Frequently asked questions (FAQ) about MFA

(!) In the event of theft immediately notify the helpdesk . We urge you to report any incident.

  • If you have previously set up a different authentication method (eg via a second phone number or a security key) then use this method.
  • Have you only set up 1 method and cannot log in now? Set up a new MFA method on mfareset.ugent.be.

Have you lost or no longer use a device? Then remove it from your list of authentication devices.

  • Open a browser and surf to https://myaccount.microsoft.com/device-list
  • Select the device you want to remove and click on "Disable device".
    Disable device
  • Confirm your choice. Click on "Disabel Device"
  • The device will remain in the list, but you can no longer use it for MFA. You also cannot turn it back on yourself.

Did you find your device? Contact the helpdesk to enable it again.

Tip: If you lose a device, it is better to sign out from all your devices. Surf to https://mysignins.microsoft.com/security-info and click "Sign Out Everywhere" at the bottom of the page.
Log off all devices


Created: 28 June 2022
Last updated: 18 September 2023 13:08:48

Multifactor-authentication (MFA) is a way to provide extra security for your UGent account.
In concrete terms, MFA means that you not only enter your username and password when logging in, but also use one or more other factors to identify yourself.

So with MFA you use a combination of:

  • something only you know (e.g. your pin code or password)
  • something you have (e.g. your laptop, your smartphone with authenticator app or security key)
  • or something you are (eg: biometric properties such as a fingerprint or facial scan)
We use MFA because your username and password no longer provide adequate protection. Using only a password is unfortunately easy to find.
When that happens, that person can access all of our data and applications. Of course we want to avoid that.

Do you want to know more? Watch the video ‘Passwords are outdated’(Dutch only) and learn more about two-step verification at Safeonweb.be(Dutch only).
Created: 25 August 2022
Last updated: 6 December 2022 11:06:27

There are several reasons why signing in with the Microsoft Authenticator app fails:

  • You have failed to respond on time to the notification on your smartphone.
    Then you will see the following message on your computer:
    No response
    Click on "Send a new request to my Microsoft Authenticator app" and try again.
  • iPhone user: You have not enabled push notifications on your iPhone. To do this, go to Settings > Notifications > select the Microsoft Authenticator app and enable "Allow Notifications".
  • You have not given the app permission to use the camera to scan the QR code. Go to Settings > Microsoft Authenticator > Allow Authenticator to access > check Camera.
Are you still unable to use the app? Then try a different method (via SMS code or phone call or a security key).
Created: 25 August 2022
Last updated: 18 September 2023 11:20:08

Yes. There are alternative verification methods that don't require a smartphone.

  • Verification using a SMS code or phone call
  • Authentication using a security key
    NB. In exceptional cases where an employee cannot use a smartphone, mobile phone or landline, DICT can make a security key available to the employee after a motivated request (via e-mail to the DICT helpdesk, with a copy to the hierarchical responsible).

Created: 25 August 2022
Last updated: 18 September 2023 11:21:44
  • If you have previously set a different authentication method (e.g. via a second phone number or a security key) then use this method.
  • If you have only set 1 method, you will not be able to log in, which is why it is always important to use a second method (eg your workspace landline)
  • We regret that the Helpdesk will not be able to help you with this, you will have to get your authentication device.

Created: 25 August 2022
Last updated: 18 September 2023 11:22:45

If the battery is empty, you will not be able to receive an SMS code or telephone call on that number.

  • If you have previously set a different authentication method (e.g. via a second phone number or a security key) then use this method.
  • If you have only set 1 method, you will not be able to log in, which is why it is always important to use a second method (eg your workspace landline)
  • We regret that the Helpdesk will not be able to help you with this, you can always ask your colleagues to borrow their charger.

Created: 25 August 2022
Last updated: 18 September 2023 13:09:29
  1. If you are using the Microsoft authenticator app

    Yes, you must add the new device to your settings.

    • Open a browser and surf to https://mysignins.microsoft.com/security-info.
    • Log in with your UGent credentials.
    • Search the list of methods for the phone number you set.
    • Click on ‘Change’.
    • Then choose between "Send me a code via SMS" or "Call’.
    • You will receive a 6-digit SMS code or a phone call. Follow the steps to register your device.
      SMS verified
    If you have a new phone number, add it as you set your original number. Then remove the old one if you are no longer using it.
  2. If you are using the "sms-code" or the "phone me" method

    No, you don't need to change any settings


Created: 25 August 2022
Last updated: 2 May 2023 07:26:28

It seems that this problem mainly affects iPhone users. During the registration process, make sure that the Microsoft Authenticator app does not automatically lock (because you are looking at your computer screen for instructions).
Are you stuck? Click on "I want to set a different method" and start over. Then choose the SMS code or phone call. That is slightly simpler.
If that is successful, you can always add the Microsoft Authenticator app as a method afterwards.
Created: 25 August 2022
Last updated: 18 September 2023 11:23:39

