Multi-factor authentication

How to start using Multi-factor Authentication – Staff Guide

Our organization uses multi-factor authentication (MFA) for our M365 services. Multi-factor authentication significantly increases the security of devices and services and keeps documents secure. In addition to the username and password, MFA authentication takes place in a third way, for example with a code sent to the phone. In addition to your password, logging in to our M365 service from a network outside the organisation (e.g. at home) and from mobile applications (e.g. Outlook or OneDrive on a smart device) requires confirmation. The confirmation can be sent to the user’s phone via SMS or via push notification to separate Microsoft Authenticator application. You can enable MFA at link https://aka.ms/MFASetup or while on a network outside your organisation, such as at home or on mobile data only.

Your smartphone is an important part of logging in

  • If you receive a confirmation request for login and you are not logging in to our M365 service yourself, do not accept the login and contact Jelppari immediately.
  • Student: If your phone is lost or you think it has been stolen, contact Jelppari immediately so that the MFA can be locked.
  • Staff: If your workphone or your phone containing a Sedu/SeAMK SIM Card is lost or you think it has been stolen, contact Jelppari immediately so that the workphone can be locked, and the SIM card closed.

Acceptance of multi-factor authentication is always required for the first external login, for example when logging in to the M365 service from a home computer. If you allow data to be saved in your browser, the next time you log in, you will no longer be asked for approval. After a certain time or when logging in from a new machine, multi-factor authentication will be requested again, so when logging in to our M365 service from outside, it is a good idea to keep your phone at hand. When you sign into a mobile app (such as Outlook), you’ll be asked for confirmation when you link your account. If your login information changes for example because of password change, you will need to re-perform with multi-factor verification

  • Multi-Factor Authentication with Microsoft Authenticator
    1. Staff: Open the Microsoft Authenticator application on your phone. If it is not installed on your phone, install the app from either the Play Store or the App Store
      Student: Install the Microsoft Authenticator app from either the Play Store or the App Store
    2. You can start the process from this link on your computer: https://aka.ms/MFASetup
    3. Log in with your M365 ID and password
    4. Multi-factor authentication needs more information the first time you use it, press Next
    5. The additional security check selects the authentication method that you want to use for verification. Select Mobile App from the drop-down menu and select the box next to Receive notifications for verification from the box below. Then press the Set up button.
    6. A new window will open, Configure Mobile app, and the QR code will be displayed on the page
    7. Open the Microsoft Authenticator application on your phone. In the application select Scan QR-Code and allow the app to use the Camera App if prompted.
    8. The QR code reader will then open on your phone. Aim your phone’s camera at your computer screen so that the QR code on your computer screen fits in the preview area on your phone
    9. Once the code has been read, click the Next button in the computers browser window.Note! If you are using a laptop, you may need to zoom in on the page for the Next button to appear. You can see the zoom setting at the three dots / three lines at the top right of the browser, depending on which browser you are using. The zoom must be reduced so much that the Next button appears (for example, to 80%).
    10. The Authenticator application on your phone will then receive a confirmation message that must be accepted for the application to work
    11. We recommend that you enter your phone number  in case you accidentally uninstall the Authenticator mobile app or for some reason the Authenticator application cannot be used (eg your mobile device is broken and you get a new phone). Enter your work phone number in the field and press Done
    12. The steps for Multi Factor authentication are now complete. When you log in from an external network (such as your home), you will now be notified that you can accept the log in with Microsoft Authenticator

    Acceptance of multi-factor authentication is always required for the first external login, for example when logging in to the M365 service from a home computer. If you allow data to be saved in your browser, the next time you log in, you will no longer be asked for approval. After a certain time or when logging in from a new machine, multi-factor authentication will be requested again, so when logging in to our M365 service from outside, it is a good idea to keep your phone at hand. When you sign into a mobile app (such as Outlook), you’ll be asked for confirmation when you link your account. If your login information changes for example because of password change, you will need to re-perform with multi-factor verification.

  • Multi Factor Authentication via SMS

    If you do not want to install Microsoft Authenticator on your phone, you can enable SMS authentication.

    1. You can get started from this link https://aka.ms/MFASetup
    2. Log in normally with your M365 ID
    3. Multi Factor authentication needs more information the first time you use it, press Next
    4. In the Additional security check section, first select the Authentication phone number option, then select the country code (Finland (+358)) and enter the work phone number in the field next to it. After this, it is important to change the selection to Send me a code via SMS in the field below. Then press Next
    5. Confirmation code arrives on your phone, check and enter the sent code in the Confirmation field, and then press Verify.
    6. The system checks if the confirmation code matches the one sent and should inform you that the code was verified. Press Ready.
    7. The Multi Factor authentication is now complete, and you can use the M365 service normally or close the opened page if you followed the MFASetup link from the beginning of the guide.

    Acceptance of multi-factor authentication is always required for the first external login, for example when logging in to the M365 service from a home computer. If you allow data to be saved in your browser, the next time you log in, you will no longer be asked for approval. After a certain time or when logging in from a new machine, multi-factor authentication will be requested again, so when logging in to our M365 service from outside, it is a good idea to keep your phone at hand. When you sign into a mobile app (such as Outlook), you’ll be asked for confirmation when you link your account. If your login information changes for example because of password change, you will need to re-perform with multi-factor verification.

  • Change / update the Multi Factor authentication method

    It is also possible to change the authentication method afterwards. You may want to chance the method, for one reason or another, for example the phone changes or no longer wants to confirm the login via SMS. It is possible to switch to Multi Factor authentication using another method by going to https://aka.ms/MFASetup and following the instructions below.

    1. Open this link https://aka.ms/MFASetup
    2. Then select from the dropdown menu which verification method you want to use (the current default appears as the first option). The guide switches from using a text message to a mobile application (Microsoft Authenticator).
      • When the Report via Application option is selected, also select the Authenticator application or click Click Configure Authenticator Application. Then follow the instructions in Multi Factor Authentication with Microsoft Authenticator.
      • To change the default from Authenticator to SMS, select Send Code As SMS To Authentication Phone Number, and make sure that Authentication Phone Number has a dot and your phone number on the line. This is followed by Multi Factor Authentication via SMS from step 6 onwards.
      • When your phone changes, you will need to reconfigure the Authenticator application by clicking Configure the Authenticator application. Go to Multi-Factor Authentication with Microsoft Authenticator -part of this guide and follow the steps there.