Multi-Factor Authentication (MFA)

Enhancing the security of school accounts using multi-factor authentication.

Account security using MFA

To enhance the security of school accounts, we are introducing multi-factor authentication (MFA). In addition to your existing username and password, we are adding another verification method using an app installed on your mobile phone (recommended method) or by entering a code from an SMS. This method of verification provides a higher level of security for your user accounts and data, protecting against password misuse, password guessing, phishing, and other common attacks. The same security principle is used, for example, for online banking, social networks, private email accounts, and other important services.

Settings in Microsoft 365

The system is designed so that users can set up multi-factor authentication (MFA) themselves. Microsoft 365 will guide you through the entire process step by step. MFA settings are done in your account settings, in the Security Info section.

Loss of access to the verification method in Microsoft 365

To reset and set up a new MFA verification method, physical verification of your identity by an IT staff member is required. Therefore, you will need to visit the IT department in person. Remember to bring an identity document, such as an ID card, driver's license, residence card, or passport (other cards, including student or ISIC/ITIC cards, will not be accepted). The central department is located at the rectorate, and there is one at each faculty. We recommend calling the relevant IT department first to arrange a visit, see Contact details for the IT department.

Only in exceptional cases, when you are at a great distance, for example, abroad, and need immediate access recovery, you can arrange a video call with an IT staff member, where you must also present one of the above-mentioned documents during the video call.

The application through which the video call will be made depends on the specific options of the IT staff member. At the same time, your camera must provide sufficient quality to verify your identity, especially the photo and details on your document.

Frequently Asked Questions

Will I have to verify with a second factor every time I log in?

No, it is possible to temporarily remember the login and verification on the device.

How often will I have to verify with a second factor?

The login risk is evaluated each time you access the application based on security policies. In the case of remembered verification on a school computer connected to the school network, second-factor verification will be minimal, while on a private device, verification will be required more frequently.

Which applications and services require second-factor verification?

All Microsoft 365 services and applications (Microsoft Teams, OneDrive, SharePoint, Outlook/Exchange, and others), or those that use Microsoft 365 authorization for verification.

Can I use multiple verification methods?

Yes, it is possible, and we even recommend it. This will prevent problems in situations where you lose access to one of the methods, for example, if your mobile phone with the verification app is damaged.

What are the options for the second factor?

Microsoft Authenticator app for Android or iOS

• Recommended method
• Highest security
• Easy to use
• Displays additional login information (application, location)

Alternative OAuth apps

• Use your existing app (Google Authenticator, Raivo Authenticator, and others)

SMS

• Set up a company or private phone number to which a verification SMS is sent.