Article owned by team: Information Systems & Support
Within this article you will find all you need to know to register, and use Multi Factor Authentication at Otago Polytechnic
Topics in the Article
Registering for Multi Factor Authentication
Logging in using Multi Factor Authentication
Updating your security information
Staff are required to use Multi Factor Authentication (MFA) to access online resources when they are not physically on campus.
If you have never used MFA before on your OP account you will need to register first. You'll be prompted to register automatically when you try to access an online resource for the first time both on and off campus.
We have a video available to watch which can be found here or you can use the documentation below.
MFA Registration
You'll see the prompt below the first time you access email, CRM, Teams or other Office 365 applications. You can click here to register now or update your security information if you've already registered.
Follow these steps to set up your security info for your work account from the prompt.
After you select Next (Above) from the prompt, a Keep your account secure wizard appears (Below).
App Setup
We strongly recommend using the "Microsoft Authenticator" smart phone app. However if you don't have a smart phone you can use a standard phone. This could be your own mobile or your home phone.
See Phone Setup if you'd prefer to use this method
If you are viewing this on your mobile device you can use the link here to download the Microsoft Authenticator app
If not from your device, go to your app store and search for "Microsoft Authenticator" and install it, then click Next
Before moving forward read this whole section in blue.
Note: There may be some slight variation in the steps below depending on the Android or iPhone version you're using.
Open the Microsoft Authenticator app.
Allow notifications (if prompted)
Select Add account from the Customize and control icon (the +) on the upper-right, and then select Work or school account.
Note
If this is the first time you're setting up the Microsoft Authenticator app, you might receive a prompt asking whether to allow the app to access your camera (iOS) or to allow the app to take pictures and record video (Android).
You should select Allow so the Authenticator app can access your camera to take a picture of the QR code in the next step.
If you don't allow the camera, you can still set up the Authenticator app, but you'll need to add the code information manually. For information about how to add the code manually, see Manually add an account to the app.
Return to the Set up your account page on your computer, and then select Next (Above).
The Scan the QR code page appears (below).
The Authenticator app should successfully add your work or school account without requiring any additional information from you.
If the QR code reader can't read the code, you can select Can't scan the QR image and manually enter the code and URL into the Microsoft Authenticator app. For more information about manually adding a code, see Manually add an account to the app.
Select Next (Above) on the Scan the QR code page on your computer.
A notification is sent to the Microsoft Authenticator app on your mobile device, to test your account. (below) You should receive a notification in your app.
Tap approve on your mobile device to continue.
After approving select Next. (above)
Note: Once you've setup the app on your mobile device you will also see a code that changes every 30 seconds. You don't need to use the code unless you change your default method to Authenticator app or hardware token - code (see Updating your security info)
or you choose Sign in another way
Phone Setup (Txt Message or Phone call)
Click I want to setup a different method and choose Phone
On the Phone set up page (Above), choose whether you want to receive a text message or a phone call, and then select Next.
If you select Text me a code make sure the phone number you're entering can accept text messages.
A text message is sent to your phone number.
If would prefer to get a phone call, the process is the same. However, you'll receive a phone call with instructions, instead of a text message.
Enter the code (Below) provided by the text message sent to your mobile device, and then select Next.
Review the success notification, and then select Next. (below)
Your security info is updated to use text messaging or a phone call to verify your identity when using MFA
It's recommended to add more than one method if you can. See Updating your security info on how to do this.
Logging in using Multi Factor Authentication
You'll be prompted to use MFA on any device accessing our Office 365 resources when off-campus. This includes OP laptops, home computers, mobile phones and tablets accessing your OP email, Onedrive & SharePoint documents, the CRM system, Teams, Planner, Onenote, Forms, Stream, PowerApps, PowerBI, Tasks, To Do, WhiteBoard and the Office online programs Word, Excel, etc.
Below are some examples of what you'll see when logging in with MFA or you can watch a short video here.
Authenticator App
Outlook & Teams for OP computers offsite or if you have installed the Office 365 applications on your home computer.
MFA on the Teams desktop app...
MFA on the Outlook desktop app...
Outlook might become disconnected and need you to re-enter your password.
Click on Need Password to login
When asked if you want to Use the account everywhere on your device
Click Yes if you're using an OP device otherwise select This app only
On some devices, particularly mobile phones, your email address may be pushed through to the login screen into the username field. If this happens for you, you'll need to change it to your username@op.ac.nz.
Updating your security info
To update your security information go to https://mysignins.microsoft.com/
Here you can add, change & remove methods, change your default method of MFA & update devices or phone numbers if you get a new phone or tablet.
Selecting Add Method will kick off the process outlined above for registration. Once you have additional methods added, you can change your Default sign in method.
Authentication app or hardware token - code uses the one time password that the authenticator app generates every 30 seconds.
Contact: ServiceDesk through case creation.
OP SIGN IN
GUEST