• Home
  • Login
  • Welcome to the Staff Intranet

​Multi-Factor Authentication Project


This page provides information about the Multi-Factor Authentication (MFA) Project, for information about the service please visit the new MFA Intranet page


Introduction 


The University is adding an extra layer of security for staff and students logging in to Office 365 accounts, by implementing a Multi-Factor Authentication (MFA) solution.  This is in response to the significant rise in reported account compromises due to phishing attacks against our institution.

 

The implementation of MFA will strengthen security as well as improving compliance with Cyber Essentials Plus accreditation ​which we achieved in January 2019. 


Information Services will notify you by email of your MFA rollout date.  You don't need to be on campus to configure your device for MFA. 


 

What is Multi-Factor Authentication?


Multi-Factor authentication provides an additional layer of security by adding an extra step to the login process, requiring you to confirm your identity via a mobile device.  

MFA image

If you use mobile banking you will most likely have come across Multi-Factor Authentication already – you may need to enter your login details and then use your device to generate a code to verify your identity and give you access to your account. 


 

How does MFA work?


 

MFA adds an additional layer of security by requiring an extra login step to validate your login.  This extra step makes it significantly more difficult for an attacker to access your account, even if they manage to discover your username and password. 


This extra login step is called your Second Factor, is usually carried out using a mobile device and can be configured in the following ways:

  • ​​​A push notification through the Microsoft Authenticator app.  This is the most secure and convenient method and is recommended by Information Services.  The app can also work offline by generating a 6 digit code.  What is the Microsoft Authenticator app and what can it access? 
  • A text message to your phone, containing a 6 digit code.  This option is intended for those without a device capable of installing the Authenticator app.


 

How do I set up and use MFA?

 

In order to access your Office 365 account (including email) from any device out with the University network you will need to set up Multi-Factor Authentication, you don't need to be on campus to set it up. 

MFA can be set up or changed here by signing in using your University email address.  The set up process is self-explanatory, but documentation can be found below:


Pair Method


How to set up MFA with the App using just a smartphone or tablet video demonstration​.​

MFA Setup - Pair ​


QR Code Method


How to set up MFA with the App using a smartphone or tablet and a computer.

MFA Setup - QR Code​


SMS Method


How to set up MFA to text you a code.
MFA Setup - SMS​


Adding Additional Devices


How to set up MFA with the App on an additional device, allowing it to also perform MFA.

MFA Setup - Additional Device​​

 

 

Once you have set up MFA you must remove your email account from your device and re-add it using the relevant guidance below:

How to set up your email account from your iOS device with MFA enabled

How to set up your email account from your Android device with MFA enabled

How to set up your email account from your Windows device with MFA enabled

How to set up your email account from your MacOS device with MFA enabled​

 

MFA Known Issues


Information Services are currently aware of the following known issues with MFA:


Android Mail App


Default email apps that come with Android devices are not compatible with MFA.  To sync your email and calendar with your Android device, you must download and install Microsoft Outlook, available on the Play Store.  Sign in to the Outlook app with your email address and university password.  If off campus, you will be prompted for an MFA check.

 

Additionally, your Android device must be version 5 (Lollipop) or newer.  Older versions of Android may still access email through the iNapier app, or through https://outlook.office.com​.  Older versions can also still act as your Second Factor for MFA, through the Microsoft Authenticator app, or through SMS if this is unavailable.

 

If you are still experiencing issues accessing email from your Microsoft Outlook app on Android, remove the account and add it again. 



iOS Mail App


 

Currently there is an issue some are experiencing accessing email off campus with the default iOS mail app.  To access your University email with the iOS mail app you will need an iPhone 5S or newer (iPhone 5 and 5C and older are not compatible with a mail app.  If you have one of these you can access your email via the iNapier app or via  https://outlook.office.com​ ​via a browser). 

 

Your device can still be used for MFA using the Authenticator app or via text notification. 

 

If you are still experiencing issues accessing email from an iPhone 5S or newer off-campus, please delete the exchange account and add it again:

  • Type: Exchange​
  • Email: [LoginID]@napier.ac.uk
  • Password: xxxxxxx

You’ll be prompted to “Sign in” or “Configure manually”.  Select sign in.  This will take you to a Microsoft sign in page to complete the setup.


 

Where can I find further information?


A list of FAQs can be found on askNapier​. ​ 

If you have any further questions please contact the IS Service Desk in the first instance. 

Further information about Information Security within the University can be found on the following pages:

Students:   Staying Safe Online myNapier pages

Staff:         Information Security intranet pages

​​​​​​​​​​​​​​​​​​​​​​​​​​​​