Logo close icon
COVID-19 – Latest MDX updates and FAQs
myUniHub MDXSU

Two-factor Authentication

2FA banner

In order to improve your security at Middlesex, we're introducing Two-Factor Authentication (2FA). 

2FA provides an added layer of security on top of your username and password when you access uni resources online. Once set up, it is easy to use and provides increased protection against cyber-attacks.

From 24 May, you'll be asked to set up 2FA to log in to any Outlook application. This will pop up on your screen when you try to log in, you just need to click 'More info Required' to start setting it up.

Follow the on-screen instructions to register your security methods, if you are having trouble further guidance can be found in the FAQs below.

Top tip: set aside 15 minutes to go through the process. If at any point it stops working, close your browser,  delete the app, and start again.

  • Two-Factor Authentication (2FA) overview

    • What is Two-Factor Authentication (2FA)?

      Two-Factor Authentication (2FA), also known as (multi-factor authentication), provides an additional layer of security on top of your username and password when you access university resources online. Once set up, it is easy to use and provides increased protection against cyber-attacks.2FA being enforced, they cannot exploit your password to login to Microsoft 365 services.

      Hackers and criminals are increasingly gaining access to usernames and passwords across Higher Education organisations via methods such as phishing, publicly available social media information and out of date software/hardware.

      MFA relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you can be a mobile device or hardware token. This means that even if your password is hacked, your account will remain secure.

      Learn more about Microsoft’s Multi-Factor Authentication on their Overview Page.

    • Benefits of Two-Factor Authentication
      • To keep your identity and information safe
      • To stop targetted attacks on the Higher Education sector
      • Most work is being carried out online meaning there is a greater threat of attack on your email and online data
      • Protect our academic and professional services research work from being breached
    • Which services will be protected?
      • Accessing Office365 emails online
      • Microsoft Outlook
      • Microsoft Forms
      • Microsoft Teams
      • OneDrive for Business

      Review our MFA Frequency Settings Guide to review all applications affected.

    • Who is currently impacted by 2FA?

      2FA will impact all staff and students inc. overseas and partners.

    • How often do I need to re-authenticate to login to Office365 services?

      The current settings require reauthentication every 90 days.

      You will need to re-authenticate on each device and each browser you use.

  • How do I get set up for 2FA?

    • What you need to know when getting started with Two-Factor Authentication (2FA)

      To begin using 2FA you must first register a minimum of two security methods, we recommend one of the following options:

      1. Microsoft Authenticator App on a mobile device plus a phone number – this is the default and most strongly recommended
      2. Microsoft Authenticator App on two different mobile devices
      3. If you do not want the Authenticator app on your device then two phone numbers can be used (can be an alternate phone or your office phone)

      We encourage you to register as many security methods as you can. The full list of available methods is:

      • Up to five Authenticator apps across multiple devices (Microsoft Authenticator app is strongly recommended but can be another too)
      • Up to three phone numbers (these may be labelled as “Mobile”, “Alternate” and “Office” but any phone number can be used for each)
      • One non-MDX personal email address (can only be used with SSPR and not 2FA)
      • One set of security questions (can only be used with SSPR and not 2FA)
    • First step instructions to get started

      Important!

      You will see a window appear stating ‘More Information required’ or you may even see a ‘Skip for now (14 days until this is required)’ dialogue – Click Next to begin the process

      if you are not prompted, visit this web page to get the 2FA registration process started: https://mysignins.microsoft.com/security-info

      or https://mysignins.microsoft.com/setupsecurityinfo

      (You may even be prompted without visiting the above links) – this is due to you using desktop applications i.e. MS Teams, Outlook or One Drive

      You must now download and install the Microsoft Authenticator app (see instructions below)

      or

      If you do not want to use an authenticator app. choose, 'I want to set up a different method' (located at the bottom left of the dialogue box)

    • Recommended methods: Using a smart phone and computer to register the 'Authenticator app' and a 'Phone number'

      This is the securest and most recommended method by Microsoft.

      Make sure to install the latest version of the Microsoft Authenticator app, based on your operating system:

      Note: If you're not currently on your mobile device, you can still get the Microsoft Authenticator app by sending yourself a download link from the Microsoft Authenticator page.

      Full instruction guide
      Video guide
    • Setting up a phone number and personal email (If you don't want to install a authenticator app)

      By registering a phone number, the phone number will be used to receive a call from Microsoft's automated line. You will be prompted to either press the # key or the £ key, on the keypad of your mobile phone.

      Note: If you are prompted to press the £ key on your keypad - press the # key.

      Note: You can only get to email as an option if you choose phone as  your first option

      Full instruction guide
    • Setting up security questions on your account

      Answer some security questions created by your administrator for your organisation.

      If you choose this option, you will need to answer 5 security questions as a backup method of 2FA.

    • Setting up an alternate authenticator app located on your computer (Mac or Windows - Use Authy)

      Smartphone and desktop app

      • The Authy app can be installed as a desktop/laptop program for Windows and MacOS; this is useful if you don’t have access to a smartphone
      Full instruction guide
    • What are my authentication options?

      You will be able to choose a primary authentication method when you register, which you can change or update at any time. Current options are outlined below:

      Verification MethodDescription
      Mobile Notification (Microsoft Authenticator Required)A push notification is sent to the authenticator app on your smartphone asking you to Authenticate your log in.
      Verification Code (Microsoft Authenticator Required)The Mobile Microsoft Authenticator app will generate a verification code that updates every 30 seconds. You will be asked to enter the most current verification code on the sign-in screen.
      Phone CallsA call is placed to your mobile phone asking you to verify you are signing in. Press the # key to complete the authentication process.

