Multi-Factor Authentication Project
This page provides information about the Multi-Factor Authentication (MFA) Project, for information about the service please visit the new MFA Intranet page.
The University is adding an extra layer of security for staff and students logging in to Office 365 accounts, by implementing a Multi-Factor Authentication (MFA) solution. This is in response to the significant rise in reported account compromises due to phishing attacks against our institution.
The implementation of MFA will strengthen security as well as improving compliance with Cyber Essentials Plus accreditation which we achieved in January 2019.
Information Services will notify you by email of your MFA rollout date. You don't need to be on campus to configure your device for MFA.
What is Multi-Factor Authentication?
Multi-Factor authentication provides an additional layer of security by adding an extra step to the login process, requiring you to confirm your identity via a mobile device.
If you use mobile banking you will most likely have come across Multi-Factor Authentication already – you may need to enter your login details and then use your device to generate a code to verify your identity and give you access to your account.
How does MFA work?
MFA adds an additional layer of security by requiring an extra login step to validate your login. This extra step makes it significantly more difficult for an attacker to access your account, even if they manage to discover your username and password.
This extra login step is called your Second Factor, is usually carried out using a mobile device and can be configured in the following ways:
- A push notification through the Microsoft Authenticator app. This is the most secure and convenient method and is recommended by Information Services. The app can also work offline by generating a 6 digit code. What is the Microsoft Authenticator app and what can it access?
- A text message to your phone, containing a 6 digit code. This option is intended for those without a device capable of installing the Authenticator app.
How do I set up and use MFA?
In order to access your Office 365 account (including email) from any device out with the University network you will need to set up Multi-Factor Authentication, you don't need to be on campus to set it up.
MFA can be set up or changed here by signing in using your University email address. The set up process is self-explanatory, but documentation can be found below:
How to set up MFA with the App using just a smartphone or tablet - video demonstration.
MFA Setup - Pair
QR Code Method
How to set up MFA with the App using a smartphone or tablet and a computer.
MFA Setup - QR Code
How to set up MFA to text you a code.
MFA Setup - SMS
Adding Additional Devices
How to set up MFA with the App on an additional device, allowing it to also perform MFA.
MFA Setup - Additional Device
Once you have set up MFA you must remove your email account from your device and re-add it using the relevant guidance below:
How to set up your email account from your iOS device with MFA enabled
How to set up your email account from your Android device with MFA enabled
How to set up your email account from your Windows device with MFA enabled
How to set up your email account from your MacOS device with MFA enabled
MFA Known Issues
Information Services are currently aware of the following known issues with MFA:
Android Mail App
Default email apps that come with Android devices are not compatible with MFA. To sync your email and calendar with your Android device, you must download and install Microsoft Outlook, available on the Play Store. Sign in to the Outlook app with your email address and university password. If off campus, you will be prompted for an MFA check.
Additionally, your Android device must be version 5 (Lollipop) or newer. Older versions of Android may still access email through the Edinburgh Napier app, or through https://outlook.office.com. Older versions can also still act as your Second Factor for MFA, through the Microsoft Authenticator app, or through SMS if this is unavailable.
If you are still experiencing issues accessing email from your Microsoft Outlook app on Android, remove the account and add it again.
iOS Mail App
Currently there is an issue some are experiencing accessing
email off campus with the default iOS mail app. To access your University
email with the iOS mail app you will need an iPhone 5S or newer (iPhone 5 and 5C and older are not compatible with a mail app. If you have one of these you can access your email via the Edinburgh Napier app or via https://outlook.office.com via a browser).
Your device can still be used for MFA using the Authenticator app or via text notification.
If you are still experiencing issues accessing email from an
iPhone 5S or newer off-campus, please delete the exchange account and add it
- Type: Exchange
- Email: [LoginID]@napier.ac.uk
- Password: xxxxxxx
You’ll be prompted to “Sign in” or “Configure
manually”. Select sign in. This will take you to a Microsoft sign
in page to complete the setup.
Where can I find further information?
If you have any further questions please contact the IS Service Desk in the first instance.
Further information about Information Security within the University can be found on the following page:
Staff: Information Security intranet pages