Skip to content

Multifactor Authentication

Multifactor Authentication

A graphic depicting a padlock

Getting Started

Set up your MFA methods to help protect your University IT account. Find out more below.

Multifactor Authentication (MFA) is the process of using more than one piece of evidence (or factors) to prove who you are when you sign in to applications and services.  You may already be familiar with MFA when using other services such as online banking.  

At Sheffield Hallam, as well as your username and password, you will need to use a second factor when signing in.  We highly recommend the use of the Microsoft Authenticator app as this is the most secure and supported option, but this second factor could also be a telephone call, a text or a different app you may already be using such as Google Authenticator. 

Currently the applications and services that will require MFA are: 

  • Office 365  
  • Remote Desktop Services such as AVD, VMWare Horizon and Azure Labs for students on selected courses  
  • Cisco WebEx Meetings (the new version) 
  • Adobe Creative Cloud 
  • AppsAnywhere 
  • Global Protect VPN used to access University software or services off-campus 
  • SharePoint Online 
  • Dynamics 365 (but not Dynamics customer portals) 
  • Bynder 


How to set up Multifactor Authentication

The videos below outline how to set up MFA using our recommended method – the Microsoft Authenticator app.

Setting up using a computer and a phone or device

This video takes you through setting up the recommended method of  MFA using a computer and a device or phone. 


Setting up using your phone

This video takes you through setting up the recommended method of MFA using only your phone or device.

Using the Microsoft Authenticator


I cannot complete set up using the app or cannot use it after set up:

Occasionally something does not work as it should. It is difficult to say which solution will work in each particular situation so you can try any / all of these:

On your mobile phone or device:

  • Remove the account from the mobile app and re-add it

  • Uninstall the mobile app and re-install it

  • Re-start your phone / device

On the My Sign-ins page

  • Remove the method that is not working and re-add it

I have registered the Microsoft Authenticator App but am still prompted for registration:

If after registering your account in the Microsoft Authenticator app via a QR code you are still prompted to register your MFA details on sign in, then you should delete the existing SHU account from within the Authenticator app and re-register it again.

It does not recognise my email address when I try to sign in to the MFA setup page:

The email address / username required is in the format

If you are a guest you will need to use the email address you used with your guest invite. 

I’ve forgotten / lost my mobile phone / device – what should I do?

If you don’t have access to your mobile phone / device and cannot use any backup method you may have set up, please contact the IT Service Desk

I have changed / am changing to mobile phone / device – what should I do?

If you still have the old device or have a backup method available: 

  • Visit the My Sign-ins page 

  • Add the mobile phone / device as a method 

  • Remove your old mobile phone / device as a method 

If you no longer have your old device and don’t have a backup method available: 

  • Please contact the IT Service Desk


  • I can’t install the app on my older mobile phones / devices:

    Older mobile phones / devices may not support newer apps that support Modern Authentication in which case you will need to use another method such as a phone number (to receive a phone call on your mobile phone)


    How to get support

    Please contact the IT Service Desk if you have any problems setting up or using MFA


    Personal Data

    Keeping your account secure will help protect both the University’s and your own personal data.

    All personal information that you provide, such as a personal phone number, is stored securely in compliance with GDPR within SHU’s directory systems and treated as private data by Microsoft. It can only be used for the purposes for which the data has been given – in this case it is used for authentication purposes and protecting your account only and will not be used for any other purpose.

    You have full control to remove your MFA information and should you leave the University, all your authentication details will be automatically be removed on the deletion of your user account.

    If you still have concerns, we encourage you to use the Microsoft Authenticator App as this does not request any personal information, it simply holds an electronic token unique to your University account.


    Related Content

    Share this page