Microsoft Authenticator

There are four common forms of second factor authentication:

  • Phone SMS
  • Phone Voice Call
  • Hardware Security Token
  • Authenticator Applications

Using a hardware security token or an authenticator application, such as Microsoft Authenticator, provides the best security. As there are scenarios where a hardware security token cannot be used the most robust second factor to use is an authenticator application. Account security can be improved by removing phone methods after setting up a hardware security token or an authenticator application but be sure to always have at least two authentication methods available in case one of them does not work. For example, having two device, each having an authenticator application registered for use.

Setting Up Microsoft Authenticator

These instructions are particular to Microsoft’s Authenticator application but other applications, such as Google’s or YubiKey’s, may be used.

For this process to work you must already be able to sign in. Normally an account is provisioned with a phone number that can be used. If you are unable to login then you will need to contact the IT Help Desk (341-4357) for assistance or go by the Walk-In center in the library. Be prepared with your University ID card and a phone number to use as a bootstrap to get access to your account in order to add an authenticator application as a second factor method.

Step-by-Step Instructions

  1. Go to https://aka.ms/mfasetup.
  2. Sign in with your username@umsystem.edu, click Next.
  3. Put in your password and click Sign In.
  4. ‌This next screen will prompt you to download the Microsoft Authenticator app.
    *Go to either the Google Play Store for Android phones or the Apple Store for iPhones and download the Microsoft Authenticator app.
  5. When you have installed the app on your phone, go to the setup page on your computer and select the Next button.
  6. You will then be notified to set up your account.
  7. Select the Next button.
  8. On your phone, open the Microsoft Authenticator app.
  9. Select the Add Account button in the app.
  10. Select the Work or school account option.
  11. Then scan the QR code on your computer screen with your phone
  12. Fit the QR code on your computer screen into the QR scanning box on your phone as if you were taking a picture of it.
    • Some phones will ask you if you want to use your camera with this application, you want to select Allow so you can scan the QR code on the computer screen.
  13. The app will display your university username@mst.edu, select your username.
  14. On the website, select the Next button.
  15. The app will ask if you approve the login.
  16. Select Approve in the app.
  17. The website will sync with the app and display a Notification Approved screen.
  18. Select the Done button.

IMPORTANT: Before replacing a phone with an authenticator application installed verify that you have another means of logging in to your account. This could be another device with an authenticator application, a hardware token, or a phone number. The authenticator registration is tied to that device installation. If you lose or replace the device you lose that authentication method. Restoring from backup will require that the device be setup as a new device.