Aalto Multifactor Authentication on Office 365 accounts
Enhancing security of Aalto Office 365 accounts Users can enhance security of Aalto Office 365 accounts by registering for multifactor authentication service. More information about multifactor authentication service can be found below.
Multifactor Authentication – What it is?
Multifactor Authentication (MFA) is a method of confirming user’s identity with two or more pieces of evidence when signing on to a system or a service.
MFA services use two or more authentication methods mentioned below:
- Something you know (typically a password)
- Something you have (a trusted device that is not easily duplicated, like a phone)
- Something you are (biometrics)
Why Multifactor Authentication?
- MFA brings an additional layer of security to your user account
In addition to the username and password, the attacker would need access to the extra authentication method you’ve defined.
- MFA is already in use at organizations around the world and can be considered a standard
Step 1: Register for the multifactor authentication service. You need a mobile and workstation to accomplish the task.
- Download and install Microsoft Authenticator App from your mobile store. (remember to accept notifications sent by the app!)
- Go to https://aka.ms/mfasetup for MFA
- Sign in with your Aalto email address
- Optional: You may not have a mobile number (already) in the system, therefore you might get the following screen when signing in for the first time;
Enter your mobile number and change method to “Send me a code by text message". The system will verify your mobile number by sending you a code. Enter the code to the box and press verify. Proceed to next page:
- Set Preferred verification option by default to Notify me trough app
- Set your mobile number (if not already displayed) Authentication Phone
- Choose Authentication app or token, and Setup Authentication app
- Add account to Microsoft authenticator app in mobile
- Choose Work or school account
- Scan QR code displayed in workstation with app
- With verification you will get notified to your Microsoft Authentication app.
- Approve notification in mobile
- Save and verify settings once again
- Approve verification notification in mobile
- Follow the rest of instructions and you are DONE
PLEASE NOTE: MFA is ENABLED into use approx. 2 hours after registration.
Step 2: How to use multifactor authentication
MFA Authentication is only in use outside of the Aalto network when signing into Office 365 services.
1) Addition to regular signing in additional approval is asked you
2) Office 365 service will send a notification to your registered Authenticator app for approval
3) Once you have approved authentication you are signed into service/application
MFA for Aalto Office 365 service
- User feedback of MFA is more than welcome. You can provide feedback to following link
How I sign in if I lose my phone?
- MFA is active when signing in from outside of Aalto Network. If you use VPN or sign in a Aalto network you are not required to sign in with MFA. If you do not recover your phone please send ticket to Aalto IT Helpdesk
Can I use multiple phones?
- Yes MFA supports registration of multiple phones
Is MFA signing required when I use Office 365 apps/browser with my mobile phone?
- Yes, mobile phones apps support also MFA.
Can I Opt-out from MFA ?
- Yes at this point by sending ticket to Aalto IT helpdesk