Multi-factor authentication (MFA)

Quick guide

In this onepager you can find a quick guide.
Below you can find a more detailed explanation.

Starting with MFA

Tip: The most simple and intuitive method to get started with MFA is the SMS code method. However, you are given the choice between multiple methods.
Are you familiar with the use of smartphone apps? Then you can preferably install and configure the Microsoft Authenticator app directly on your smartphone.

Follow these steps to activate MFA:

  1. Open a browser and surf to https://mysignins.microsoft.com/security-info.
  2. Enter your UGent e-mail address. You will be redirected to the login screen.
  3. Log in with your UGent password.
  4. Click on "Next".
  5. Click on " Add Method".
    Methode toevoegen
  6. Select the method you wish to use.
    • Authentication using the Microsoft Authenticator app on your smartphone
      The most user-friendly and safe method in daily use, but a bit more cumbersome to start with.
    • Verification using a SMS code or a phone call
      The easiest way to get started.
    • Authentication using any other authenticator app such as Google authenticator, LastPass, Authy, Aegis, etc.
      Please note: the helpdesk does not support these alternative apps.
    • Authentication using a Security key
      NB. This method is only used in exceptional situations.
    Add method
  7. Click on "Add"
Tip: After you have configured a first MFA method, you can also add other methods.
It is strongly recommended that you set up multiple multi-factor authentication methods so that you can still access your account in case you lose your device or don't have it at hand.
You can also receive an SMS code or telephone call on another mobile phone or landline, and register that way.

Method 1: Verification with the Microsoft Authenticator app

The Microsoft Authenticator app is supported by DICT and recommended for everyday use as it is the most user-friendly and secure method for MFA.

Follow these steps to set up authentication with the Microsoft Authenticator app:

  1. If you choose the Authenticator app method, you will see the screen below on your computer:
    Setup account
  2. Take your smartphone and go to the App Store (iOS), Google Play Store (Android) or Microsoft Store (Windows Phone) to download the Microsoft Authenticator app. to download.
  3. Download and install the Microsoft Authenticator-app.
    Tip: Do you have an iPhone? Make sure that the Microsoft Authenticator app is allowed to send you push messages, so that you can approve them. To do this, go to Settings > Notifications > select the Microsoft Authenticator app and enable "Allow Notifications".
  4. Installation succesfull? Click on "Next" on your computer screen.
  5. You will see a QR code on your computer screen. It looks like this:
    Scan QR
  6. Open the Microsoft Authenticator app on your smartphone and select "Scan QR Code".
    The app will request access to the camera to scan the QR code. Select "Allow".
  7. Point your camera at the QR code to scan it (as if you were taking a picture of it). Your UGent account will now be added to the Microsoft Authenticator app.
  8. Click "Next" on your computer screen.
  9. You will receive a test code on your smartphone. Tap "Approve".
  10. A confirmation will appear on your computer screen. Click on "Done".
    The Microsoft Authenticator app is now in your list of methods.
From the next day you will need the Microsoft Authenticator app to access Office 365 applications (OneDrive for Business, Teams, SharePoint Online,…).
On a trusted device, it will take 30 days before you will be asked to use MFA again.
Tip: Now you can also add other methods. We recommend setting up more than 1 method, so you can also log in if you don't have your smartphone with you.

Method 2: Verification with SMS code or phone call

This is a very simple method to get started with MFA.
Follow these steps to add a phone number:

  1. Click on "Add method".
    Add method
  2. Select "Phone" and click on "Add".
  3. Select "Belgium (+32)" and fill in your phone number.
    Note: Your (mobile) number will not be visible within the organization.
  4. Then choose between "Send me a code via SMS" or "Call".
    Add phone number for SMS

    Code via sms

    • If you choose "Send me a code via SMS", you will receive a 6 digit code.
      SMS sent
    • Enter the 6-digit code on the computer and click "Next".
      SMS verified
    • You will receive a confirmation. Click on "Done".

    Call

    • If you select "Call", you will receive a phone call at the phone number you entered. This can be a mobile or a landline number.
      Add phone number to call
    • You will be called by a Microsoft service with the automatic message: "Thank you for using Microsoft's authentication system. Press the hash to complete the verification".
    • Press the hash (#). A confirmation will appear on your computer.
      Phone number verified
    • Click on "Done".
    • Then you can change the Default Sign-in method by clicking "Change" and selecting the method (Phone-text for sms - Phone-call for call).

    Tip: Also add a second phone number as an alternative. This can be useful in the event of theft or loss of your mobile phone.
    You add an alternative number in exactly the same way as the first telephone number. (Add method > Phone > Enter phone number)

Method 3: Verify using another authenticator app

In addition to the Microsoft Authenticator app, you can also use another authenticator app such as Google Authenticator, LastPass, Authy, Aegis Authenticator, etc.

Note: DICT helpdesk does not support these alternative apps. So only use it if you are already familiar with it yourself.

If you choose this method, you must manually add an account in the authenticator app by entering an account name and secret key.
Detailed instructions for adding accounts can be found in the manual of the chosen app.

    Follow these steps to set up authentication with another authenticator app:

  1. Click on "Add method".
    Add method
  2. Select "Authenticator-app" and click on "Add".
  3. You will be asked to download the Microsoft Authenticator App. Click on "I want to use a different authenticator app".
    Setup account
  4. After you have downloaded and installed the app, click "Next".
  5. Add your UGent account to your authenticator app. This can be done in two ways:

    • From the smartphone on which you installed the authenticator app

      You can copy the account name and secret key by clicking on the documents icon (Copy details). Then paste it into your authenticator app.
      Copy secret key
      Then click on "Next".
    • Using another device (laptop, desktop, tablet, ..)

      This is the most user-friendly method. A QR code will be displayed that you can scan with your authenticator app.
      Scan QR
      If not already done, you will have to give the app access to the camera. After scanning, your UGent account will be added automatically.
      Then click on "Next".
  6. As a final step, you will be asked to enter the six digits code. You can find this code when you tap on your account in the authenticator app.
    Enter MFA code

Method 4: Authentication using a security key

In this fourth option, you use a security key (USB security key) to log in. This method is only used in exceptional situations.
Yubikey
    Follow these steps to set up Authentication with a Security Key:
  1. Click on "Add method".
    Add method
  2. Select "Security key" and click on "Add".
  3. Click on "Next" and register with MFA.
  4. Follow the manual of the Security key (go to yubico.com/start)
  5. You will have to choose a PIN code for your security key. Don't forget it.
  6. How to reset a security key if you lose the pin code, can also be found in the manual.
Note: This security key method cannot be used to set-up MFA. So if you want to start with MFA you will need a telephone number anyway. You can add this method afterwards.

Need Help?

Please first check whether you can find the answer to your question in the FAQ.
For other questions or problems, please contact the helpdesk.