Multifactor Authentication (MFA, 2FA)
MFA services use two or more authentication methods, as mentioned below:
- Something you know (typically a password).
- Something you have (a trusted device that is not easily duplicated, like a phone).
- Something you are (biometrics).
Why Multifactor Authentication?
- MFA brings an additional layer of security to your user account.
In addition to the username and password, the attacker would need access to the extra authentication method you’ve defined.
- MFA is already in use at organisations around the world and can be considered a standard.
How to begin using MFA?
Register for the multifactor authentication service. You can do so either on a mobile device or on a workstation.
- Download and install the Microsoft Authenticator app from your mobile store. (Remember to accept notifications sent by the app!)
Note: Do not sign in to the Microsoft Authenticator app.
- Go to https://aka.ms/mfasetup for MFA.
- Sign in with your Aalto email address.
- If you don´t have an Aalto email address, enter your Aalto account in the format [email protected] and choose 'Next'. Sign in with your Aalto account in the format aalto\aaltousername and type your Aalto password. Choose 'Sign in'.
- Follow the instructions on the screen.
NOTE: If MFA registration is mandatory for your organisation, but you are unable to register at the moment, you can postpone the registration for 14 days.
After signing in to https://aka.ms/mfasetup with your Aalto email address you are prompted to download the Microsoft Authenticator app.
If you have already downloaded the app, you can just click/tap "Next". If not, download the app. Proceed to next page.
- In the application: Add a new account and choose "Work or school account".
- In the registration screen: Proceed to the next page.
- Scan the QR Code on the screen with the application, or, on mobile, tap on "Pair your account to the app by clicking this link."
- Proceed to the next page.
- Approve the notification that is sent to your app to test the connection.
- Once approved you'll see a text "Notification approved" on the screen. Proceed to the next page.
- All set (almost)! Click Done. In the opening Security info view, we strongly recommend that you add an additional authentication method, e.g. an SMS code authentication. This is critical in case you e.g. change phones or lose your phone. Please see "Optional ways to use MFA" from https://www.aalto.fi/en/services/how-to-use-mfa
NOTE! MFA is ENABLED into use approximately 2 hours after the registration.
NOTE! You can test the functionality of the additional authentication method now by going to https://mfatest.aalto.fi with a browser
How to use MFA
Multifactor Authentication (MFA, 2FA) is a method of confirming user’s identity with two or more pieces (mobile app) of evidence when signing on to a system or a service.
MFA - frequently asked questions
How to reset MFA when your phone has changed, and other answers also.