Multifactor authentication (MFA)

Last modified: 03. May 2023

Passwords are the most common method of authenticating a sign-in to a computer or online service, but they're also the most vulnerable. People can choose easy passwords and use the same passwords for multiple sign-ins to different computers and services.

To provide an extra level of security for sign-ins, you must use multifactor authentication (MFA), which uses both a password, which should be strong, and an additional verification method based on:

• Something you have with you that isn't easily duplicated, such as a smart phone.
• Something you uniquely and biologically have, such as your fingerprints, face, or other biometric attribute.

The additional verification method isn't employed until after the user's password has been verified. With MFA, even if a strong user password is compromised, the attacker doesn't have your smart phone or your fingerprint to complete the sign-in. (Source: Microsoft Learn)

According to the system settings you should use MFA when logging in outside of the university network.

The following secondary authentication methods are applicable at this time:

• Some kind of "authenticator" application (e.g. Microsoft Authenticator, Google Authenticator) installed on smartphone,
• Code sent by SMS to a fixed phonenumber.

It is recommended to set up both authentication methods before enabling MFA.

• To set up authenticator app
• To set up SMS-code