Multi-factor Authentication (MFA)
Multi-factor Authentication
Multi-factor Authentication
Multi-factor Authentication
MFA adds an essential layer of security to your University of Exeter IT account by requiring two or more pieces of evidence to verify your identity. This significantly reduces the risk of unauthorised access to your account, even if your password or username is compromised. MFA helps to protect both you and the organisation from cyber threats. You will be asked to set up MFA when you first log into your IT account.
MFA is a common and effective security practice used by many organisations and services. MFA is required to access University of Exeter IT systems and services per section 4.2.2 of the Remote Access Policy.
Key takeaways
- We strongly recommend using the Microsoft Authenticator app as your default MFA method because it provides the most convenient experience, additional security features, and allows you to use the university's Virtual Private Network (VPN).
- We strongly recommend you add your phone number as a backup method. That way, you can still access your account if you get a new phone and you’re using the same phone number.
- If you have your phone number as a backup method, you can easily add a new phone or device without contacting the IT Service Desk.
- Set up MFA using the Microsoft Authenticator app (recommended)
- Set up MFA using your phone number
- New phone or mobile device
- FAQs
- Help with MFA
Which sign-in methods are available?
| Sign-in method | Description |
| Microsoft Authenticator app |
Works with the university VPN. A push notification is sent to your smartphone which asks you to confirm the sign-in attempt. |
| SMS text codes |
Does not work with the university VPN. A six-digit code is sent in an SMS text message to your mobile phone for you to confirm the sign-in attempt. |
| Phone call |
Works with the university VPN. A call is made to your phone and an automated message asks you to press the hash (#) key to confirm the sign-in attempt.
|
Set up MFA using the Microsoft Authenticator app (recommended)
We recommend using the Microsoft Authenticator app as your default MFA method because it provides the most convenient experience and additional security features.
The Microsoft Authenticator app allows you to use the university VPN.
You will need:
- A desktop, laptop, or tablet computer with an internet connection
- A smartphone or mobile device with a camera and an internet connection
Set up the Microsoft Authenticator app as your default MFA method:
- On your computer, open a new private or incognito window in your web browser.
- On Windows and Linux devices, you can open the menu in the top corner (often three dots or lines in a row).
- On Mac devices, you can use the menu bar at the top: File > New Private Window.
- On Windows and Linux devices, you can open the menu in the top corner (often three dots or lines in a row).
- Go to https://aka.ms/mysecurity. You might need to copy and paste this link into the web address bar in your private browsing window.
- Select Next and sign in using your University of Exeter email address and password.
- A message will appear displaying “More information required”. Select Next to continue.
- On your smartphone or mobile device, download and install the Microsoft Authenticator app. Ensure that it’s provided by Microsoft Corporation.
- If you are prompted for permission, allow push notifications and camera access.
- If you are prompted for permission, allow push notifications and camera access.
- Open the app and select Add an account (or use the plus icon).
- Choose Work or school account and select Scan QR code.
- On your computer, Select Next to generate a QR code.
- Use the Microsoft Authenticator app to scan the QR code on your computer screen.
- After scanning the QR code select Next on your computer.
- Open the test notification sent to your smartphone or mobile device and enter the number displayed on your computer screen.
- Select Next and then Done on your computer screen to complete the setup.
- Next, open the Phone number tab on this page and follow the instructions to add your phone number as a backup method (recommended).
If you ever receive an unexpected notification from the Microsoft Authenticator app for your University of Exeter account, do not approve it. Unexpected notifications may indicate that someone is trying to access your account. You should change your password immediately and report the suspicious activity to the IT Service Desk.
Set up MFA using your phone number
You can set up MFA using SMS text codes or phone call verification. However, we strongly recommend using your phone number as a backup method for the Microsoft Authenticator app, that way you can still access your account if you get a new phone and you’re using the same phone number.
Phone call verification allows you to use the university VPN. However, SMS text verification does not allow you to use the university VPN.
You will need:
- A desktop, laptop, or tablet computer with an internet connection
- A mobile phone which can receive SMS text messages or phone calls, or a landline which can receive phone calls
Set up MFA using your phone number:
- On your computer, open a new private or incognito window in your web browser.
- Go to https://aka.ms/mysecurity. You might need to copy and paste this link into the web address bar in your private browsing window.
- Sign in using your university email address and password and complete MFA.
- Select + Add sign in-method.
- Select Phone from the drop-down menu.
- Use the drop-down menu on the left to choose your area code. Enter your phone number into the box on the right.
- You can choose to set up SMS text verification by selecting Receive a code. Or you can choose to set up phone call verification by selecting Call me (skip to step 12).
- If you selected Receive a code, a 6-digit number code will be sent to your phone.
