruptions.
    • Regularly checking recent logins and verifying registered phone numbers help ensure security.

By following these guidelines, users can effectively set up and manage Multi-Factor Authentication, contributing to a more secure online environment.

Multi-Factor Authentication (MFA) | University of Strathclyde (2024)

FAQs

How hard is it to hack MFA? ›

MFA that relies solely on a phone number is typically more vulnerable to attacks than MFA that is compatible with authentication apps offered by Microsoft, Google and others. Hackers are able to overtake someone's phone number using a tactic called SIM-swapping, which would give them access to a text-based login code.

Read On
What is the MFA secret code? ›

One-Time Passwords (also called MFA Secret Codes) are used as additional security for some devices, websites, etc. Usually an MFA Application (like LastPass, Google Authenticator, Microsoft Authenticator, etc) would be used to access this code.

Discover More Details
How do I remember multi-factor authentication settings? ›

The remember multifactor authentication feature sets a persistent cookie on the browser when a user selects the Don't ask again for X days option at sign-in. The user isn't prompted again for MFA from that browser until the cookie expires.

Continue Reading
What is an example of MFA multi-factor authentication? ›

Multi-factor authentication (MFA) is a multi-step account login process that requires users to enter more information than just a password. For example, along with the password, users might be asked to enter a code sent to their email, answer a secret question, or scan a fingerprint.

See Details
How do people get past MFA? ›

Many MFA systems use SMS verification, and hackers can bypass MFA by accessing the user's mobile device. There are two main methods for this: SIM jacking and SIM swapping. In SIM jacking, cybercriminals install spyware on a target's phone, often delivering it through a malicious text message.

Find Out More
Which MFA should be avoided? ›

Multi-factor authentication prompts users to authenticate using two or more methods. A standard authentication method is via SMS or text messaging. It's also an insecure method that can put you at risk of a data breach. Cyber attackers love to go phishing with SIM-swapping techniques to steal SMS authentication codes.

Tell Me More
What is a bypass code for MFA? ›

What are bypass codes? Bypass codes are nine-digit passcodes that you can use to complete multi-factor authentication prompts. Enter the codes in the Passcode field of the MFA prompt.

Show Me More
What is the secret key for two-factor authentication? ›

The secret key for two-factor authentication (which is a form of multi-factor authentication) is a unique 16 character alphanumeric code that is required during the set up of the PIN generating tools. The secret key is issued for the first time when you log on to the CommCell environment.

Explore More
Are MFA codes random? ›

FAQ on Multi-Factor Authentication

One-time passcodes – These are randomly generated codes delivered through SMS texts, voice calls, email messages, or authenticator apps. Users must enter the passcode along with their username and password.

Continue Reading
What do I do if I forgot my two factor authentication code? ›

Lost Codes
  1. Websites usually give a recovery code to you when you enable 2FA on your account. Use your recovery code to get access to your account.
  2. If you don't have a recovery code go to the site's support and ask them to disable two factor authentication on your account for you.

Show Me More

What is multi-factor authentication for dummies? ›

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN.

Read The Full Story
What triggers multi-factor authentication? ›

Authentication using two or more factors to achieve authentication. Factors include: (i) something you know (e.g. password/personal identification number (PIN)); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric). See authenticator.

See Details
When using multi-factor authentication (MFA), a password is considered something you? ›

A factor in authentication is a way of confirming your identity when you try to sign in. For example, a password is one kind of factor, it's a thing you know. The three most common kinds of factors are: Something you know - Like a password, or a memorized PIN.

Get More Info Here
What is the MFA code? ›

After entering a username and password to log into an account, MFA requires users to present one or more additional types of authentication to decrease the chances of the account being compromised. Most commonly, this is in the form of entering a dynamic six-digit verification code.

Continue Reading
What is the difference between MFA and 2FA? ›

MFA allows a user to use more than one type of authentication method, whereas 2FA only allows you to add one type of authentication factor on top of your username and password. Because you can implement several types of authentication factors with MFA, it makes it a more secure solution to 2FA.

