Multi-factor authentication (MFA)

Multi-factor authentication (MFA) is a way to make your UGent account extra secure. When logging into a UGent web application, you then first enter your username and password followed by a second login verification via text message, automated phone call, prompt in a mobile app, ...

Add MFA methods

Go to https://mysignins.microsoft.com/security-info.
Log in with your UGent account.
Select "+ Add sign-in method".
We recommend setting up multiple MFA methods to avoid getting locked out.

Method 1: SMS code

This is a very simple method to start with MFA. You will then receive an SMS on the cell phone number you entered.

Select "+ Add sign-in method".
Select "Phone".
Select "Belgium (+32)" and enter your cell phone number.
Choose "Text me a code".
Select "Next".
Enter the 6-digit code (which you have received by now in an SMS to your phone number).
Select "Done".

Method 2: Calling

This is a very simple method of getting started with MFA. You will receive a call at the phone number you entered.

Tip: Also include a second phone number. This can come in handy if your cell phone is stolen or lost, or if you change phone numbers.

Select "+ Add sign-in method".
Select "Phone".
Select "Belgium (+32)" and enter your mobile or landline number.
Choose "Call me".
Select "Next". You will now receive an automated phone call from a Microsoft service with the automated message: "Thank you for using Microsoft's authentication system. Press the hash to complete the verification".
Press the hash (#) on your phone.
Select "Done".

Method 3: Microsoft Authenticator app

The Microsoft Authenticator app is supported and recommended by ICT for daily use, as it is a user-friendly and secure method for MFA.

Please make sure that the Microsoft Authenticator app is allowed to send push notifications (to do this, on an iPhone, go to Settings > Notifications > select the Microsoft Authenticator app and enable “Allow Notifications”).

Note: This method becomes unusable if you delete the Microsoft Authenticator app, if you reset your smartphone to factory settings, or if you transfer your apps and data to a new smartphone.

Select "+ Add sign-in method".
Select "Microsoft Authenticator".
Select "Download now" and install the mobile app on your smartphone.
Click “Next” on the computer screen when the installation is successful. A QR code will now appear on the screen.
Open the Microsoft Authenticator app on the smartphone and choose “Scan a QR code.” If you can't use your camera to scan a QR Code, click Can't scan the image on your PC and tap Enter code manually on your mobile.
Scan the on-screen QR code from the Microsoft Authenticator app on your smartphone to add your UGent account to this Microsoft Authenticator app.
Select "Next" on the computer screen.
Select "Approve" on the smartphone after you receive a test code in the app.
Select "Done" on the computer screen.

Method 4: Passkey in Microsoft Authenticator app

In the Microsoft Authenticator app (Android or iOS), you can also create a passkey . Then you can also log in using your face, fingerprint or PIN on your smartphone.

Method 5: Other authenticator app

In addition to the Microsoft Authenticator app, you can also use other authenticator apps such as Google Authenticator, LastPass, Aegis Authenticator, ...

If you choose this method, you have to manually add an account in the authenticator app by entering an account name and secret key. So use these alternative apps only if you are already familiar with them yourself because the ICT help desk does not provide support for these apps.

Select "+ Add sign-in method".
Select "Microsoft Authenticator".
Select "I want to use a different authenticator app".
Download and install an authenticator app on your smartphone.
Select "Next" on the computer screen. A QR code will now appear on the screen.
Scan the on-screen QR code from the authenticator app on your smartphone to add your UGent account to this authenticator app.
Select "Next" on the computer screen.
Tap your account in the authenticator app.
Enter the 6-digit code displayed in the authenticator app on the computer screen.
Select "Next" on the computer screen.

Method 6: Security key

This is a very secure method, but it does require the purchase of a security key that supports the FIDO2 protocol such as a YubiKey 5 NFC).

You cannot use this method to get started with MFA. For this, you need a phone number. After that, however, you can add a security key as an MFA method.

Select "+ Add sign-in method".
Select "Security key".
Select "Next" on the computer screen.
Log on with MFA.
Follow the security key manual (bv. www.yubico.com/start).

Method 7: Alternative e-mail address

A private email address refers to a personal account that you create yourself with Microsoft (Outlook) or Google (Gmail), among others. Do not use an e-mail address that is linked to an account with another employer or educational institution. After all, such an account expires at the end of your employment or studies.

This method can only be used to reset your password. It is not possible to use this method for MFA.

Select "+ Add sign-in method".
Select "E-mail".
Enter your private email address and select "Next."
Enter the verification code (which you have received by now at this email address).
Select "Next".

Reset MFA

If your set multi-factor authentication methods are no longer available (e.g. after restoring your smartphone to factory settings, transferring your apps and data to a new smartphone, when changing phone number, ...) you can reset these methods via https://accountreset.ugent.be/en.

Tip: Always use an incognito window to reset your MFA.

Frequently asked questions (FAQ)

Read the FAQ about MFA.