Frequently asked questions (FAQ) about MFA
(!) In the event of theft immediately notify the helpdesk . We urge you to report any incident.
- If you have previously set up a different authentication method (eg via a second phone number or a security key) then use this method.
- Have you only set up 1 method and cannot log in now? Set up a new MFA method on mfareset.ugent.be.
Have you lost or no longer use a device? Then remove it from your list of authentication devices.
- Open a browser and surf to https://myaccount.microsoft.com/device-list
- Select the device you want to remove and click on "Disable device".
- Confirm your choice. Click on "Disabel Device"
- The device will remain in the list, but you can no longer use it for MFA. You also cannot turn it back on yourself.
Did you find your device? Contact the helpdesk to enable it again.
Tip: If you lose a device, it is better to sign out from all your devices. Surf to https://mysignins.microsoft.com/security-info and click "Sign Out Everywhere" at the bottom of the page.
Created: 28 June 2022
Last updated: 18 September 2023 13:08:48
Multifactor-authentication (MFA) is a way to provide extra security for your UGent account.
In concrete terms, MFA means that you not only enter your username and password when logging in, but also use one or more other factors to identify yourself.
So with MFA you use a combination of:
- something only you know (e.g. your pin code or password)
- something you have (e.g. your laptop, your smartphone with authenticator app or security key)
- or something you are (eg: biometric properties such as a fingerprint or facial scan)
When that happens, that person can access all of our data and applications. Of course we want to avoid that.
Do you want to know more? Watch the video ‘Passwords are outdated’(Dutch only) and learn more about two-step verification at Safeonweb.be(Dutch only).
Created: 25 August 2022
Last updated: 6 December 2022 11:06:27
There are several reasons why signing in with the Microsoft Authenticator app fails:
- You have failed to respond on time to the notification on your smartphone.
Then you will see the following message on your computer:
Click on "Send a new request to my Microsoft Authenticator app" and try again. - iPhone user: You have not enabled push notifications on your iPhone. To do this, go to Settings > Notifications > select the Microsoft Authenticator app and enable "Allow Notifications".
- You have not given the app permission to use the camera to scan the QR code. Go to Settings > Microsoft Authenticator > Allow Authenticator to access > check Camera.
Created: 25 August 2022
Last updated: 18 September 2023 11:20:08
Yes. There are alternative verification methods that don't require a smartphone.
- Verification using a SMS code or phone call
- Authentication using a security key
NB. In exceptional cases where an employee cannot use a smartphone, mobile phone or landline, DICT can make a security key available to the employee after a motivated request (via e-mail to the DICT helpdesk, with a copy to the hierarchical responsible).
Created: 25 August 2022
Last updated: 18 September 2023 11:21:44
- If you have previously set a different authentication method (e.g. via a second phone number or a security key) then use this method.
- If you have only set 1 method, you will not be able to log in, which is why it is always important to use a second method (eg your workspace landline)
- We regret that the Helpdesk will not be able to help you with this, you will have to get your authentication device.
Created: 25 August 2022
Last updated: 18 September 2023 11:22:45
If the battery is empty, you will not be able to receive an SMS code or telephone call on that number.
- If you have previously set a different authentication method (e.g. via a second phone number or a security key) then use this method.
- If you have only set 1 method, you will not be able to log in, which is why it is always important to use a second method (eg your workspace landline)
- We regret that the Helpdesk will not be able to help you with this, you can always ask your colleagues to borrow their charger.
Created: 25 August 2022
Last updated: 18 September 2023 13:09:29
-
If you are using the Microsoft authenticator app
Yes, you must add the new device to your settings.
- Open a browser and surf to https://mysignins.microsoft.com/security-info.
- Log in with your UGent credentials.
- Search the list of methods for the phone number you set.
- Click on ‘Change’.
- Then choose between "Send me a code via SMS" or "Call’.
- You will receive a 6-digit SMS code or a phone call. Follow the steps to register your device.
-
If you are using the "sms-code" or the "phone me" method
No, you don't need to change any settings
Created: 25 August 2022
Last updated: 2 May 2023 07:26:28
It seems that this problem mainly affects iPhone users. During the registration process, make sure that the Microsoft Authenticator app does not automatically lock (because you are looking at your computer screen for instructions).
