Skip to content

Multi-factor authentication MFA (UO)


Keywords: , , , , , , , , , , ,

The main purpose of Multi-Factor Authentication (MFA) is to prevent the abuses of the user accounts. In practice MFA means that you verify, in other words approve your sign-ins on the phone, which has been connected with MFA. Because your phone is needed for the verification, no external quarter is able to abuse your user account.

The phone verification is required when logging with the university’s O365 account outside the campus network without VPN connection.

MFA is in use for all the Microsoft accounts aka M365/O365 usernames of the university. In practice, MFA is connected to the user accounts of the staff and students and also to the so-called UFO accounts. The MFA is also in use for the guests who have been invited to Teams groups, read more: MFA with a guest user account (oulu.fi)

If your MS account doesn’t include the setting, how to send an verification request to you, you will be directed by the notification “More information required” (in Finnish “Lisätietoja tarvitaan”) to add your verification method to your MS account’s security information.

The contents of this instruction:

Verification methods

Authenticator

Choose Authenticator application for your default method if you are using a smartphone, in other words telephone in which applications can be installed. Do this:

  1. Get free Microsoft Authenticator from the store of your phone.
  2. Do not add your university account by hands, because it will be set up with the QR code through MS account’s security info!
  • When choosing this alternative as a primary method, you will accept or deny the verification requests on the Microsoft Authenticator application that has been installed in your mobile device.
  • You can choose if you get the verification requests on the phone screen or will you pick up a disposable verification code from the app.
  • The phone must have a data connection and the device should be available to you.
  • If you process the university email or calendar also on the same mobile device, the application must be Outlook or some other application which supports the feature Modern Authentication of O365.
  • You can also use the Authenticator app to authenticate other, including your private user accounts, by adding the accounts you like in the app.

Phone

Choose Phone as an alternate method when your default method is Authenticator. Set it as a primary method only in the case when it is not possible to install Authenticator application in your phone.

  • When you choose Phone as your method, you can confirm the sign-ins with a phone which does not need to be a smart phone. According your choice you receive a disposal code as a text message and type it in to the login screen, or you receive an automatic call which you confirm with the phone’s key #.
  • Using the phone does not incur any expenses for you.

Choose and set your verification method

In order for authentication to work as desired, the security info of your MS account must have information on which device or phone number the verification request will be sent to. Save there your authentication method and needed information and keep it up to date as well.

  • Access your security info via the link: https://mysignins.microsoft.com/security-info.
  • Log in with your MS account which is your O365 user name (account@student.oulu.fi or account@univ.yo.oulu.fi).
  • Choose the most suitable primary authentication method for yourself: whether it is the Authenticator app on your phone or SMS or call.
  • Also, select a secondary method and set an alternate phone number for an exceptional situation. This will ensure that you always have some verification method even if your primary phone isn’t along or doesn’t work.

Keep your security info up to date

  • Always check and update your security info before your phone or its number changes, or when you need to reinstall the Authenticator app. This will ensure that the verification requests come to the right number or the right Authenticator application.
  • Access your security info via the link: https://mysignins.microsoft.com/security-info.
  • If your MS account has incomplete information and therefore you do not receive a verification request on your phone, you may no longer be able to update your own security info. In that case, contact the Campus ICT, where the MFA can be switched off temporarily and you can update your security info then without a request for verification.

Use of MFA

  • Once your MS account includes a working verification method, requests for verification will be coming to your phone with the verification method you have chosen (Authenticator app, SMS or phone call).
  • Verification requests apply only to those logins where you use the university’s O365 user name and the device you use is outside the university or Oamk network and is not VPN connected to the network.
  • In the future, the need for verification will decrease as trust relationships arise with the devices you use. In the login window, you can set a device specific 60 day break for verification. After changing the password, verification will be asked, even if the break is in effect.
  • In the login window, you can choose a secondary verification method if the primary method cannot be used at that moment. Because of this, it is important to have at least two working methods stored in your security info.

FAQ

If in the introduction any problems or questions arise, please check if the solution is found here: FAQ – Frequently Asked Questions.

  • You can contact Campus ICT support service too.

« Back

This article was published in categories English version available, All instructions, for the University of Oulu staff, for the University of Oulu students, accessible content, UniOulu and tags , , , , , , , , , , , . Add the permalink to your favourites.