MultiFactor Authentication (MFA) is an extra layer of security that is required for all staff and students who wish to access services such as Office 365, Moodle and Apps Anywhere. This additional security involves the verification of your identity using an additional factor, e.g. one factor may be something you know, such as a password or PIN, and the additional factor may be something your have, such as a smartphone. This prevents others from accessing your account, even if they know your password. The additional factors used for verification include; codes generated by the Microsoft Authenticator app, security codes sent as SMS to mobile phones, or automatically generated telephone calls to your work desk phone.
Without access to your physical mobile device, remote attackers can’t pretend to be you to gain unauthorised access to your account.
You will receive a MFA prompt when logging on to the following and other MU services:
- Office 365
- Apps Anywhere
Due to ever more sophisticated attempts by attackers to gain unlawful access to user accounts and data, not all MFA approval methods are considered equally secure. Therefore, in light of the recent global instances of compromises, Microsoft are running a campaign to move users away from SMS authentication approval to the Authenticator App. MFA approvals via SMS is no longer recommended by Microsoft; starting from the 8th of January 2024, all MFA users will be presented with a prompt to setup the Authenticator App if you have not already done so. For further information on how to use the Authenticator App, please refer to the following information from Microsoft: How to use the Microsoft Authenticator App.