Multifactor Authentication (MFA) is the process of using more than one piece of evidence (or factors) to prove who you are when you sign in to applications and services.  You may already be familiar with MFA when using other services such as online banking.  

At Sheffield Hallam, as well as your username and password, you will need to use a second factor when signing in.  We highly recommend the use of the Microsoft Authenticator app as this is the most secure and supported option, but this second factor could also be a telephone call, a text or a different app you may already be using such as Google Authenticator. 

Several applications and services require MFA including: 

• Office 365
• Remote Desktop Services such as AVD, VMWare Horizon and Azure Labs for students on selected courses  
• Adobe Creative Cloud 
• AppsAnywhere 
• Global Protect VPN used to access University software or services off-campus

How to set up Multifactor Authentication

To get started, review the videos and set up one or more MFA methods. You can find further help on setting up and using MFA, including step-by-step instructions, in our MFA FAQs

Using the Microsoft Authenticator

Troubleshooting

I cannot complete set up using the app or cannot use it after set up:

Occasionally something does not work as it should. Try these troubleshooting steps in order and check after each step:

1. Re-start your phone / device
2. On the My Sign-ins page remove the method that is not working and re-add it
3. Remove the account from the mobile app and re-add it
4. Uninstall the mobile app from your phone / device, re-install it and set MFA up again

If you still cannot complete your set up please contact the IT Service Desk 

I have registered the Microsoft Authenticator App but am still prompted for registration:

If after registering your account in the Microsoft Authenticator app via a QR code you are still prompted to register your MFA details on sign in, then you should delete the existing SHU account from within the Authenticator app and re-register it again.

It does not recognise my email address when I try to sign in to the MFA setup page:

The email address / username required is in the format username@hallam.shu.ac.uk.

If you are a guest you will need to use the email address you used with your guest invite. 

I’ve forgotten / lost my mobile phone / device – what should I do?

If you don’t have access to your mobile phone / device and cannot use any backup method you may have set up, please contact the IT Service Desk

I have changed / am changing to mobile phone / device – what should I do?

If you still have the old device or have a backup method available: 

• Visit the My Sign-ins page

• Add the mobile phone / device as a method 

• Remove your old mobile phone / device as a method

If you no longer have your old device and don’t have a backup method available: 

Please contact the IT Service Desk

I can’t install the app on my older mobile phones / devices:

Older mobile phones/devices may not support newer apps that support Modern Authentication in which case you will need to use another method such as a phone number (to receive a phone call on your mobile phone).

Please see our FAQ ‘How do I set up the phone / text method’

How to get support

If you have any problems setting up or using MFA please check the MFA FAQs.  If these do not help resolve your issue, please contact the IT Service Desk

Personal Data

Keeping your account secure will help protect both the University’s and your own personal data.

All personal information that you provide, such as a personal phone number, is stored securely in compliance with GDPR within SHU’s directory systems and treated as private data by Microsoft. It can only be used for the purposes for which the data has been given – in this case, it is used for authentication purposes and protecting your account only and will not be used for any other purpose.

You have full control to remove your MFA information and should you leave the University, all your authentication details will be automatically removed on the deletion of your user account.

If you still have concerns, we encourage you to use the Microsoft Authenticator App as this does not request any personal information, it simply holds an electronic token unique to your University account.