View More
Can multi-factor authentication be hacked? ›

Hacking Multi-Factor Authentication

Some of these attacks have been successfully used against millions of MFA-protected users. Every particular type of MFA solution is susceptible to multiple hacking methods. There simply is no MFA solution that can't be hacked, multiple ways.

View Details
What is the risk of bypassing MFA? ›

MFA bypass is a form of cyberattack that can use different techniques to overcome the preset security measures within a multi-factor authentication flow to access an account. Bypassing MFA is a significant security threat, defeating the purpose of having multiple layers of security protecting a system or application.

See More
Can Microsoft Authenticator be hacked? ›

Enabling two-factor authentication (2FA) with the Microsoft Authenticator app is a good step towards securing your account. However, if you are still seeing multiple sign-in attempts, it's possible that the hacker has already gained access to your account and is trying to bypass the 2FA.

Learn More
Can MFA be broken? ›

Where MFA Fails Us. There are multiple ways that attackers can bypass multi-factor authentication, including social engineering, phishing, hijacking web sessions, or cloning phone numbers on different devices.

Discover More Details
Top Articles
Highest paid skills in India by 2025 | Jaro Education
20 Jobs That Will be in Demand in the Next 5 Years
Christian McCaffrey loses fumble to open Super Bowl LVIII
Is Paige Vanzant Related To Ronnie Van Zant
Design215 Word Pattern Finder
Frank Lloyd Wright, born 150 years ago, still fascinates
Katmoie
Math Playground Protractor
What to Serve with Lasagna (80+ side dishes and wine pairings)
PRISMA Technik 7-10 Baden-Württemberg
Otis Department Of Corrections
Gameplay Clarkston
Canelo Vs Ryder Directv
Katie Boyle Dancer Biography
Mercy MyPay (Online Pay Stubs) / mercy-mypay-online-pay-stubs.pdf / PDF4PRO
Yesteryear Autos Slang
Cool Math Games Bucketball
REVIEW - Empire of Sin
Enderal:Ausrüstung – Sureai
Springfield Mo Craiglist
Viprow Golf
Xomissmandi
Georgia Vehicle Registration Fees Calculator
Msu 247 Football
Great Clips Grandview Station Marion Reviews
Form F-1 - Registration statement for certain foreign private issuers
Walgreens Bunce Rd
8000 Cranberry Springs Drive Suite 2M600
Is Light Raid Hard
Aes Salt Lake City Showdown
Eegees Gift Card Balance
Pdx Weather Noaa
What are the 7 Types of Communication with Examples
Missing 2023 Showtimes Near Mjr Southgate
Rock Salt Font Free by Sideshow » Font Squirrel
Usf Football Wiki
Go Smiles Herndon Reviews
Craigslist Lakeside Az
Shih Tzu dogs for sale in Ireland
About :: Town Of Saugerties
Pokemon Reborn Locations
D-Day: Learn about the D-Day Invasion
San Bernardino Pick A Part Inventory
60 X 60 Christmas Tablecloths
Craigs List Hartford
Avance Primary Care Morrisville
Marcal Paper Products - Nassau Paper Company Ltd. -
Makes A Successful Catch Maybe Crossword Clue
The Complete Uber Eats Delivery Driver Guide:
Www.homedepot .Com
Myapps Tesla Ultipro Sign In
Compete My Workforce
Latest Posts
Top 10 highest paying jobs in India 2024
The 7 Highest Paying Jobs of 2024
Article information

Author: Aracelis Kilback

Last Updated:

Views: 5851

Rating: 4.3 / 5 (64 voted)

Reviews: 87% of readers found this page helpful

Author information

Name: Aracelis Kilback

Birthday: 1994-11-22

Address: Apt. 895 30151 Green Plain, Lake Mariela, RI 98141

Phone: +5992291857476

Job: Legal Officer

Hobby: LARPing, role-playing games, Slacklining, Reading, Inline skating, Brazilian jiu-jitsu, Dance

Introduction: My name is Aracelis Kilback, I am a nice, gentle, agreeable, joyous, attractive, combative, gifted person who loves writing and wants to share my knowledge and understanding with you.