Multi Factor Authentication (MFA) for Office 365 is a second method of authentication like a notification sent to a smart phone to confirm it is you in addition to your normal College password. MFA is used when logging on to services such as Office 365 or using non-browser applications such as desktop versions of Outlook and Teams. Watch the below video for instructions on how to set up MFA.

Add extra security

A video on how to add extra security to your account

Why Use MFA?

One of the major challenges facing Cybersecurity is phishing emails designed to steal user credentials.  The vast majority of phishing emails are blocked by the College spam filter, however, a few phishing emails make it through. User awareness is the number one weapon against such emails. Occasionally users are successfully phished and give away their credentials allowing an attacker to logon and abuse their email.  By configuring MFA on your account, you prevent the use of stolen credentials.

Configuring MFA

After MFA has been enabled on your account you will need to configure the options that best suit you the first time you logon to Office 365.  You can choose to receive a pin code via SMS, an automated phone call or use the Microsoft Authenticator App (recommended). The instructions below explain how to set up MFA on your mobile device. 

Set up MFA

Set up MFA on your mobile device

Check pre-requirements – our suggested method is to use the Microsoft Authenticator App as your secondary factor, you can download it from your app store by searching for “Microsoft Authenticator”

1. From your home machine, or any device not on the Imperial network, log in to Office 365 and you will be prompted to choose Set it up now

Set it up now

Note: If the above does not show when you log in to Office 365, please go to Security Information and click on Update your phone numbers used for account security.

2. Choose the method of contact that best suits your needs.  If using the Microsoft Authenticator app (preferred) you can select this here, it defaults to phone (SMS or Phone call) but from the drop-down list select -> Mobile App

additional security verification

3. Select Receive notifications for verification

4 . Select Set up

5. A new window will open with Configure mobile app and will show a QR code on it.

configure mobile6. Open the authenticator App on your phone

7. Click Add account.

add account

8. The camera app on your phone will open, point it at your monitor take a picture of the QR code. Once complete a window like this will appear.


9. Your account has now been setup for Multi-Factor Authentication.

10. Recommend that you logout or reboot your computer to finalise the setup.

11. If you are using the Outlook app to read your email then this should now work and nothing else is required. If however you are using another app such as the Gmail app or a native app then you will need to configure an app password. Please see the following for more information on how to configure app passwords.

Frequently asked questions

Do I have to use MFA each time I login?

No. When you first logon you will see a tick box allowing you to choose to provide your secondary credentials again in 14 days

How do I add a second multi factor method?

  1. Please go to Microsoft Sign-ins security page
  2. Select "Add method" at the top of the options box.
  3. You can then choose from a selection of methods.
  4. see screen shot below for guidance:

Microsoft security info dashboard

How do I set a default second multi factor method?

  1. Please go to Microsoft Sign-ins security page
  2. Select "Change" next to “Default sign-in method: Microsoft Authenticator - notification Change”
  3. Change default method to "Microsoft Authenticator - notification".
  4. see screen shot below for guidance:

Screenshot of Microsoft Security info dashboard

I can't add MFA to my iOS mail client?

Please delete your existing Imperial College account from you iOS mail client and start again.

I’ve received an unexpected text message or an App notification

Please decline the app notification and contact the ICT Service Desk who can investigate further.

What if I change my phone?

If you get a new phone then you will need to change the setup of your MFA. You can do this by following the instructions on the setting up multifactor authentication page. In addition, if you use apps such as Gmail to read your College email you will need to generate a new app password.

What if I lose my phone?

Please contact the Service Desk.  You can also set up a second device in case this happens.