To setup MFA for your student account you should first go to:
Then sign in with your student email address:
Then enter your password as prompted.
Click next on the “More information required” screen.
On the next screen, change the drop-down option to select the “Mobile app” option.
Then select the “Receive notifications for verification” check box and click the “Set up” button:
At this point, you need to install the Microsoft Authenticator app on your mobile device using the app store. Switch to your phone and search for “Microsoft Authenticator” in the store. Then install the Microsoft Authenticator app and open it. If you are prompted, agree to the privacy agreement.
Then select the “Scan a QR code” option. (If prompted, grant access to Authenticator to allow it to use the camera to scan the QR code)
Point your phone camera at the QR code which is still on your browser window:
If your phone asks for approval to send you notifications, press “Allow”.
Your phone should now have your Otago account in Microsoft Authenticator.
Back in your web browser where the QR code is, click the Next button.
You will then receive a notification from the app on your phone which you can press “Approve” for.
You have now successfully setup MFA for your student account. We recommend adding your mobile phone number as a back up option on the screen that follows.
Text Message MFA
If the above option to use the Microsoft Authenticator app is not suitable for you, you can instead select the “Authentication phone” option to receive MFA codes via text message. Select the Authentication phone option and enter your cell phone number, then click Next:
You will receive a text message on your phone with a 6 digit code. Enter the code into the screen and press “Verify”:
It should then say “Verification successful” in which case, you have now setup MFA to use text messages.
Frequently Asked Questions
Why are we doing this?
Every week, numerous accounts at the University of Otago are compromised through various methods such as phishing emails and password-spray attacks. By setting up MFA, any attackers will require more than just your email and password to gain access to your account. While it is a mild inconvenience to have to use MFA, it is much better than having accounts compromised.
How do I change my MFA settings?
You can always return to aka.ms/mfasetup and reconfigure your MFA methods. We strongly recommend that everyone uses the Microsoft Authenticator App as it offers the best convenience and reliability. We also recommend setting up more than one method if you’re able to.
Do I have to use MFA?
Yes, from the evening of the 17th December 2020 it is mandatory for all students to use MFA when accessing Microsoft 365 services (such as StudentMail and OneDrive).
What should I do if I don’t have mobile data or good cellular service? What if I travel frequently or am regularly on field trips?
We recommend setting up the Microsoft Authenticator app. While the “approve/deny” option is the most convenient within the Authenticator app and you should use this by default, the Authenticator app also allows you to generate codes which you can use for MFA on-demand. These codes will continue to generate on your phone even if it has no service. We also recommend setting up multiple options such as the text message option as a back-up.
Can I use an alternative application for MFA?
We strongly recommend the Microsoft Authenticator app. However, you can use other MFA apps such as Authy or Google Authenticator though they do not currently offer the convenience of the “Approve/Deny” button option.
What if I don’t want to install an app on my phone or my phone doesn’t have the capability?
If you don’t want to install the Microsoft Authenticator app on your phone, you can instead use the SMS Text Message option. The text messages are free to receive.
Are there any costs?
The Microsoft Authenticator app uses a tiny amount of data to perform the “Approve/Deny” notification. However, if you use the code generated within the Microsoft Authenticator app or the SMS Text Message it is free.
I do not own or regularly use a mobile phone
Please contact AskOtago to discuss the options that may be available.
What happens if I get a new mobile phone?
When will I be re-prompted for MFA?
You may be re-prompted for MFA if you:
- Sign out and sign in again to any Microsoft 365 apps
- Don’t logon for an extended period of time
- Use multiple different devices
- Swap between multiple accounts such as your personal account and your Otago student account
- Use multiple different web browsers (such as Chrome and Firefox)
- Unexpected activity is detected (such as sign-in from another country)