Multi-factor authentication (MFA)

Quick guide

In this onepager you can find a quick guide.
Below you can find a more detailed explanation.

Starting with MFA

Tip: Set up SMS code or phone call verification as the first method. It is a simple and intuitive method to get started with MFA. That way you can still login when your preferred method is not available, for example after a factory reset or when transferring your apps and data to a new device.

Follow these steps to activate MFA:

  1. Open a browser and surf to https://mysignins.microsoft.com/security-info.
  2. Enter your UGent e-mail address. You will be redirected to the login screen.
  3. Log in with your UGent password.
  4. Click on "Next".
  5. Click on " Add Method".
    Methode toevoegen
  6. Select the method you wish to use.
    • Verification using a SMS code or a phone call
      Start with this method.
    • Authentication using the Microsoft Authenticator app on your smartphone
      The most user-friendly and safe method in daily use, but a bit more cumbersome to start with.
    • Authentication using any other authenticator app such as Google authenticator, LastPass, Authy, Aegis, etc.
      Please note: the helpdesk does not support these alternative apps.
    • Authentication using a Security key
      NB. This method is only used in exceptional situations.
    Add method
  7. Click on "Add"
Tip:
It is strongly recommended that you set up multiple multi-factor authentication methods. This way you can still access your account, even in the event of loss or when you do not have your device at hand.

Method 1: Verification with SMS code or phone call

This is a very simple method to get started with MFA.
Follow these steps to add a phone number:

  1. Click on "Add method".
    Add method
  2. Select "Phone" and click on "Add".
  3. Select "Belgium (+32)" and fill in your phone number.
    Note: Your (mobile) number will not be visible within the organization.
  4. Then choose between "Send me a code via SMS" or "Call".
    Add phone number for SMS

    Code via sms

    • If you choose "Send me a code via SMS", you will receive a 6 digit code.
      SMS sent
    • Enter the 6-digit code on the computer and click "Next".
      SMS verified
    • You will receive a confirmation. Click on "Done".

    Call

    • If you select "Call", you will receive a phone call at the phone number you entered. This can be a mobile or a landline number.
      Add phone number to call
    • You will be called by a Microsoft service with the automatic message: "Thank you for using Microsoft's authentication system. Press the hash to complete the verification".
    • Press the hash (#). A confirmation will appear on your computer.
      Phone number verified
    • Click on "Done".
    • Then you can change the Default Sign-in method by clicking "Change" and selecting the method (Phone-text for sms - Phone-call for call).

    Tip: Also add a second phone number as an alternative. This can be useful in the event of theft or loss of your mobile phone.
    You add an alternative number in exactly the same way as the first telephone number. (Add method > Phone > Enter phone number)
    Note: This method becomes unusable if you change your phone number or, temporarily, if your device is lost.

Method 2: Verification with the Microsoft Authenticator app

The Microsoft Authenticator app is supported by DICT and recommended for everyday use as it is the most user-friendly and secure method for MFA.

Follow these steps to set up authentication with the Microsoft Authenticator app:

  1. If you choose the Authenticator app method, you will see the screen below on your computer:
    Setup account
  2. Take your smartphone and go to the App Store (iOS), Google Play Store (Android) or Microsoft Store (Windows Phone) to download the Microsoft Authenticator app. to download.
  3. Download and install the Microsoft Authenticator-app.
    Tip: Do you have an iPhone? Make sure that the Microsoft Authenticator app is allowed to send you push messages, so that you can approve them. To do this, go to Settings > Notifications > select the Microsoft Authenticator app and enable "Allow Notifications".
  4. Installation succesfull? Click on "Next" on your computer screen.
  5. You will see a QR code on your computer screen. It looks like this:
    Scan QR
  6. Open the Microsoft Authenticator app on your smartphone and select "Scan QR Code".
    The app will request access to the camera to scan the QR code. Select "Allow".
  7. Point your camera at the QR code to scan it (as if you were taking a picture of it). Your UGent account will now be added to the Microsoft Authenticator app.
  8. Click "Next" on your computer screen.
  9. You will receive a test code on your smartphone. Tap "Approve".
  10. A confirmation will appear on your computer screen. Click on "Done".
    The Microsoft Authenticator app is now in your list of methods.
From the next day you will need the Microsoft Authenticator app to access Office 365 applications (OneDrive for Business, Teams, SharePoint Online,…).
On a trusted device, it will take 30 days before you will be asked to use MFA again.
Tip: Now you can also add other methods. We recommend setting up more than 1 method, so you can also log in if you don't have your smartphone with you.
Note: This method becomes unusable if you delete the Microsoft Authenticator app, after a factory reset, or when transferring apps and data to a new device.

Method 3: Verify using another authenticator app

In addition to the Microsoft Authenticator app, you can also use another authenticator app such as Google Authenticator, LastPass, Authy, Aegis Authenticator, etc.

Note: DICT helpdesk does not support these alternative apps. So only use it if you are already familiar with it yourself.

If you choose this method, you must manually add an account in the authenticator app by entering an account name and secret key.
Detailed instructions for adding accounts can be found in the manual of the chosen app.

    Follow these steps to set up authentication with another authenticator app:

  1. Click on "Add method".
    Add method
  2. Select "Authenticator-app" and click on "Add".
  3. You will be asked to download the Microsoft Authenticator App. Click on "I want to use a different authenticator app".
    Setup account
  4. After you have downloaded and installed the app, click "Next".
  5. Add your UGent account to your authenticator app. This can be done in two ways:

    • From the smartphone on which you installed the authenticator app

      You can copy the account name and secret key by clicking on the documents icon (Copy details). Then paste it into your authenticator app.
      Copy secret key
      Then click on "Next".
    • Using another device (laptop, desktop, tablet, ..)

      This is the most user-friendly method. A QR code will be displayed that you can scan with your authenticator app.
      Scan QR
      If not already done, you will have to give the app access to the camera. After scanning, your UGent account will be added automatically.
      Then click on "Next".
  6. As a final step, you will be asked to enter the six digits code. You can find this code when you tap on your account in the authenticator app.
    Enter MFA code

Method 4: Authentication using a security key

In this fourth option, you use a security key (USB security key) to log in. This method is only used in exceptional situations.
Yubikey
    Follow these steps to set up Authentication with a Security Key:
  1. Click on "Add method".
    Add method
  2. Select "Security key" and click on "Add".
  3. Click on "Next" and register with MFA.
  4. Follow the manual of the Security key (go to yubico.com/start)
  5. You will have to choose a PIN code for your security key. Don't forget it.
  6. How to reset a security key if you lose the pin code, can also be found in the manual.
Note: This security key method cannot be used to set-up MFA. So if you want to start with MFA you will need a telephone number anyway. You can add this method afterwards.

If desired, you can purchase a security key yourself.

We recommend the YubiKey 5 NFC .

Note: Make sure to purchase a security key that supports the FIDO2 protocol .

Need Help?

Please first check whether you can find the answer to your question in the FAQ.
For other questions or problems, please contact the helpdesk.