What is Multi-Factor Authentication?
You most probably already use Multi-Factor Authentication (MFA) to secure your bank or social media accounts. The standard username and password combination is considered not as secure as it used to be, and online companies have been working to improve security of their users’ data.
So, MFA for your online bank account may work like this:
- You go to Bank web site
- You type your username and password
- The Bank sends a One-Time Passcode (OTP) to your mobile phone
- You enter that OTP into the login page
- You gain access to your online Bank account
The University of Oxford introduced MFA in November 2020 and has rapidly been rolling out MFA to all members of the University. The University’s implementation of MFA is based on Microsoft 365 and you have more choice for your additional method of authentication than just an OTP. There are smartphone and desktops apps, SMS messages and even a voice call on a landline telephone. The recommendation is for at least two methods like an Authenticator app and SMS message code.
MFA setup in a nutshell –
- Download and install the Microsoft Authenticator app on your smartphone
- Then login to https://mysignins.microsoft.com/security-info using your OXFORD SSO credentials
- Click +Add method and choose Authenticator app
- Follow the on-screen instructions in setup the Microsoft Authenticator app that you just installed on your smartphone
- Once you have added the Microsoft Authenticator app go back to step 3 above and choose another MFA method and follow the on-screen instructions for that method.
Links to IT Services MFA Project resources
Video guides
- Setting up MFA in advance of your go-live date (recommended)
Text guides with screenshots
- Installing Microsoft Authenticator for MFA – smartphone app only (Android and iOS)
- MFA setup USB Security Key Hardware Token
- The University will support the use of FIDO2 Hardware tokens.
- Repeatedly prompted for MFA verification
You can choose a different MFA method at login
Sometimes you may not have mobile phone signal to receive an SMS code, so you need to choose a different MFA method. You can do this after typing in your username and password and then just click the link “Sign in another way” – see screenshot below.
And Finally…
If you have several MFA methods then you can choose a default from the Security Info page – https://mysignins.microsoft.com/security-info