Multi Factor Authentication (MFA) is enabled on all Trust Microsoft 365 accounts. You will need to authenticate with your password AND personal mobile phone to log into your Office 365 account (including emails) when outside of the Trust networks. In essence, an app installed on your mobile phone provides a code required when signing in, similar to PayPal, bank systems, and other financial services.
Set Up Multi-Factor Authentication
It is always recommended that your mobile phone is used as your primary method of Multi Factor authentication (MFA).
If you DO have access to an app-enabled smart mobile phone (e.g. Android or Apple), please follow the instructions for “Set up Multi Factor Authentication with Authenticator App”
If you DO NOT have access to a smart phone, please contact your Business Manager and request a hardware security key is purchased (e.g. YubiKey).
Please note Microsoft has removed the ability to receive an MFA code via text message.
Additional Information
You will only have to re-authenticate via MFA when logging into Office 365, Outlook emails on the web, or Outlook via an installed app when your device is not connected to Trust WiFi connection. If your device is connected to any of the Trust WiFi networks (Trust-WiFi, Staff-BYOD, Tila-Devices) or your desktop PC is wired into the network, you won’t need to re-authenticate with MFA. You will need to re-authenticate with MFA on any other device (such as a phone on mobile data, or a laptop on home WiFi) every 90 days. There is no way to bypass the MFA check if it prompts you for it.
Set up Multi Factor Authentication with Authenticator App
To set up Multi Factor Authentication for your Office 365 account:
- If required, please install the Microsoft Authenticator app from your supported AppStore on your mobile phone. Below are direct links for the various supported platforms:
Android: https://go.microsoft.com/fwlink/p/?LinkId=722778
iOS: https://go.microsoft.com/fwlink/p/?LinkId=722779
You may use an existing Authenticator app if you already have one installed on your device (e.g. Google Authenticator).
- Open your web browser on your PC/laptop/surface and go to https://aka.ms/MFASetup Click “Sign In”
Enter your Trust email address and click “Next”
Initial username screen Please enter your usual network login password and click ‘Sign In’:
Password screen You will be redirected to the following page. Click Next
More information required You will now see the Additional security verification/Multi Factor authentication setup page. Click “Next” if you have downloaded the Microsoft Authenticator app, or “I want to use a different authenticator app” if you have a different app.
Start by getting the app Open the Authenticator app on your phone, and click next on the PC screen.
Set up account on mobile phone Open the Authenticator app, tap “Add work or school account” then “Scan a QR code” (do not choose “Sign In”). Use the camera to scan the QR code on your screen. Once done, choose “Next” on the PC.
Scan QR code to set up - When logging onto Office.com or other Microsoft 365 apps when outside the Trust network, you may be required to enter a code from your app. The login box will ask for “additional information” and present a two digit code on screen. The authenticator app on your phone will open and ask for these two digits to be entered. Once entered, you will log in.
What is Multi-Factor Authentication?
Multi-Factor Authentication (otherwise known as MFA, 2FA or “two-step verification”) is a security feature included with Office 365 that protects your Office 365 account. MFA effectively makes it far more difficult for hackers to access your account, thus providing a further layer of protection for your data. MFA differs from using only a traditional username and password in that it also requires confirmation of the device that you are accessing your account from.
The two methods that are commonly used to prove your identity are your username and password along with a unique item that you have (e.g mobile phone). When logging in with MFA, you must supply your username/password AND additionally prove that you are in possession of a trusted device (e.g. your mobile phone).
Due to the ongoing threat of internet-based data breaches, it is a requirement at TiLA that MFA is enabled when accessing Office 365 enabled applications outside of the confines of the internal network to protect Staff and Student Office 365 linked user accounts. This means that you will be required to set up MFA if you are accessing Office 365 applications and your Office 365 mailbox from outside the Trust network.