Multi Factor Authentication

Whether it’s a fingerprint reader on your smartphone, or a code generator provided by your bank, most of us are familiar with multifactor authentication (MFA) in some form. MFA, also sometimes known as 2-factor authentication (2FA) or 2-step verification (2SV) is designed to address the weakness of traditional username and password authentication, by combining something you know, like a PIN or password, with a second identifying factor. This could be something you have, such as a smartphone or code generator, or something you are, otherwise known as biometrics. This helps to prevent an attacker who has managed to gain possession of your password from accessing your accounts.

It is increasingly clear that use of username and password alone is not sufficient to secure our digital assets. Cybercriminals have developed numerous techniques to discover passwords, including social engineering, brute force attacks, key logging malware and many more. Abuse of stolen credentials is a common ingredient of many cyber-attacks, including the devastating ransomware attacks that have affected several UK universities in recent months.

LJMU has therefore decided to implement MFA for all remote access to critical systems. This will include:

  • VPN access
  • Student Information System (SIS)
  • Staff InfoBase
  • CRM
  • WebHub
  • Office 365, including email, OneDrive and Teams

We encourage you to register in advance so you are not impacted when this change is implemented. To register for MFA, follow these instructions:

  1. Go to https://mysignins.microsoft.com/security-info, enter username@ljmu.ac.uk and click Next.
  2. If you are on a managed LJMU PC, you will not need to enter a password. On an unmanaged device, enter your password when prompted.
  3. If you have not yet registered for MFA, you will see the following prompt. Click ‘Next’
  4. You will be taken to the Additional security verification web page. Choose your preferred verification option from the three available. Note that we strongly recommend using the Mobile App option as the most secure and easiest to use.

Click one of the following options for further instructions on configuring MFA:

Faq Items

Mobile app – to be prompted via smartphone app (recommended)

Choose ‘Mobile app’ to receive authentication prompts on an app on your smartphone.

  • If you choose ‘Receive notifications for verification’, you will receive a prompt on your phone whenever you log into an LJMU system with MFA enabled. Click ‘Approve’ to finish logging in.
  • If you choose ‘Use verification code’, you will be prompted for a 6 digit code whenever you log into an LJMU system with MFA enabled. Enter the code from your authenticator app to finish logging in.

Click ‘Set up’ to install and configure the Microsoft Authenticator app on your smartphone. Follow the instructions and click ‘Next’.

Authentication phone – to be prompted via SMS text message or voice call to a mobile phone

Choose ‘Authentication phone’ if you wish to receive a prompt via SMS or voice call to your mobile. Enter the region and phone number, then choose whether to receive a text or phone call.

If you chose ‘Send me a code by text message’

You will see a prompt in your browser whenever you log into an LJMU system with MFA enabled.

Wait for the SMS text to arrive (this is usually instantaneous). Enter the 6 digit code and click ‘Verify’.

If you chose ‘Call me’

You will receive a phone call to your mobile whenever you log in to an LJMU system with MFA enabled. 

Due to regional variations, the voice prompt may ask you to press the pound key or hash key to finish logging in.  In either case, press the # symbol on your phone keypad.

Office phone – to be prompted via voice call to a landline telephone

Choose ‘Office phone’ if you wish to receive a prompt via voice call to a landline. Enter your region and phone number. When you attempts to log into an LJMU system with MFA enabled, you will receive a phone call to your designated number. Due to regional variations, the voice prompt may ask you to press the pound key or hash key to finish logging in.  In either case, press the # symbol on your phone keypad.

Please note that we do not recommend using this option, due to its inflexibility.

Frequently asked questions

Frequently asked questions

Can I use a different authenticator app?

No, currently only the Microsoft Authenticator app is supported.

What if I lose my phone?

If your phone is lost, damaged or out of battery, you can ring the ITS helpdesk on x5555. On proof of identity, we can provide a temporary MFA bypass for you.

What if I buy a new phone?

Go back to https://mysignins.microsoft.com/security-info and log in. You will see a ‘Delete’ button that allows you to remove your current Authenticator app. Click this and wait for the process to complete. Then click ‘Set up Authenticator app’ on your new phone and follow the instructions.

What if I change my mobile number?

Go back to https://mysignins.microsoft.com/security-info and log in. Change the phone number of your registered Authentication phone.

What if I want to change my authentication method

You can go back to https://aka.ms/mfasetup at any time to change your MFA preferences.