COVID-19 Information

Maynooth University IT Services

Toggle

MultiFactor Authentication (MFA) is an extra layer of security that is required for all staff and students who wish to access services such as Office 365, Moodle and Apps Anywhere. This additional security involves the verification of your identity using an additional factor, e.g. one factor may be something you know, such as a password or PIN, and the additional factor may be something your have, such as a smartphone. This prevents others from accessing your account, even if they know your password. The additional factors used for verification include; codes generated by the Microsoft Authenticator app, security codes sent as SMS to mobile phones, or automatically generated telephone calls to your work desk phone.

Without access to your physical mobile device, remote attackers can’t pretend to be you to gain unauthorised access to your account.

You will receive a MFA prompt when logging on to the following and other MU services:

Office 365
Moodle
Apps Anywhere

Due to ever more sophisticated attempts by attackers to gain unlawful access to user accounts and data, not all MFA approval methods are considered equally secure. Therefore, in light of the recent global instances of compromises, Microsoft are running a campaign to move users away from SMS authentication approval to the Authenticator App. MFA approvals via SMS is no longer recommended by Microsoft; starting from the 8th of January 2024, all MFA users will be presented with a prompt to setup the Authenticator App if you have not already done so. For further information on how to use the Authenticator App, please refer to the following information from Microsoft: How to use the Microsoft Authenticator App.

Setting Up MFA

Complete the following steps to setup MFA via the app:

-   Step 1. Install the Microsoft Authenticator App for Windows Phone, Android or IOS on your mobile device
-   Step 2. Go to https://aka.ms/mfasetup and sign in with your Maynooth University Student or Staff account.
-   Step 3. Select the method you wish to use for MS to contact you. It is recommended to setup multiple methods.

MFAStudentUserGuide

What do I do if I change my smartphone?

If you need to update your phone details, go to My Sign-Ins | Security Info | Microsoft.com and sign in with your MU username and password.

If you no longer have your old phone, contact servicedesk@mu.ie for support.

MFA Everywhere

In today's ever increasing threat environment, a password simply isn't enough by itself, and it is alarmingly easy for attackers to steal one form of authentication, but it is much more difficult to steal multiple forms. Therefore, from the 14th of February 2024, MFA Everywhere will be enabled, which will mean that MFA will be required both on and off campus; while working from home, travelling, or working on campus, you must complete MFA authentication when using Office 365 or accessing other online MU services.

Update on 12-Feb-2024:
The implementation of MFA Everywhere and the move to the more secure Microsoft Authenticator App has been extended, the original deadline was the 14/02/2024. Microsoft are continuing with their campaign to remove SMS as it is a less secure method of authentication, but the extension will allow users more time to update their provision and also for additional user support options to be available. IT Services will continue to keep you informed on all updates regarding the enforcement of this security campaign.

Update on 14-Mar-2024:
MFA Everywhere and the move to the more secure Microsoft Authenticator App - these changes are on the way! The original deadline was extended to allow users more time to update their provision and also for additional user support options to be available. The new deadline is confirmed as the 18th of April 2024. Further details will follow on additional supports to enable this change.

MFA and Guest Access

In an effort to create a more secure guest sharing environment in Microsoft 365, from the 8th of January 2024, MFA for Guests is enabled; 3rd party users or guests as members of Teams will be required to use MFA authentication in order to gain access to Teams Posts and Files. Multifactor authentication greatly reduces the chances of an account being compromised. It is especially important to enforce MFA for guests, as many guests use personal accounts which don't adhere to any of the best practices or security policies that are critical to reducing the risk of unknown parties accessing university sites and files.

MFA FAQs

For further information on MFA, review our FAQs. If you do not find what you are looking for, please contact us via the MU Support Portal.