The main purpose of Multi-Factor Authentication (MFA) is to prevent the abuses of the user accounts. In practice MFA means that you verify, in other words approve your sign-ins on the phone, which has been connected with MFA. Because your phone is needed for the verification, no external quarter is able to abuse your user account.
The verification by phone is required when logging with universities M365 account outside the campus network without VPN connection.
MFA is in use for all the Microsoft accounts aka M365/O365 usernames of the university and Oamk. In practice, MFA is connected to the user accounts of the staff and students and also to the so-called UFO accounts. The MFA is also in use for the guests who have been invited to Teams groups, read more: MFA with a guest user account (oulu.fi)
If your MS account doesn’t include the setting, how to send an verification request to you, you will be directed by the notification “More information required” (in Finnish “Lisätietoja tarvitaan”) to add your verification method to your MS account’s security information.
The contents of this instruction:
- Verification methods
- Choose and set your verification method
- Keep your security info up to date, reset the phone nimber if needed
- Use of MFA
- FAQ
Verification methods
Authenticator
Choose Authenticator application for your default method if you are using a smartphone, in other words telephone in which applications can be installed. Authenticator is the preferred method of verification. Its use makes it possible to take advantage of some new features, for example reset the password without Suomi.fi authentication.
Do this:
- Get free Microsoft Authenticator from the store of your phone.
- Do not add your university account by hands, because it will be set up with the QR code through MS account’s security info!
- When choosing this alternative as a primary method, you will accept or deny the verification requests on the Microsoft Authenticator application that has been installed in your mobile device.
- You need to choose how to receive and where to enter a disposable verification code.
- In the number matching, you will see the two-digit code in the login window and then enter it into the Authenticator app. When the app asks “Are you trying to sign in?” then enter the number shown in the sign-in window into the app and press Yes. N.B. If the number matching doesn’t work this way, update the Authenticator app to the latest version.
-
- An other (older) way is to pick up a verification code from the Authenticator app and then enter it in the login window.
- The phone must have a data connection and the device should be available to you.
- If you process the university email or calendar also on the same mobile device, the application must be Outlook or some other application which supports the feature Modern Authentication of M365.
- You can also use the Authenticator app to authenticate other, including your private user accounts, by adding the accounts you like in the app.
Phone
Choose Phone as an alternate method when your default method is Authenticator. Set it as a primary method only in the case when it is not possible to install Authenticator application in your phone.
- When you choose Phone as your method, you can confirm the sign-ins with a phone which does not need to be a smart phone. According your choice you receive a disposal code as a text message and type it in to the login screen, or you receive an automatic call which you confirm with the phone’s key #.
- Using the phone does not incur any expenses for you.
Choose and set your verification method
In order for authentication to work as desired, the security info of your MS account must have information on which device or phone number the verification request will be sent to. Save there your authentication method and needed information and keep it up to date as well.
- Access your security info via the link: https://mysignins.microsoft.com/security-info.
- Log in with your MS account which is your M365 user name (account@student.oulu.fi or account@univ.yo.oulu.fi).
- Choose the most suitable primary authentication method for yourself: whether it is the Authenticator app on your phone or SMS or call.
- Also, select a secondary method and set an alternate phone number for an exceptional situation. This will ensure that you always have some verification method even if your primary phone isn’t along or doesn’t work.
Keep your security info up to date, reset the phone number if needed
- Always check and update your security info before your phone or its number changes, or when you need to reinstall the Authenticator app. This will ensure that the verification requests come to the right number or the right Authenticator application.
- Access your security info via the link: https://mysignins.microsoft.com/security-info.
- NOTE! If you cannot access your MS account security info, for example in case your phone number has changed and a wrong number has been saved, set a new number directly through this link: https://account.oulu.fi/mfa. Identify yourself in Suomi.fi e-Identification service.
Use of MFA
- Once your MS account includes a working verification method, requests for verification will be coming to your phone with the verification method you have chosen (Authenticator app, SMS or phone call).
- Verification requests apply only to those logins where you use the university’s M365 user name and the device you use is outside the university or Oamk network and is not VPN connected to the network.
- In the future, the need for verification will decrease as trust relationships arise with the devices you use. In the login window, you can set a device specific 60 day break for verification. After changing the password, verification will be asked, even if the break is in effect.
- In the login window, you can choose a secondary verification method if the primary method cannot be used at that moment. Because of this, it is important to have at least two working methods stored in your security info.
FAQ
If in the introduction any problems or questions arise, please check if the solution is found here: FAQ – Frequently Asked Questions.
Detailed instructions on how to take MFA in use (PDF)
- You can contact Campus ICT support service too.