Multifactor Authentication (MFA)

Authentication methods

The authentification methods listed here are in the order in which they are recommended to be used. We recommend you to adapt multiple different authentification methods using two different devices so that you have alternative ways to authenticate your sign-in in case one of the other methods is not available (i.e. your mobile phone is lost or broken) . You can add multiple methods of authentification as backup and choose an alternative method while you sign in in case you do not have access to your primary authentification method. Phone authentification should only be used as a backup method.

The longest login interval for personal devices is 30 days, but some user groups have shorter times, such as the staff: five (5) days. On a risk basis, you may be asked to log in more frequently.

Passkey in Microsoft Authenticator. The recommended primary method for verification if your mobile device supports the method (i.e. passkey).
- Read more on registering passkeys in Microsoft Authenticator in Microsoft's own instructions.
Microsoft Authenticator application. Recommended as another primary method. You authenticate signing in by entering a number code in your browser to the application.
- Read more on registering Microsoft Authenticator application as a method of verification in Microsoft's own instructions.
Security key, FIDO2-keys USB/NCF -keys that use a certificate-based method combined with a PIN-code.
- Read more on registering a security key as a verification method in Microsoft´s own instructions.
Hardware token, other Authenticator -applications or devices that create TOTP codes. These devices create a number-based code which resets every 30 seconds and can be used to sign in. They also function in devices without a network connection.
Phone call. This should never be your primary verification method and should only be used as an alternative method. An automated telephone call to the number assigned while setting up MFA which gives the user instructions on how to authenticate. By pressing the #-key, the recipient accepts the log in.
- Read more on setting up a phone call as your verification method in Microsoft's own instructions.

Deployment

Resetting the authentication methods

If the MFA authentication fails for some reason, you can reset the authentication methods.

For more detailed instructions on resetting MFA authentication methods, see.

Do you suspect that someone is misusing your username?

At https://mysignins.microsoft.com/, you can check where, how and when your username is used to sign in to the Microsoft 365 services.

If you see an authentication or attempted authentication on the list that you did not make, please contact IT Helpdesk.

Breakage or loss of phone

If your phone breaks or is lost, you can try adding a new device on, for example, your work computer at: https://mysignins.microsoft.com/security-info.

If you cannot add a new device, you must reset your MFA using your bank credentials at: https://mfa.it.helsinki.fi/

For security reasons, we recommend adding MFA authentication to two separate devices.

Additional authentication when logging in

Due to changes to multi-factor authentication (MFA), you may receive an additional message Stay signed in?, when logging in.

You can check the box Don’t show this again and reply Yes.

Problems?

Did the deployment fail?
You can find solutions to the most common problems from the FAQ.
If you cannot find a solution to your problem here, please contact Helpdesk.

Did phone authentication fail?

Phone authentication allows five unsuccessful attempts within an hour, after which the authentication method is locked for 24 hours. The only way to log in during this time is to use other authentication methods, such as the Authenticator application.

You can find solutions to the most common problems here.

More detailed instructions

Please also read the following more detailed instructions:

Keywords

MFA

Give feedback

The instructions site of the University of Helsinki's IT Helpdesk helps you with IT-related issues related to your work. Let us know how we can improve our instructions. We greatly appreciate your feedback!

How would you improve these instructions?