      You will also be asked to set up a backup authentication method. We recommend that you use your office phone as a backup, to help you access your account in case you forget or lose your mobile device.

    • Can I use my Personal Device to set-up 2FA?

      Yes. We encourage you to use your personal device for 2FA.

    • What number can I expect to ring me during registration or use of 2FA?

      You will receive an automated call instantly from Microsoft.

    • The automated voice on the phone call mentions the “pound” key – what is this?

      This is the American term for the “hash” (#) key

  • Self Service Password Reset (SSPR)

    • New Self Service Password Reset (SSPR) system

      Optional (but recommended)

      1. Immediately after the above steps, we recommend that you visit the new Self Service Password Reset (SSPR) system for testing
      2. Please attempt to do a self-service reset of your password using this link:
      • If you don’t want to change your password, please go to the link anyway and on the second screen, select the “I know my password, but still can't sign in” option – this is harmless and won’t change anything
      • See what verification options appear and give them a try
  • Technical support

    • What are my authentication options?

      You will be able to choose a primary authentication method when you register, which you can change or update at any time. Current options are outlined below:

      Verification MethodDescription
      Mobile Notification (Microsoft Authenticator Required)A push notification is sent to the authenticator app on your smartphone asking you to Authenticate your log in.
      Verification Code (Microsoft Authenticator Required)The Mobile Microsoft Authenticator app will generate a verification code that updates every 30 seconds. You will be asked to enter the most current verification code on the sign-in screen.
      Phone CallsA call is placed to your mobile phone asking you to verify you are signing in. Press the # key to complete the authentication process.

      You will also be asked to set up a backup authentication method. We recommend that you use your office phone as a backup, to help you access your account in case you forget or lose your mobile device.

    • How do I change or update my authentication method?

      You can make changes to your authentication settings by visiting Microsoft's Security Verification page.

      If you need to update your 2FA settings, you change your mind or want to add more methods to your account you can follow the steps below.

      The Service Desk cannot update 2FA for a user. Only the user can update their settings. The Service Desk can only clear current 2FA settings.

      1. Open a browser and navigate to https://aka.ms/setupsecurityinfo
      2. The user will need to authenticate and complete a 2FAprompt
      3. Then, you are permitted to do the following:
        1. Select a default method security verification method1. Call my authentication phone2. Call my office phone3. Notify me through app – preferred
    • Can I use my Personal Device to set-up 2FA?

      Yes. We encourage you to use your personal device for 2FA.

    • Once I’ve registered, how often can I expect to be prompted for 2FA again?

      At a minimum, you can expect once every 90 days per device and per browser session. However, we are unable to guarantee you will be prompted for it on random occasions.

      You will need to re-authenticate on each device and each browser you use.

    • What might make me be prompted for 2FA more often than 90 days?

      Some actions - like logging out of browser sessions, rebooting devices, accessing sensitive information, or connecting from a new location – may prompt you for 2FA. As MDX’s security strategy evolves, this scope will also change.

    • Help, I’m stuck in a loop trying to register an Authenticator app

      Please log a call with UniHelp, who can reset your security methods, to allow you to re-start registration

    • Do I need data and/or phone signal to use 2FA?

      Yes. When prompted for 2FA, you will need either a data connection (for Authentication apps) or a phone signal (for phone numbers) on one of the devices you registered for 2FA.

    • I keep getting prompted for 2FA in a private or incognito browser window – why?

      This is by design. Such private browser windows do not preserve logon or 2FA sessions when they are closed.

    • Can I register more security methods?

      Yes, and we encourage you to register as many as you feel comfortable with. The more methods registered, the more secure your account will be.

      Visit this link to add more methods: https://mysignins.microsoft.com/security-info

    • Why can’t I register/use 2FA using SMS on my mobile phone?

      If a hacker were to learn your password, there is a real risk they can intercept SMS texts sent to you and thereby bypass 2FA and get access to your data.

    • Why can I use SMS as one verification method for SSPR?

      SSPR requires two different security methods to be verified before a password can be changed. This makes it unlikely that any SMS interception by a hacker will result in compromise of your account

    • What types of phone numbers can I register?

      Any type, including mobile, landline and office numbers. Although note that, in the future, MDX office phone numbers may migrate from Jabber to Teams; at that point, they would no longer be usable for 2FA

  • General FAQs

    • Why can't I access my emails anymore?

      You may see this message appear on your device when accessing your email – this means you will now only be able to access your emails through the official Microsoft Outlook app:

    • What if I experience issues with 2FA?

      You can contact UniHelp

    • What if I forget my mobile device at home?

      If you forget your mobile device at home or elsewhere, you can use your backup authentication method.

      It happens. You left your mobile device at home, and now you can't use your phone to verify who you are. Maybe you previously added an alternative method to sign in to your account, such as through your landline phone. If so, you can use this alternative method now.

      If you never added an alternative verification method or you run into further issues, you can contact UniHelp.

    • My device was lost or stolen

      If you've lost or had your mobile device stolen, you can take either of the following actions:

      • Sign in using a different method
      • Ask UniHelp to clear your settings

      We strongly recommend letting CCSS Helpdesk know if your phone was lost or stolen. The Helpdesk can make the appropriate updates to your account. After your settings are cleared, you'll be prompted to register for Two-Factor authentication the next time you sign in.

In this section

Back to top