MFA (Authenticator) - frequently asked questions

MFA FAQ - Frequently Asked Questions

How I sign in if I lose my phone?

• MFA is active when signing in from outside of Aalto workstation network. If you use VPN or sign in an Aalto workstation network you are not required to sign in with MFA, except when updating bank account details to Workday. If you do not recover your phone please send a ticket to Aalto IT Service Desk.

I have a new phone and can't use the old one to verify my identity using the Microsoft authenticator app. How can I reset that?

• Reset your MFA registration at the self-service portal:

  https://idm.aalto.fi/sportal -> suomi.fi authentication -> start a new request -> application access -> MFA registration reset -> add to cart -> submit

  wait for 30 minutes, and then you can re-register to for the multifactor authentication service with these instructions: https://www.aalto.fi/en/services/aalto-multifactor-authentication-on-office-365-accounts

  Note: For suomi.fi authentication you need Finnish online banking credentials. You can also visit IT Service Desk, where your identity is verified with an ID card with a photograph.

I deleted the Microsoft authenticator app from my phone. Now when I'm trying to re-download it, I'm not able to log into the authenticator app, nor am I able to log into any of my Microsoft software. How to proceed?

• Reset your MFA registration at the self-service portal:

  https://idm.aalto.fi/sportal -> suomi.fi authentication -> start a new request -> application access -> MFA registration reset -> add to cart -> submit

  wait for 30 minutes, and then you can re-register to for the multifactor authentication service with these instructions: https://www.aalto.fi/en/services/aalto-multifactor-authentication-on-office-365-accounts

  Note: For suomi.fi authentication you need Finnish online banking credentials. You can also visit IT Service Desk, where your identity is verified with an ID card with a photograph.

Can I use multiple phones?

• Yes MFA supports the registration of multiple phones.

Is MFA signing required when I use Office 365 apps/browser with my mobile phone?

• Yes, mobile phone apps support also MFA.

Where my phone number or email address are stored when I register?

• They are stored in the Aalto tenant. The registration details are only visible to the Aalto Office 365 admins. 

Can I Opt-out from MFA?

• MFA was required for Office 365 services from spring 2021 and you can't opt-out.

Where can I install applications to the new Huawei phone?

• Huawei applications can be downloaded from the Huawei App Gallery.
• First, download and install the latest Google Play Store application: https://www.huaweicentral.com/download-latest-google-play-store-application-apk/
• Then, from Google Play Store Microsoft Authenticator application

Will the use of MFA grow?

Yes. University's whole VDI environment and VPN use on users' own devices will be protected by MFA in the near future. Possibilities to protect other services by MFA is examined.

What authentication methods can I use with MFA, i.e. Do I necessarily need a smartphone?

MFA is easiest to use via an app installed on your smartphone, but there are other options as well. You can also receive the verification code used to log in as a text message or via a robot call. If you cannot use a phone, you can also use hardware designed for this purpose (hardware token). An option that has been found to work is an Ubikey key, which works on the USB port of the terminal.