Multi-factor authentication (MFA)

Multi-factor authentication (MFA) is an additional layer of security for online accounts. It protects your data by preventing unauthorised access to your University account.

MFA for taught students

From August 2022, undergraduate and postgraduate taught students must set up multi-factor authentication.

Once you have completed registration for the 2022-23 academic year, you will receive an email asking you to set up MFA.

Set up MFA on your University account.

MFA enrolment overview diagram

On this page:

• What MFA is
• Why it is important
• When to set up
• Set up MFA
• Set up MFA without a smartphone
• Set up MFA without a mobile phone
• Set up a second MFA method
• Help and support

What multi-factor authentication (MFA) is

Multi-factor authentication (MFA) is an additional layer of security that can help prevent unauthorised access to your online accounts, for example through a cyber attack.

MFA reduces the risk of someone gaining access to your account even if they find out your username and password.

MFA is easy to use. It combines something you know (in this case your University username and password) with something you have (such as a notification from an app on your smartphone) to confirm your identity when you try to access some University services.

At the University of Bristol, we support the use of the Microsoft Authenticator app.

Why it's important to use MFA

MFA helps protect your personal information. You probably already use it if you do online banking or shop online. 

University students and staff are often targeted by cyber criminals attempting to steal:

• Personal data
• Personal financial information
• Confidential research data.

Using MFA significantly reduces the chance that your login details become compromised and your accounts accessed by criminals in a cyber attack. 

Microsoft research suggests multi-factor authentication can reduce such attacks with compromised identity by as much as 99.9%. 

When to set up MFA 

If you are a student, you will receive an email once you have completed the registration process when you join the University or, if you’re a returning student in 2022, at the start of the new year for your course. Please set up MFA following the instructions on this page.

If you are a member of staff or a postgraduate research student, you will be prompted to set up MFA when you try to access certain University services.

If you have difficulty setting up MFA, for example because of an accessibility issue, please contact IT Services.

Set up MFA

For the best experience setting up MFA, we recommend you have the following available: 

• Your mobile phone (connected to a good data signal, wifi, or eduoram, if you are on campus)
• A PC or tablet connected to the internet. If you are a staff member or postgraduate research student, you must use your University laptop or computer.

If you are an undergraduate student or postgraduate taught student, it is possible to set up multi-factor authentication using just a single smartphone with a wifi or data connection. 

We recommend you use the Microsoft Authentication app on your smartphone to use MFA. If you do not have a smartphone, do not worry, you can still use multi-factor authentication, please refer to the guidance below.

The following instructions are specifically for the Microsoft Authenticator app.

Set up is easy and once you are logged in just requires you to follow the on-screen instructions. 

1. On your PC / tablet, visit https://mysignins.microsoft.com/security-info

   • (Taught students: you can also sign in at https://mysignins.microsoft.com/security-info on your smartphone if that is all you have. Please follow the on-screen instruction to add your preferred authentication method) 

2. Log into your University of Bristol account and remember to put @bris.ac.uk after your username.

   You will now see the 'my sign ins’ security info page.

   ‌

3. Once signed in click on ‘add method’

• Select ‘authenticator app’ from the drop-down list
• And then select ‘add’.

‌‌

 4. The next screen will ask you to install the Microsoft authenticator app.

• Leave this window open while you download the app to your smartphone.
• Download and install the “Microsoft Authenticator” app from Google Play or the App Store depending on your device. 
• If prompted allow notifications in the app.

5. In the app, select ‘add an account’ and choose the option ‘work or school’.   

• Select the required app permissions such as ‘use camera’, which you will need as part of the set-up process.
• You can change the cameral app permission when set up is complete.
• Once you have downloaded the app, click 'next' on your computer.

6. In your browser, a QR code will be generated which you need to scan with your phone’s camera.

• If you can’t scan the image, you can enter the QR code and URL manually.
• If the QR code times out, simply repeat.
• Click next on your computer to get an ‘approve sign-in request' sent to your phone to confirm it is all working.  

7. Confirm your sign-in on the authentication pop-up request that will appear on your phone.‌

8. You are now signed up to use MFA! Within 24 hours, you will start to be asked to authenticate when you sign into various University services. You should still be able to sign in during this time.

 

Set up MFA without a smartphone

1. On your PC / tablet, go to https://mysignins.microsoft.com/security-info.
2. If your University Microsoft account is not your default account, please log out first.
   • Make sure you set this up on your University of Bristol Microsoft account to link it to your university username and password.
3. Log into your University of Bristol account using the format username@bris.ac.ukand your password.
   • You will now see the ‘my sign ins’ security info page.
4. Once signed in, click on ‘add method’
5. Select 'phone’ from the drop-down list, and then ‘add’.
6. Select your country code and enter your phone number. Select 'text me a code' or 'call me'.
   • Please miss off the initial '0' when entering your phone number (for example, enter 7912345678 for a UK number).
7. Enter the code sent to your phone number to confirm your MFA setup.
   • On the security page, you can then set the default authentication method to either phone call or text (SMS).
8. Within 24 hours you will now be asked to authenticate your login across a range of University services. You should still be able to sign in during this time.

Microsoft's video will give you a good idea of what MS MFA enrolment looks like in practice: Video: Set up multi-factor authentication with a mobile device in Microsoft 

Set up MFA without a mobile phone

If you cannot use a mobile phone to set up MFA and authenticate, you can use a USB security key (YubiKey).

If you are a student and you need a USB security key, you can collect one from the IT Services Counter in the Arts and Social Sciences Library. The counter is open from Monday to Friday, from 9 am until 11.30 am, and 2 pm until 3.30 pm. You will need to show your student ID card to collect a security key.

Staff members can request a security key by contacting IT Services.

Note: If you use a security key as your primary authentication method, we advise you to set up a secondary device in case you lose the security key. This will allow you to continue working while a new key is ordered.

Set up a second MFA method

We strongly recommend that you add at least one alternative authentication method and/or device.  

• Being able to authenticate on a second device will help you access your account if you lose or forget the phone or device you usually use to authenticate or if you need to set up MFA on a new phone. 
• It's also a good idea to set up different authentication methods on the same phone, so you can choose between the Microsoft Authenticator app and another app or text message.  
• Simply return to https://mysignins.microsoft.com/security-info, log in and follow the on-screen instructions to add another method.  
• You can also choose your default authentication method here, although we always recommend using the one time codes on the Microsoft Authenticator app whenever possible.  

Help and support

Support using MFA

If you require further support, please contact IT Services.

Help with set up or sign in

For help to set up or sign into MFA, please contact IT Services.

To avoid difficulties logging in to services if you've forgotten your device, we encourage you to set up an alternative sign-in method by following the set up guidance on this page.