Skip to Navigation Skip to Content Skip to Search Skip to Site Map Menu
Search

MFA for Students

To setup MFA for your student account you should first go to:

aka.ms/mfasetup

Then sign in with your student email address:

Student logon screen

Then enter your password as prompted.

Click next on the “More information required” screen.

This image has an empty alt attribute; its file name is two.png

On the next screen, change the drop-down option to select the “Mobile app” option.

This image has an empty alt attribute; its file name is three.png

Then select the “Receive notifications for verification” check box and click the “Set up” button:

This image has an empty alt attribute; its file name is four.png

At this point, you need to install the Microsoft Authenticator app on your mobile device using the app store. Switch to your phone and search for “Microsoft Authenticator” in the store. Then install the Microsoft Authenticator app and open it. If you are prompted, agree to the privacy agreement.

This image has an empty alt attribute; its file name is store.png

Then select the “Scan a QR code” option. (If prompted, grant access to Authenticator to allow it to use the camera to scan the QR code)

This image has an empty alt attribute; its file name is qr.png
This image has an empty alt attribute; its file name is approve-qr.png

Point your phone camera at the QR code which is still on your browser window:

This image has an empty alt attribute; its file name is five.png

If your phone asks for approval to send you notifications, press “Allow”.

This image has an empty alt attribute; its file name is notify-allow.png

Your phone should now have your Otago account in Microsoft Authenticator.

Back in your web browser where the QR code is, click the Next button.

You will then receive a notification from the app on your phone which you can press “Approve” for.

This image has an empty alt attribute; its file name is six.png

You have now successfully setup MFA for your student account. We recommend adding your mobile phone number as a back up option on the screen that follows.

Text Message MFA

If the above option to use the Microsoft Authenticator app is not suitable for you, you can instead select the “Authentication phone” option to receive MFA codes via text message. Select the Authentication phone option and enter your cell phone number, then click Next:

This image has an empty alt attribute; its file name is seven.png

You will receive a text message on your phone with a 6 digit code. Enter the code into the screen and press “Verify”:

This image has an empty alt attribute; its file name is eight.png

It should then say “Verification successful” in which case, you have now setup MFA to use text messages.

Frequently Asked Questions

Why are we doing this?

Every week, numerous accounts at the University of Otago are compromised through various methods such as phishing emails and password-spray attacks. By setting up MFA, any attackers will require more than just your email and password to gain access to your account. While it is a mild inconvenience to have to use MFA, it is much better than having accounts compromised.

How do I change my MFA settings?

You can always return to aka.ms/mfasetup and reconfigure your MFA methods. We strongly recommend that everyone uses the Microsoft Authenticator App as it offers the best convenience and reliability. We also recommend setting up more than one method if you’re able to.

Do I have to use MFA?

Yes, from the evening of the 17th December 2020 it is mandatory for all students to use MFA when accessing Microsoft 365 services (such as StudentMail and OneDrive).

What should I do if I don’t have mobile data or good cellular service? What if I travel frequently or am regularly on field trips?

We recommend setting up the Microsoft Authenticator app. While the “approve/deny” option is the most convenient within the Authenticator app and you should use this by default, the Authenticator app also allows you to generate codes which you can use for MFA on-demand. These codes will continue to generate on your phone even if it has no service. We also recommend setting up multiple options such as the text message option as a back-up.

Can I use an alternative application for MFA?

We strongly recommend the Microsoft Authenticator app. However, you can use other MFA apps such as Authy or Google Authenticator though they do not currently offer the convenience of the “Approve/Deny” button option.

What if I don’t want to install an app on my phone or my phone doesn’t have the capability?

If you don’t want to install the Microsoft Authenticator app on your phone, you can instead use the SMS Text Message option. The text messages are free to receive.

Are there any costs?

The Microsoft Authenticator app uses a tiny amount of data to perform the “Approve/Deny” notification. However, if you use the code generated within the Microsoft Authenticator app or the SMS Text Message it is free.

I do not own or regularly use a mobile phone

Please contact AskOtago to discuss the options that may be available.

What happens if I get a new mobile phone?

You can reconfigure your MFA settings at aka.ms/mfasetup at any time. If your phone is lost or stolen, you will need to contact AskOtago to reset your MFA on a new device.

When will I be re-prompted for MFA?

You may be re-prompted for MFA if you:

  • Sign out and sign in again to any Microsoft 365 apps
  • Don’t logon for an extended period of time
  • Use multiple different devices
  • Swap between multiple accounts such as your personal account and your Otago student account
  • Use multiple different web browsers (such as Chrome and Firefox)
  • Unexpected activity is detected (such as sign-in from another country)