Aalto Multifactor Authentication on Office 365 accounts

Multifactor Authentication (MFA) is a method of confirming user’s identity with two or more pieces of evidence when signing on to a system or a service.

Users can enhance security of Aalto Office 365 accounts by registering for multifactor authentication service. More information about multifactor authentication service can be found below.

Multifactor Authentication – What it is?

Multifactor Authentication (MFA) is a method of confirming user’s identity with two or more pieces of evidence when signing on to a system or a service.

MFA services use two or more authentication methods mentioned below:

  • Something you know (typically a password)
  • Something you have (a trusted device that is not easily duplicated, like a phone)
  • Something you are (biometrics)

Why Multifactor Authentication?

  • MFA brings an additional layer of security to your user account

In addition to the username and password, the attacker would need access to the extra authentication method you’ve defined.

  • MFA is already in use at organizations around the world and can be considered a standard

How to take MFA into use?

Register for the multifactor authentication service. You can do it on either mobile or your workstation.      


  • Download and install Microsoft Authenticator app from your mobile store. (remember to accept notifications sent by the app!)


  • Go to for MFA
  • Sign in with your Aalto email address
  • Follow the instructions on the screen. 

NOTE! When MFA registration is mandatory for your organisation, you can postpone the registration for 14 days, if you are not able to do the registration at that very moment. 

Animation of the screens on the multifactor authentication process

Detailed instructions

After signing in to with your Aalto email address you are prompted to download the Microsoft Authenticator app.

If you have already downloaded the app, you can just click/tap "Next". If not, download the app. Proceed to next page.

  1. In the application: Add a new account and choose "Work or school account"
  2. In the registration screen: Proceed to the next page.
  3. Scan the QR Code on the screen with the application, or, on mobile, tap on "Pair your account to the app by clicking this link."
  4. Proceed to the next page.
  5. Approve the notification that is sent to test the connection. 
  6. Once approved you'll see a text "Notification approved" on the screen. Proceed to the next page.
  7. All set (almost)! Click Done. In the opening Security info view, we strongly recommend that you add an additional authentication method, e.g. a SMS code authentication. This is critical in case you e.g. change phones or lose your phone.

NOTE! MFA is ENABLED into use approximately 2 hours after the registration.

How to use the multifactor authentication

MFA is only in use outside of the Aalto network when signing into Office 365 services.

1) In addition to regular signing in, additional approval is asked you

2) Office 365 service will send a notification to your registered Authenticator app for approval

3) Once you have approved authentication you are signed into service/application

Step by step instructions on how to use MFA service


User feedback of MFA is more than welcome. You can provide feedback to following link

FAQ - Frequently Asked Questions

How I sign in if I lose my phone?

  • MFA is active when signing in from outside of Aalto Network. If you use VPN or sign in a Aalto network you are not required to sign in with MFA. If you do not recover your phone please send ticket to Aalto IT Helpdesk

Can I use multiple phones?

  • Yes MFA supports registration of multiple phones

Is MFA signing required when I use Office 365 apps/browser with my mobile phone?

  • Yes, mobile phones apps support also MFA.

Where my phone number or email address are stored when I register?

  • They are stored in the Aalto tenant. The registration details are only visible to the Aalto Office 365 admins. 

Can I Opt-out from MFA ?

  • MFA will be required for Office 365 services in the future and you can't opt out. Currently if you have tested it and would want to opt out until MFA is mandatory, you can do so by requesting it via a ticket to Aalto IT Service Desk.
This service is provided by:

IT Services

Did you find what you were looking for? If not, please contact us.
  • Published:
  • Updated:
URL copied!