Multi Factor Authentication
In response to increased threats to the University's data and network, the Information Security Steering Group have approved the introduction of Multi Factor Authentication for staff accounts.
How does MFA work?
If you use mobile banking you will most likely have come across Multi-Factor Authentication already.
In addition to needing your password for access, MFA attaches an extra layer of security to your account by requesting a secondary action to allow your login. This makes it significantly more difficult for any unauthorised attempts to access your account and data.
This extra login step, called your Second Factor, is carried out using a mobile or smartphone and can be configured in the following ways:
- A notification received through the Microsoft Authenticator app, prompting you to enter a 2-digit number shown on screen. This is the most secure and convenient method and is recommended by IT.
- A text message to your phone, containing a 6 digit code. This option is intended for those without a device capable of installing the Authenticator app.
How do I set up and use MFA?
In order to access Horizon remotely (away from campus) from any device you will need to set up Multi-Factor Authentication. You don't need to be on campus to set it up and the process takes around 5 minutes start to finish.
Please use the guides below to configure MFA on your account before it becomes mandatory to keep your account secure.
ITS recommend using the Microsoft Authenticator method, as it is faster to approve logins.
Please follow this guide to setup alerts from the Authenticator App (opens in a new tab).
If you cannot use the authenticator method, for example you are using an older smartphone or lack storage space to install the app, please use the SMS (text message) approval method instead. Please keep in mind that this is dependant on your mobile phone signal and may be less effective than the app.
Please follow this guide to setup alerts via SMS (opens in a new tab)
Once you have your MFA setup completed, you will be alerted in real time if there is an attempt to access your account. It is imperative that you only approve access when you are aware of the login. Should you receive an out of the blue request to grant access, contact the Helpdesk immediately and have your password changed. (firstname.lastname@example.org)
What if I change my phone?
If you change your mobile phone or mobile number, please follow the steps laid out in the below guide.
How do I change my MFA device or number (opens in a new tab)