In 2025, some University members may notice a change to the multi-factor authentication (MFA) process. Microsoft has introduced this change to encourage users to move to more secure methods of MFA.
Not everyone will experience a change, it will depend which MFA methods you have registered and which is set as your default - full details are provided below.
When you sign in to a service and are asked for authentication, the ‘system preferred’ MFA process will check the authentication methods you have set up and will prompt you to sign in using the most secure MFA method you have registered. The MFA methods considered most secure are (in order):
Read the full list of available MFA methods on our MFA page.
Microsoft's 'system preferred MFA' will override the default preference you have set if it is less secure than one of the other methods, but you will still be able to choose whichever registered authentication method you prefer. Please note that the prompt will always indicate the most secure method that Microsoft recommends that you use, helping you to keep personal and University data secure.
No, however you may wish to review your MFA settings by logging in to the Microsoft My Sign-ins webpage using your University of Bristol username in the format ab1234@bristol.ac.uk and your password.
If you are still using text message or phone call as an MFA method, we recommend that you move to Microsoft’s Authenticator app or a security key and delete the text message/phone call as an MFA method. Text messages and phone calls can easily be intercepted, so are less secure MFA methods than a security key or the Microsoft Authenticator app.
If you don't already have more than one method of authentication set up, please take this opportunity to set up a second method of MFA on a separate device. This will really help if you lose or damage your first MFA method, as it is much quicker to get set up again.