Are you stuck? Click on "I want to set a different method" and start over. Then choose the SMS code or phone call. That is slightly simpler.
If that is successful, you can always add the Microsoft Authenticator app as a method afterwards.
Created: 25 August 2022
Last updated: 18 September 2023 11:23:39
Yes, you can, even though we recommend the Microsoft Authenticator app.
Keep in mind that our helpdesk only supports the Microsoft Authenticator app.
Some examples of other authenticator apps:
- Google Authenticator
- LastPass
- Authy
- Aegis Authenticator
Created: 25 August 2022
Last updated: 18 September 2023 13:00:03
Update: Microsoft is currently rolling out system-preferred MFA. When logging in, the system will choose the most secure and convenient method for you from the set methods itself. So, you don't have to set a preferred method yourself (anymore). You can check whether this feature is already active for your account by surfing to https://mysignins.microsoft.com/security-info:
- Open a browser and surf to https://mysignins.microsoft.com/security-info.
- Log in with your UGent credentials.
- Click next to "Default Login Method" on ‘Change’
- Click the arrow to open the menu and select the method you wish to use.
- Click on ‘Confirm’
Created: 25 August 2022
Last updated: 26 July 2023 12:23:58
Yes, and that is precisely the intention. The verification remains valid on a specific device for a period of time set by DICT, we then speak of a “trusted device”.
You will not be prompted for authentication again on that particular device until that period has passed (approximately 30 days). Until then, your connection/device is considered safe. In this way MFA remains sufficiently user-friendly.
Please note: if you delete cookies in your browser after each session, you will have to use MFA every time to log in.
You will not be prompted for authentication again on that particular device until that period has passed (approximately 30 days). Until then, your connection/device is considered safe. In this way MFA remains sufficiently user-friendly.
Please note: if you delete cookies in your browser after each session, you will have to use MFA every time to log in.
Created: 25 August 2022
Last updated: 18 September 2023 13:05:47
If you want to make sure you are back in the beginning of the 30-day period for a trusted device, you can do so by unsubscribing from all your devices: surf to https://mysignins.microsoft.com/security-info and click "Sign out everywhere" at the bottom of the page.
Please note: this is the case for all your devices
At your next login attempt on each of your devices, MFA will be recalled and the 30-day period for a trusted device will start again from the beginning.
Created: 25 August 2022
Last updated: 18 September 2023 09:45:24
The Microsoft Authenticator app can make a back up to the cloud of your account credentials and related app settings, such as the order of your accounts.
If you have made a backup, you can also use the app to restore your data to a new device. This way you avoid being locked out or having to start from scratch with creating accounts on a new device.
You can read how to make a backup on the Microsoft website:
Backup and restore of account credentials using the Microsoft Authenticator app
Created: 25 August 2022
Last updated: 18 September 2023 09:47:47
When your configured multi-factor authentication methods are no longer available (for example after restoring your device to the factory settings, transferring your apps and data to a new device, when switching phone numbers, ...) you can reset them on mfareset.ugent.be.
To authenticate, you will be redirected to the website of the Flemish government where you can log in via Itsme or with your e-ID and a card reader. After logging in, you can set up a new MFA method.
Created: 25 August 2022
Last updated: 18 September 2023 09:49:03
Number matching is an additional security feature for multifactor authentication with the Microsoft Authenticator app. This feature requires users in order to approve an authentication request, to enter a two-digit number displayed on the screen. This feature should help prevent malicious login attempts from being approved unintentionally in an inattentive moment.
Read more:
Read more:
Created: 28 February 2023
Last updated: 15 May 2023 11:49:50
Users who have a Belgian E-id can reset their mfa themselves via https://mfareset.ugent.be Other users must prove their identity by sending it as an attachment (PDF or DOC).
Created: 10 July 2023
Last updated: 12 July 2023 06:42:45
Users with a Belgian E-id can reset their MFA themselves by visiting https://mfareset.ugent.be.
For other users, to reset MFA, they need to provide proof of their identity by sending it as an attachment (PDF or DOC) via email.
Created: 27 July 2023
Last updated: 27 July 2023 13:26:46