When you’ll need MFA, what it is, and the benefits
MFA at Bath
Multi-Factor Authentication (MFA) is required when logging in to many University systems to further protect our sensitive information and data, and provide extra security controls to reduce the impact of a cyber-attack.
This means you’ll need suitable MFA methods set up to log in to systems such as:
- your University Microsoft 365 account ,and Microsoft apps such as Outlook
- your student record and SAMIS (Student & Applicant Management Information System)
- the University of Bath Virtual Private Network (VPN)
Layering up your security with MFA
MFA requires you to prove who you via a second authentication method (called a ‘factor’) over and above your username and password when you log in, such as scanning a fingerprint or entering a one-time pass code received by phone.
This means that if your password is compromised by a malicious third party, the additional MFA log in step makes it harder for them to access your account.
You’ll likely already be familiar with MFA, such as:
- using a PINsentry for online banking
- receiving codes via a phone when shopping online
Having MFA set up also means you can still verify your identity if you forget your password.
How often you’ll need to verify with MFA, and how to reduce this
How often you are asked to verify your identity with MFA depends on several factors, including your log in behaviours, as it uses a risk-based approach.
For example, you will receive a request for authentication if an attempt is made to access your account from an unusual location or device.
Find out more, including ways to reduce your risk rating: Factors that impact how often you need to sign in with MFA
How to set up MFA on your account
Recommendations and things to consider
- Select suitable MFA methods, as some have limited use. For example, the ‘phone - text message’ option cannot be used for logging into the University’s VPN.
- Have at least two methods set up, so if your first method fails, you can still verify your identity using your second method
Set up or add sign-in methods
To set up MFA or add additional sign-in methods:
- Log in to My Account
- Select ‘Update Info‘ within the Security Info section
- Select ‘Add Method’
- Choose your preferred verification methods from the drop-down list.
Set up the Microsoft Authenticator App for your University account
If you add the Microsoft Authenticator App (recommended), you will need to set up the app for your Bath account.
- Open the app
- Select the + button
- Tap Add work or school account
- Sign in with your Bath credentials
Find out more: MFA Setup Guidance (University of Bath - Learning Pathways)
What each MFA method can be used for
There are different MFA methods available and you can add as many as you like, but some are only suitable for specific activities.
It’s important that you have suitable MFA methods set up for your needs. The Microsoft Authenticator App is recommended, as it is suitable for all activities.
What each MFA method can be used for
| Methods available | Suitable for M365 authentication and logging into University systems | Suitable for VPN authentication | Suitable for resetting your password |
|---|---|---|---|
| Microsoft Authenticator App (most secure) | Yes | Yes | Yes |
| Phone (text / SMS)1 | Yes | - | Yes |
| Alternative phone | Yes | Yes | Yes |
| - | - | Yes | |
| Security questions | - | - | Yes |
| Office phone | - | - | - |
1 Please note that text message/SMS verification codes may arrive via WhatsApp.
If you plan to access your University account overseas, mobile-related verification methods such as a text message may incur roaming charges. Therefore, we recommend you use the Microsoft Authenticator App, using code verification or push notifications when connected to a Wi-Fi hotspot.
Personal data and privacy
The personal details you share are used solely for the purpose of identity verification and authentication.
Find out more: Use of personal data for identity verification and authentication
Top tips to avoid getting locked out of your account
- Have more than one verification method set up, so you are still able to verify your identity if you are unable to use your usual method
- Have appropriate methods set up for your needs – some methods can only be used for certain activities.
- Remember to visit ‘MyAccount’ and update your mobile/phone number if it changes
- Enable the setting within your Microsoft Authenticator app to back up your account credentials so you can recover and restore your MFA information on your new device, and can avoid getting locked out if you change or lose your mobile. How to back up your account credentials (Microsoft guide)
Troubleshooting common problems
Read the troubleshooting guide if you are experiencing problems with MFA, such as:
- Verification problems
- Error messages
- Problems with the Microsoft Authenticator App
Or if you have privacy concerns.
Reset your University password
If you have suitable MFA methods set up, you can reset your password yourself.
If you have been unable to do this, or do not have suitable MFA methods, you can request for your password to be reset via the dedicated online Form.