Office365 Email and MFA
Office 365, including email, is Macquarie University's cloud-based collaborative and productivity service for staff, offering the latest in Office applications including, Word, Excel, OneNote, PowerPoint and Skype for Business.
When you join Macquarie you will be issued with a university email, which will be automatically set up for you, however, you will need to set up your email signature (on Outlook for Windows, Outlook for Mac, Mac Mail or Outlook Web App).
MFA (Multi-Factor Authentication)
What is MFA?
MFA (Multi-Factor Authentication) is a great way to add a layer of security to your Office 365 account and works across all services including Outlook (desktop and web), SharePoint and OneDrive, Teams and so on. MFA is the addition of a security challenge that happens after your username and password are accepted.
Why do I need it?
What is MFA? Cybercriminals are increasingly targeting educational institutions and Macquarie University IT has identified a recent increase in a higher level of sophisticated attacks targeting the University Office 365 service.
MFA increases your account security by requiring multiple forms of verification to prove your identity when logging into your Macquarie University Office 365 account.
Can I use a single MFA app for all my MQ systems?
We recommend you to use the official Microsoft Authenticator mobile app on your mobile device as an additional method of verification to secure your Macquarie University Office 365 account. However, those who wish to use a single app for all MQ applications, can choose Authy or Google Authenticator.
If you are a new starter, you may follow this MFA Setup guide for New Starter to set up your MFA.
If you don't have a smart phone, there are alternate authentication methods, you may follow the Alternate authentication methods guide to set up.
MFA Setup guide for New Starter
Alternate Authentication Methods
Q: What is MFA protecting?
A: MFA adds an extra layer of security to keep your data more secure. Even if a hacker has your username and password, MFA places an additional barrier to stop the hacker from accessing your account.
Q: Why do I need to download an app on my phone？
A: The MFA app, in general, is the fastest, most reliable and secure option of verification. The app ensures you do not need to carry around an extra piece of hardware, plus there are no charges to yourself by using this method. The app also uses very minimal data on your device. Also, the app needs to be installed on your personal mobile device, since the device is unique to you.
Q: Do I have to download the official Microsoft Authenticator app to use Office 365 MFA?
A: Although you can authenticate through other methods, the official Microsoft Authenticator app is the preferred and most secure method for Office 365 MFA. It is also the easiest way and will make authenticating more seamless than other authentication methods.
Using the Authenticator app, you can also access your Office 365 account when there is no internet connection or mobile signal by using the "verification code" from the app to verify your identity.
If it is not practical to use the authenticator app, the following options (authentication methods) are available to use MFA:
- Option 1: Receive a call to a registered mobile phone or landline.
- Option 2: Use Google Authenticator or Authy, (these apps will not send out push approval, you will need to use the one time code)
- Option 3: Receive an SMS to a registered mobile phone (this is the least secure option and is not recommended)
Q: Can I change my authentication method after I have set it?
A: Yes – you can go to https://aka.ms/mfasetup and sign in to change, or add backup, authentication methods. Avoid “office phone” field as this is not configurable. Visit Managing your Office 365 MFA Set up for more details.
Q: How often will I have to re-authenticate using MFA?
A: In most cases, if using the same device for Office clients including Outlook, Teams or each Web browser you will log in once until your authentication is no longer valid, and you will need to re-authenticate. By default, your authentication will be valid for up to 90 days.
Things that could force you to re-authenticate:
- Don’t log in for 14 days on that device.
- If you sign in and out again in Office clients
- Change your password.
- Swap between Office 365 accounts
- You will need to re-authenticate on each new device and browser you use.
- Suspicious activity is detected, e.g., sign in from another country.
Q: I don't wish to download an app, what are my options?
A: O365 MFA can send a text message, or phone call, to a smart-phone, cell phone, landline (such as your office or home phone) or a tablet. We recommend that users use the app as this is the most secure and convenient option.
Q: What if I don't have a smartphone?
A: If you don’t own a smartphone, you can use the text or call option to verify your identity. See the guide Managing your Office 365 MFA Set up for adding additional authentication methods.
Q: Does MFA see my password?
A: No, the O365 MFA system will verify your password with the internal system and will not send it to MFA. MFA is only used for the second-factor authentication, which is the “something you have”. It is used to verify, not store.
Q: I've got a new smartphone/tablet, how do I reset MFA?
A: If you have a new device, or are switching from iOS to Android or vice-versa, make sure you set up your new phone with Microsoft Authenticator by going to https://aka.ms/mfasetup before you erase your old device. You'll need your old device to sign in.
Q: I've got a new phone number, how do I set up MFA?
A: If you have a new number, make sure you add this at https://aka.ms/mfasetup before closing your account. Once your new number is working, you should delete the old one for security.
Q: I've lost my phone and I have not set up any additional authentication method, what should I do?
A: If you have lost your old phone and no longer have access to your old number you will need to request to reset your multi-factor authentication, please contact the IT Service Desk on 9850 4357.
Q: I don't have my mobile device with me, what other way for me to login to my email?
A:If you have previously setup an alternative authentication method e.g. through our desk phone/ Office phone and you have access to, you may use your alternative authentication method to sign in. Alternatively, you may contact IT Service Desk on (02) 9850 4357 between 8am - 8pm Monday to Friday or 10am - 6pm on weekends.