- Type the 6-digit code from your phone into the box on your computer screen. If you don’t receive a code within a few minutes, you can select Resend code.
- Then select Next and Done to complete the set up.
- If you selected Call me, your phone will receive a phone call.
- Answer the phone call and press the hash key on your keypad (#). You do not need to hang up.
- Then select Done on your computer screen to complete the setup.
If you ever receive an unexpected phone call for your University of Exeter account, do not approve it. Unexpected phone calls may indicate that someone is trying to access your account. You should change your password immediately and report the suspicious activity to the IT Service Desk.
Adding a new phone or mobile device
You will need:
- A desktop, laptop, or tablet computer with an internet connection
- Access to your old smartphone
- A smartphone with a camera and internet connection
If you have access to your old smartphone:
- On your computer, open a new private or incognito window in your web browser.
- On Windows and Linux devices, you can open the menu in the top corner (often three dots or lines in a row).
- On Mac devices, you can use the menu bar at the top: File > New Private Window.
- On Windows and Linux devices, you can open the menu in the top corner (often three dots or lines in a row).
- Go to https://aka.ms/mysecurity. You might need to copy and paste this link into the web address bar in your private browsing window.
- Sign in using your university email address and password.
- Complete MFA using the Microsoft Authenticator app on your old phone or your phone number (if you added it as a backup method and kept the same number).
- From the list of sign-in methods, Delete the Microsoft Authenticator app to unlink it from your old smartphone. You can also delete the app on your old smartphone.
- Select + Add sign in-method.
- Select Authenticator app from the drop-down menu.
- Continue from Step 5 in Set up MFA using the Microsoft Authenticator app (recommended).
If you don’t have access to your old smartphone:
- Contact the IT Service Desk or Digital Hub.
- While you are on the phone with the IT Service Desk Analyst you can follow the steps to Set up MFA using the Microsoft Authenticator app (recommended) or Set up MFA using your phone number to help yourself.
| Sign-in method | Smartphone | Mobile phone | Landline phone | Compatible with VPN? |
| Microsoft Authenticator app notifications (recommended) | ✔ | ✔ | ||
| SMS text codes | ✔ | ✔ | ||
| Phone call | ✔ | ✔ | ✔ | ✔ |
Frequently-asked Questions (FAQ)
If you lose or break your phone and don't have a backup method available, please contact the IT Service Desk or the Digital Hub.
You can manage your current MFA methods and set a new default sign-in method by going to https://aka.ms/mysecurity.
The Microsoft Authenticator app uses geolocation information from various backend services to estimate your location. This is designed to alert you to sign-in attempts which don’t match your general location. You can find more information from Microsoft Support – Common questions about the Microsoft Authenticator app.
Using a VPN or other proxy can change the geolocation information associated with your sign-in attempt. It’s important to pay attention to the location displayed in the app. If the activity is suspicious, you should report it to the IT Service Desk.
We recommend that international students or individuals who are traveling internationally use push notifications from the Microsoft Authenticator app as their default sign-in method. Please also read our travel guidance.
If you have another workplace or organisation account, you might be automatically signed in to Microsoft 365 services. Please follow the first step in the instructions on this page to use a private or incognito browsing session. If you already use the Microsoft Authenticator app for other accounts, you can still follow the instructions on this page to use it with your University of Exeter account.
You can add more than one University of Exeter account to the same Microsoft Authenticator app. To add another account, follow the instructions in Set up MFA using the Microsoft Authenticator app (recommended) and simply sign in to the other account on your computer during Step 3.
You must complete MFA whenever you sign in from a new device or new location. You might also be prompted for MFA while using a different web browser, private or incognito browsing, or a VPN or other proxy.
When you approve any notification from the Microsoft Authenticator app, you will also have to provide your device PIN or biometric verifciation. This is the PIN or biometric verification that you use for your smartphone (e.g face ID). This can be changed in your phone settings.
Yes: you can select Can’t scan image on your computer screen instead of scanning the QR code. On your phone select Or enter code manually. You will need to enter the code and URL displayed on your computer screen into your phone.
If you have already set up MFA, you can reset your own password.
Please contact the IT Service Desk or the Digital Hub.
Yes: you must complete MFA whenever you sign in from a new device or new location.
Yes: we strongly recommend that you keep the app installed and follow the steps in New phone or mobile device if you get a new phone.
If you set up a backup method like your phone number, you can follow the steps in New phone or mobile device. If you don't have access to a backup method, you must contact the IT Service Desk or Digital Hub to reset your MFA methods.
The university VPN doesn't allow text input while it connects, so SMS text or app codes can't be entered.
Please contact the IT Service Desk or the Digital Hub.
Help with MFA
In-person support
The Digital Hub at Streatham and Penryn campus.
Telephone support