Yes, you can, even though we recommend the Microsoft Authenticator app.
Keep in mind that our helpdesk only supports the Microsoft Authenticator app.
Some examples of other authenticator apps:

  • Google Authenticator
  • LastPass
  • Authy
  • Aegis Authenticator

Created: 25 August 2022
Last updated: 18 September 2023 13:00:03

Update: Microsoft is currently rolling out system-preferred MFA. When logging in, the system will choose the most secure and convenient method for you from the set methods itself. So, you don't have to set a preferred method yourself (anymore). You can check whether this feature is already active for your account by surfing to https://mysignins.microsoft.com/security-info:

  • Open a browser and surf to https://mysignins.microsoft.com/security-info.
  • Log in with your UGent credentials.
  • Click next to "Default Login Method" on ‘Change
  • Click the arrow to open the menu and select the method you wish to use.
  • Click on ‘Confirm
(!) Note: You cannot choose "Security key" as the default method.
Created: 25 August 2022
Last updated: 26 July 2023 12:23:58
Yes, and that is precisely the intention. The verification remains valid on a specific device for a period of time set by DICT, we then speak of a “trusted device”.
You will not be prompted for authentication again on that particular device until that period has passed (approximately 30 days). Until then, your connection/device is considered safe. In this way MFA remains sufficiently user-friendly.
Please note: if you delete cookies in your browser after each session, you will have to use MFA every time to log in.
Created: 25 August 2022
Last updated: 18 September 2023 13:05:47

If you want to make sure you are back in the beginning of the 30-day period for a trusted device, you can do so by unsubscribing from all your devices: surf to https://mysignins.microsoft.com/security-info and click "Sign out everywhere" at the bottom of the page.
Please note: this is the case for all your devices
At your next login attempt on each of your devices, MFA will be recalled and the 30-day period for a trusted device will start again from the beginning.
Created: 25 August 2022
Last updated: 18 September 2023 09:45:24

The Microsoft Authenticator app can make a back up to the cloud of your account credentials and related app settings, such as the order of your accounts.
If you have made a backup, you can also use the app to restore your data to a new device. This way you avoid being locked out or having to start from scratch with creating accounts on a new device.
You can read how to make a backup on the Microsoft website:
Backup and restore of account credentials using the Microsoft Authenticator app
Created: 25 August 2022
Last updated: 18 September 2023 09:47:47

When your configured multi-factor authentication methods are no longer available (for example after restoring your device to the factory settings, transferring your apps and data to a new device, when switching phone numbers, ...) you can reset them on mfareset.ugent.be.

To authenticate, you will be redirected to the website of the Flemish government where you can log in via Itsme or with your e-ID and a card reader. After logging in, you can set up a new MFA method.
Created: 25 August 2022
Last updated: 18 September 2023 09:49:03
Number matching is an additional security feature for multifactor authentication with the Microsoft Authenticator app. This feature requires users in order to approve an authentication request, to enter a two-digit number displayed on the screen. This feature should help prevent malicious login attempts from being approved unintentionally in an inattentive moment.

Number matching in Microsoft Authenticator

Read more:
Created: 28 February 2023
Last updated: 15 May 2023 11:49:50
Users who have a Belgian E-id can reset their mfa themselves via https://mfareset.ugent.be
Other users must prove their identity by sending it as an attachment (PDF or DOC).

Created: 10 July 2023
Last updated: 12 July 2023 06:42:45

Users with a Belgian E-id can reset their MFA themselves by visiting https://mfareset.ugent.be.

For other users, to reset MFA, they need to provide proof of their identity by sending it as an attachment (PDF or DOC) via email.


Created: 27 July 2023
Last updated: 27 July 2023 13:26:46

Please check if push notifications are enabled for the device and Authenticator. Tap on Settings > Notification settings and make sure 'Show Notifications' is enabled.

For Android devices, check if push notifications are enabled. Go to Settings > Notifications > App settings and ensure that Authenticator is enabled.

If you receive an expired notification, verify that the device's date and time settings are correct. Go to Settings > System > Date and time and ensure that 'Automatic date and time' and 'Automatic time zone' are enabled.

If you don't see push notifications in the Authenticator session list, you can swipe down in the list view to check for pending verifications. You can sign in using pending verification as a temporary solution.


Created: 4 October 2023
Last updated: 4 October 2023 07:31:45
Users who have a Belgian E-id card can reset their mfa settings themselves via https://mfareset.ugent.be
Other users must prove their identity by forwarding it as an attachment (PDF or DOC).

Created: 15 February 2024
Last updated: 15 February 2024 10:41:08