What is MFA?

Multi Factor Authentication (MFA) for Office365 is a second method of authentication such as a pin number in addition to your normal College password when logging on to Office365 or using non-browser applications such as desktop versions of Outlook and Skype for Business etc.

Why Use MFA?

One of the major challenges facing Cybersecurity at Imperial College is phishing emails designed to steal user credentials.  The vast majority of phishing emails are blocked by the College spam filter, however, a few phishing emails make it through.  User awareness is the number one weapon against such emails and College has an effective user awareness program, Be Secure.  However occasionally users are successfully phished and give away their credentials allowing an attacker to logon and abuse their email.  By configuring MFA on your account, you prevent the use of stolen credentials.

Configuring MFA

After MFA has been enabled on your account you will need to configure the options that best suit you the first time you logon to Office365.  You can choose to receive a pin code via SMS, an automated phone call or use the Microsoft Authenticator App (recommended).