Any views expressed within media held on this service are those of the contributors, should not be taken as approved or endorsed by the University, and do not necessarily reflect the views of the University in respect of any particular issue.

Computing Systems

Computing Systems

Informatics Computing Staff jottings

MFA is coming

(Now updated to mention otpclient.)

As you may know, the University is introducing MFA, or Multi-Factor Authentication. It’s doing this to increase security, to protect us from increasingly severe online threats. At the moment MFA is specifically for Microsoft services – Teams, email, SharePoint, Office 365, and so on.

What is MFA?

In practice what this means is that when you use one of these services, as well as being asked for your username and password you will occasionally also be asked to validate your login in some other way, usually by providing a 6 figure number, different each time.

You can get this number – a validation code – in a number of ways. For example, you can use an authenticator app on your smartphone or other device, or you can validate using a text message, or by means of a phone call to a phone number which you provide – perhaps your office phone if you have one.

You must register in advance

You can use whichever of these methods is convenient at the time, but you need to have set up each method before you can use it. This only has to be done once for each method you want to use. It’s a good idea to set up several different ways of validating your Microsoft login, so that if your favourite one isn’t available (say, if you lose your phone), you can still validate your login.

Of course, you need to have set these up in advance, before you need to use them. Don’t worry – it’s easier than you might think.

Who uses MFA?

We will all use it eventually, but the University is doing it in stages. In Informatics, Professional Services staff have already moved to MFA. At the time of writing, our research staff and research students will be moving to it soon. Everyone will be moved to it at some point this year or next.

To find out more

The University’s MFA site tells you all about it, including how to set up your validation methods and which ones might be right for you.

Need help?

The dedicated MFA support team can provide help when you need it, 7 days a week.

MFA validation on DICE

On DICE you can generate your MFA codes using otpclient. There’s also a command line version called otpclient-cli.
Each of these has a man page, but there’s also an excellent writeup of how to use them on the otpclient wiki at How to use OTPClient (external link).

To add otpclient as an authenticator for your Office 365 account, use the University’s instructions for Alternative authenticator apps.

There’s a version of this article at computing.help.inf.ed.ac.uk/mfa.

MFA is coming / Computing Systems by is licensed under a

Posted by

Categories

Uncategorized

Tags

No tags have been added to this post.

Previous post

Next post

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

MFA is coming / Computing Systems by is licensed under a
css.php

Report this page

To report inappropriate content on this page, please use the form below. Upon receiving your report, we will be in touch as per the Take Down Policy of the service.

Please note that personal data collected through this form is used and stored for the purposes of processing this report and communication with you.

If you are unable to report a concern about content via this form please contact the Service Owner.

Please enter an email address you wish to be contacted on. Please describe the unacceptable content in sufficient detail to allow us to locate it, and why you consider it to be unacceptable.
By submitting this report, you accept that it is accurate and that fraudulent or nuisance complaints may result in action by the University.

  Cancel