Multi-factor authentication (MFA)

All University members must set up multi-factor authentication (MFA) on their University account. 

Multi-factor authentication (MFA) is an additional layer of security for online accounts. 

MFA helps protect your personal and financial information. Using MFA reduces the risk of someone gaining access to your account even if they find out your username and password, for example through a cyber attack or scam. Microsoft research suggests MFA can reduce such attacks by as much as 99.9%.  

MFA is a condition of the policies you agreed to when you signed the Student Agreement (students) or the general terms and conditions of employment (staff).

On this page:

How to set up MFA

Set up MFA on your University account

How to set up MFA (video)

MFA enrolment overview diagram

Diagram showing the MFA set-up process

Set up MFA using the Microsoft Authenticator app (recommended)

For the best experience setting up MFA, we recommend you have the following available: 

The following instructions are for the Microsoft Authenticator app.

  1. On your PC / tablet, visit https://mysignins.microsoft.com/security-info

    Taught students: you can also sign in at https://mysignins.microsoft.com/security-info on your smartphone if that is all you have. Please follow the on-screen instruction to add your preferred authentication method.

  2. Log into your University of Bristol account and remember to put @bristol.ac.uk after your username.

    You will now see the 'my sign ins’ security info page.

    Image showing the Microsoft Security page for setting up MFA. The screen includes the text "Add sign-in method"

  3. Once signed in click on ‘add method’

The Microsoft Security page for setting up MFA. The image reads "start by getting the app".

 4. The next screen will ask you to install the Microsoft authenticator app.

5. In the app, select ‘add an account’ and choose the option ‘work or school’.   

6. In your browser, a QR code will be generated which you need to scan with your phone’s camera.

Image showing the Microsoft Security page for setting up MFA. The image reads "scan the QR code".

7. Confirm your sign-in on the authentication pop-up request that will appear on your phone.‌

Image showing the Microsoft Security page for setting up MFA using the Microsoft Authenticator app. The image reads "Notification approved".

8. You are now signed up to use MFA!

Within 24 hours, you will start to be asked to authenticate when you sign into various University services. You will still be able to sign in during this time.

 Image showing the Microsoft Security page for setting up MFA using the Microsoft Authenticator app. The image reads "Success! Great job. You have successfully set up your security info".

Set up MFA without a smartphone

  1. On your PC / tablet, go to https://mysignins.microsoft.com/security-info.
  2. If your University Microsoft account is not your default account, please log out first.
    • Make sure you set this up on your University of Bristol Microsoft account to link it to your university username and password.
  3. Log into your University of Bristol account using the format username@bristol.ac.ukand your password.
    • You will now see the ‘my sign ins’ security info page.
  4. Once signed in, click on ‘add method
  5. Select 'phone’ from the drop-down list, and then ‘add’.
  6. Select your country code and enter your phone number. Select 'text me a code' or 'call me'.
    • Please miss off the initial '0' when entering your phone number (for example, enter 7912345678 for a UK number).
  7. Enter the code sent to your phone number to confirm your MFA setup.
    • On the security page, you can then set the default authentication method to either phone call or text (SMS).
  8. Within 24 hours you will now be asked to authenticate your login across a range of University services. You should still be able to sign in during this time.

Microsoft's video will give you a good idea of what MS MFA enrolment looks like in practice: Video: Set up multi-factor authentication with a mobile device in Microsoft 

Set up MFA without a mobile phone

If you cannot use a mobile phone to set up MFA and authenticate, you can use a USB security key (YubiKey).

Students can collect USB security keys from the IT Services Counter in the Arts and Social Sciences Library. The counter is open from Monday to Friday, from 9 am until 11.30 am, and 2 pm until 3.30 pm. You will need to show your student ID card to collect a security key. If you need a security key outside of these hours and you cannot log into your University account, please contact IT Services by phoning 0117 428 2100 (available 24 hours), or raising a ticket using the IT self-service site (requires log-in). 

You can also buy your own USB security key. This must be a blue FIDO2 YubiKey security key.

Staff members can request a security key by contacting IT Services.

Note: If you use a security key as your primary authentication method, we advise you to set up a secondary method of authentication in case you lose the security key. This will allow you to continue working while a new key is ordered.

Set up a second MFA method

You may temporarily lose access to some University services if you:

To reduce the risk of this happening, we recommend that you add a second authentication method, preferably one you can access using a different device. 

To set up a second method, log into the Microsoft Security Information page, click "Add sign-in method" and follow the steps on-screen.    

If you have more than one device

If you have more than one device (for example a smartphone and a tablet or laptop), we recommend you also install the Microsoft Authenticator app on your second device. Log into the Microsoft Security Information page on your main device, click "Add sign-in method" and follow the steps on-screen to set up the second device.    

If you do not have a second device

If you do not have a second device, we recommend that you still add a second authentication method. Log into the Microsoft Security Information page, click "Add sign-in method" and follow the steps on-screen.   

If you need to travel

If you travel and will need to access University services, please use an authenticator app as your default sign-in method. Log into the Microsoft Security Information page, and make sure the "Default sign-in method" is the authenticator app.   

If you do not have data when you are travelling, you can obtain a one-time code in the app. Simply open the app and click “University of Bristol” to see the one-time code.

If you get a new phone or device

If you have a new phone, please follow the instructions to set up MFA on the new device.

Help and support

We have advice about using multi-factor authentication, including how to sign in with MFA, and how to set MFA up on a new phone.

If you need more support, please contact IT Services by phoning 0117 428 2100 (available 24 hours), or raising a ticket using the IT self-service site (requires log-in). More technical queries, such as a reset to MFA if you have lost your phone or authentication device, can be resolved from 8 am until 5 pm, Monday to Friday (apart from on University closure days). Outside of these hours, please raise a ticket using the IT self-service site.