Go to main content Go to search
Page updated 17.12.2021

Multi-factor authentication for the staff

Multi-factor authentication for staff will be switched on at the beginning of 2022. This will happen automatically after a pre-defined period. For the time being, student usernames will not be subject to multi-factor authentication.

What is multi-factor authentication or MFA?

Multi-factor authentication (MFA) refers to the additional authentication that is done by phone when you log in to online services. In addition to the username and password, another authentication method is a code sent to the mobile phone via SMS or a separate authentication application.

Why is MFA needed?

Multi-factor authentication enables Turku University of Applied Sciences to better secure user accounts and at the same time significantly strengthen the security of the higher education institution. MFA protects you and the reputation of the higher education institution and reduces data breaches. Even if criminals gain access to your username and password, when a criminal logs into your account, MFA will ask for approval. With MFA authentication in place, it is virtually impossible for a criminal to access your account without having access to your phone.

Services covered by the MFA after deployment

Multi-factor authentication will be connected to Turku University of Applied Sciences' Microsoft 365 cloud service. After the deployment deadline, you will not be able to log in to the services of Turku University of Applied Sciences using your email address as username without additional authentication. These include email and Teams. Not all mobile email applications support two-factor authentication. We recommend using the Outlook application to manage your email and calendar at Turku University of Applied Sciences.

Act now and get MFA!
 

How do I set up the MFA?

You will need a personal mobile phone to receive SMS messages and use the authentication app. Step 1 is done on the phone and steps 2 and 3 on the computer.

Phase 1: Install the Microsoft Authenticator app on your phone

  1. Download and install the Microsoft Authenticator app on your phone from the app store.
  2. Open the Microsoft Authenticator app after downloading.
  3. The first time you log in, allow the collection of anonymised data when prompted to do so.
  4. If prompted, select Allow to allow notifications.
  5. If you see a Skip button in the top right corner of the app, select it.
  6. Select Add a new account, Work or school account
  7. Select Scan QR code. 
  8. Allow the authenticator app access to your camera to take a picture of the QR code in the next phase. 
  9. The app waits for a QR code to add your Turku UAS account to the Microsoft Authenticator app on your phone.
  10. Put your phone aside for a moment and go to phase 2. 

NOTE! If the authentication application indicates that it is locked and asks you to enter the lock code, then use the same code that you use to unlock your phone screen/display.

Phase 2: Add your Turku UAS account to the Microsoft Authenticator app

  1. With your computer go to the web address  https://aka.ms/mfasetup
  2. Log in with your Turku UAS email address and password.
  3. When your web browser asks whether the login will be saved, you can select No.
  4. The browser displays a notification about the definition of additional details, select Next.
  5. The browser displays information about the use of the Microsoft Authenticator app. 
  6. Click Next, and a QR code appears on screen.  
  7. Take your phone and scan the provided QR code with the QR code reader of the Microsoft Authenticator app.  If the authenticator application asks for a lock code, this is the lock code of the phone display.
  8. After the Microsoft Authenticator app has scanned the QR code, click Next on the browser window. 
  9. The app will send a notification to your phone as a test which you shall Approve.
  10. In your browser window, click Next. 
  11. Then click Done. 
  12. Your Turku UAS account has now been added to the Microsoft Authenticator app on your phone. 
  13. Next, enable SMS authentication as a secondary authentication method. Leave the Security info page open in your browser and go to phase 3.

Phase 3: Set up SMS-based authentication method

  1. In your computer's browser, open https://aka.ms/mfasetup if you have already closed the browser.
  2. Log in with your Turku UAS email address and password.
  3. If you have a smartphone and have already installed Authenticator, click + Add method -button on Security info -page and skip to step 5.
  4. If you do not have a smartphone and have not been able to install Authenticator, click the I want to set up a different method -link at the bottom of that box.
  5. In the drop-down menu, select Phone and click Confirm.
  6. In the drop-down menu, select country code and type the rest of your phone number in the provided field.
  7. Click Next.
  8. You will receive an SMS on your phone containing a numeric code of 6-digits. Enter this code in the field displayed in your web browser.
  9. In your browser, click Done.
  10. Your Turku UAS account has now been connected to your phone number.


Two different authentication methods (Microsoft Authenticator mobile app and SMS authentication as a fallback) allow for multi-factor sign-in in case the primary authentication method is not available for some reason or the phone changes.

Multi-step authentication is required every 90 days, after a password change and when you sign in with new devices, so authentication does not unnecessarily burden your login to the services

Need help?

In case of problems, please contact the Service Desk (staff phone 040 355 0100) or visit the EduCity IT Service Desk.

Here's what to do if the deployment deadline has already passed

If you have not activated your MFA before the deadline, you will receive a message like the one shown below when you log in. In this case, please follow steps 1–3 of the instructions.

Microsoft notice

Here's what to do when you change your mobile phone for a new device

If you change your phone, you can get multi-factor authentication installed on your new phone as follows.

  1.  Download and install the Microsoft Authenticator app (published by Microsoft Corporation) on your phone from the app store.
  2. With computer go to the web address  https://aka.ms/mfasetup
  3. Log in with your Turku UAS email address and password.
  4. If you no longer have the old Authenticator app, select “I can't use my Microsoft Authenticator app right now” to use SMS authentication.
  5. On the Security info page, click on the + Add method button
  6. Select the Authenticator app from the drop-down menu and click Add.
  7. The browser will now show you how to use the Microsoft Authenticator application.
  8. In the browser, click on the Next button to move forward to the point where the QR code appears.
  9. Now take your phone and use the QR code reader open in the Microsoft Authenticator app on your phone to read the QR code in your computer's browser. If your phone's authenticator app is locked, unlock the app with your phone's screen lock code.
  10. Once the QR code has been read by the Microsoft Authenticator phone app, you can click the Next button in your computer's browser.
  11. You will receive a request to Approve the test authentication on your phone.
  12. Click the Next button in your computer browser to move forward.
  13. Click the Done button in your browser.
  14. Next, delete the old phone from the authentication service by clicking on the delete button. Please do not delete the old phone from the authentication service until SMS alerting is enabled.

Here's what to do if your phone number changes

  1. Log on to https://aka.ms/mfasetup
  2. Delete your old phone number from the list by selecting "Delete"
  3. Add a new phone number by selecting "Add method" > "Phone"

Here's what to do if the email application on your phone stops working, do the following

When multi-factor authentication is introduced, old incompatible applications (e.g., email application) will no longer be able to connect to Turku UAS’ services. Use Microsoft Outlook (published by Microsoft Corporation), downloaded from the App Store, as the email application on your phone. In addition, authentication works with the newer email apps for Android and iOS.