IT Helpdesk
Menu

MFA – Multifactor Authentication with Microsoft Authenticator

 This change does not apply to you if you use a phone call or a one-time login code as your primary authentication method for the University’s Microsoft services.

Multifactor Authentication improves information security by making scam attempts more difficult for cybercriminals. You can choose authentication requests to be asked every 90 days per device to avoid receiving the requests continuously.

When using the Microsoft Authenticator application (push message) for authentication, you must now enter the number displayed in the login window into the smartphone application instead of pressing the accept button as was previously the case.

Read more about the change in the news article on Flamma.

  • Enable the identification method at https://mysignins.microsoft.com/security-info. You can enable the authentication method for more than one phone. 
  • When you use a new device and your University credentials to log in to a University service that uses MFA (e.g. OWA email on your browser, Outlook email on your phone or tablet), you will receive an authentication request. The same message is sent every 90 days. 
     
  • Open the Microsoft Authenticator application on your smartphone.
     
  • Enter the number displayed on the smartphone screen in the app and select Yes
     
  • If you are not logging in to any service and you receive a login request from the Microsoft Authenticator app, first check the devices you have previously logged in to. It may have been 90 days since some of the applications were last authenticated. 
    If you cannot find a device that is waiting for authentication, select No, it’s not me. This sends a notification in the system. 

See the Detailed help tab for illustrated instructions

Table of contents

How to install the Microsoft Authenticator app

Install Microsoft Authenticator from your phone’s App Store / Play.

Make sure you download the right application. You can recognise it by the name 'Microsoft Authenticator'. 

Enable the identification method at https://mysignins.microsoft.com/security-info. Authenticate yourself with your Microsoft 365 username, which is in the format username@ad.helsinki.fi (e.g. Raimo Keski-Vääntö’s username is rkeskiva@ad.helsinki.fi). You can enable the authentication method for more than one phone. 

Further details are available in the instructions for managing the MFA authentication service

How to use Microsoft Authenticator for authentication

When you use a new device and your University credentials to log in to a service that uses MFA  (e.g. OWA email on your browser, Outlook email on your phone or tablet), you will receive an authentication request.

 

Open the Microsoft Authenticator application on your smartphone.

You may receive a notification on your phone about a pending approval request: Approve sign-in?  You can also click on the notification to open the application.

The image shows the notification on both an Android phone and an iPhone:

 

You can choose to receive the request every 90 days in the application. Check the box next to Don’t ask again for 90 days. Enter the numbers displayed on the smartphone screen in the app and click on Yes to authenticate. 

When you have entered the correct number in the device, you can open the application that is waiting for authentication. 

I am not trying to log in, but I still receive notifications from the Authenticator app

If you are not trying to log in to any service and you receive a login request from the Microsoft Authenticator app, take the following steps:

  • Check the applications you are logged in to with your University ID on all your devices (mobile devices, laptops) . It may have been more than 90 days since your latest authentication for an application, which is now requesting a new authentication.

Please note that you do not have to complete the authentication, you can also close the Microsoft Authenticator app without replying. 

If you checked the applications on your devices but could not find a device or an application that is waiting for authentication, select No, it’s not me. This sends a notification in the system. This notification alone does not cause any action, but if you suspect that you have become a victim of phishing, please contact IT Helpdesk immediately. 

Microsoft Authenticator does not work

I have an old work phone that does not support the latest version of the Microsoft Authenticator app. What should I do?
If you have an old work phone with an operating system that is no longer supported (older than Android 8 or iOS 14), and you are unable to install the latest version of the Microsoft Authenticator app from your app store, make a purchase request for a new work phone, following the phone purchase instructions (Flamma) . 

We recommend buying a new phone, but you can also use other authentication methods to avoid replacing your phone.
 

Give feedback

The instructions site of the University of Helsinki's IT Helpdesk helps you with IT-related issues related to your work. Let us know how we can improve our instructions. We greatly appreciate your feedback!

How would you improve these instructions?

Related instructions

Multifactor Authentication (MFA) – Frequently asked questions
How to take Multifactor Authentication into use
Multi-factor Authentication (MFA) in e-mail applications
Deployment and safe use of mobile devices
Data security software
Back to top