Aalto Multifactor Authentication on Office 365 accounts

Multifactor Authentication (MFA) is a method of confirming user’s identity with two or more pieces of evidence when signing on to a system or a service.

Users can enhance security of Aalto Office 365 accounts by registering for multifactor authentication service. More information about multifactor authentication service can be found below.

Multifactor Authentication – What it is?

Multifactor Authentication (MFA) is a method of confirming user’s identity with two or more pieces of evidence when signing on to a system or a service.

MFA services use two or more authentication methods mentioned below:

  • Something you know (typically a password)
  • Something you have (a trusted device that is not easily duplicated, like a phone)
  • Something you are (biometrics)

Why Multifactor Authentication?

  • MFA brings an additional layer of security to your user account

In addition to the username and password, the attacker would need access to the extra authentication method you’ve defined.

  • MFA is already in use at organizations around the world and can be considered a standard

How to take MFA into use?

Step 1: Register for the multifactor authentication service. You need a mobile and workstation to accomplish the task.      

Mobile      

  • Download and install Microsoft Authenticator App from your mobile store. (remember to accept notifications sent by the app!)

Workstation

  • Go to https://aka.ms/mfasetup for MFA
  • Sign in with your Aalto email address
  • Optional: You may not have a mobile number (already) in the system, therefore you might get the following screen when signing in for the first time; 
additionalsecurityverification

Enter your mobile number and change method to “Send me a code by text message". The system will verify your mobile number by sending you a code. Enter the code to the box and press verify. Proceed to next page:

  • Set Preferred verification option by default to Notify me trough app
  • Set your mobile number (if not already displayed) Authentication Phone
  • Choose Authentication app or token, and Setup Authentication app

Enter your mobile number and change method to “Send me a code by text message". The system will verify your mobile number by sending you a code. Enter the code to the box and press verify. Proceed to next page:

  • Set Preferred verification option by default to Notify me trough app
  • Set your mobile number (if not already displayed) Authentication Phone
  • Choose Authentication app or token, and Setup Authentication app

Mobile     

  • Add account to Microsoft authenticator app on mobile
  • Choose Work or school account
  • Scan QR code displayed on workstation with app

Workstation  

  • With verification you will get notified to your Microsoft Authentication  app.

Mobile     

  • Approve notification on mobile

Workstation  

  • Save and verify settings once again

Mobile    

  • Approve verification notification on mobile

Workstation       

  • Follow the rest of instructions and you are DONE

Step 2: How to use multifactor authentication

MFA Authentication is only in use outside of the Aalto network when signing into Office 365 services.

1) In addition to regular signing in, additional approval is asked you

2) Office 365 service will send a notification to your registered Authenticator app for approval

3) Once you have approved authentication you are signed into service/application

howtousemfa

MFA for Aalto Office 365 service

  • User feedback of MFA is more than welcome. You can provide feedback to following link

FAQ - Frequently Asked Questions

How I sign in if I lose my phone?

  • MFA is active when signing in from outside of Aalto Network. If you use VPN or sign in a Aalto network you are not required to sign in with MFA. If you do not recover your phone please send ticket to Aalto IT Helpdesk

Can I use multiple phones?

  • Yes MFA supports registration of multiple phones

Is MFA signing required when I use Office 365 apps/browser with my mobile phone?

  • Yes, mobile phones apps support also MFA.

Where my phone number or email address are stored when I register?

  • They are stored in the Aalto tenant. The registration details are only visible to the Aalto Office 365 admins. 

Can I Opt-out from MFA ?

  • MFA will be required for Office 365 services in the future and you can't opt out. Currently if you have tested it and would want to opt out until MFA is mandatory, you can do so by requesting it via a ticket to Aalto IT Service Desk.
This service is provided by:

IT Services

Did you find what you were looking for? If not, please contact us.
  • Published:
  • Updated:
Share
URL copied!