FAQs
MFA FAQs
Multi-factor Authentication (MFA) or Two-step verification is a security feature that TU Dublin has deployed to protect your account.
Two-step verification is more secure than just a password
- It relies on two forms of authentication: something you know, and something you have with you.
Why is it useful?
- Using two-step verification can help protect your account, as it prevents malicious hackers from signing in to your account if they know your password.
- TU Dublin highly recommends using the Microsoft Authenticator App
Multifactor Authentication (MFA) also known as two-step verification is more secure than just a
password because it relies on two forms of authentication: something you know, and something you
have with you. This adds a critical second layer of security when users sign-in to their TU Dublin
Office 365 account. The something you know is your password, while the something you have with
you is your phone. Using MFA can help to stop malicious hackers from signing in as you, even if they
get your password.
MFA works by requiring both of the following verification methods to access your TU
Dublin account:
- Something you know (your TU Dublin username & password)
- Something you have (a trusted device - your mobile phone).
Authenticator APP
The Microsoft Authenticator app helps you sign in to your accounts when you're using two-step verification. Two-step verification helps you to use your accounts more securely because passwords can be forgotten, stolen, or compromised.
Microsoft Authenticator will prompt you to enter a number displayed on the sign-in screen when approving an MFA request in Microsoft Authenticator. This is called number matching and it further protects you from potential accidental approvals and phishing attempts.
When you use your TU Dublin email address and password to sign in to an application connected to Office 365 you will be prompted to enter a number in the authenticator app.
Code sent by SMS text message
When you use your TU Dublin email address and password to sign in to an application connected to Office 365 you will be prompted to enter a code on screen which will be sent to your registered mobile device.
Microsoft will enable the new number matching feature by default in early 2023 for all users of the Authenticator app. With number matching, a number is displayed to a user when they sign in, and instead of entering this number on the device they are signing into, they confirm the number on their MFA smart device.
No. Microsoft will be enforcing the number match experience for all Office 365 users globally starting February 27, 2023
Yes, you can change the verification method at any time.
Browse to the following site https://aka.ms/mfasetup
Sign in with your TU Dublin email address and password.
MFA can slightly increase the time it takes to log in, but it also increases the security of the account. The added time is minimal and worth the increased security.
Your mobile device number is stored securely within TU Dublin’s Microsoft Office 365 tenant and is
only used for the purpose of your account security. It is not visible to members of Technology Services
If you do not want your number stored within the tenant choose the Microsoft Authenticator App as
your preferred method.
Browse to the following site https://aka.ms/mfasetup
Here you will see the options that are currently enabled for your account.
Edit the number in the Authentication phone field.
While on the any of the TU Dublin campus networks, MFA is not required, but should you access any
of your Office 365 services from anywhere else you will be challenged for MFA.
Yes, it is possible to view and or edit the number devices that you have setup the Microsoft
Authenticator app on.
Browse to the following site https://aka.ms/mfasetup
Sign in with your TU Dublin email address and password.
Here you will see a listing of devices that have the authenticator app installed. From here you have
the ability to delete any of these devices. Simply select Delete beside the device you wish to remove.
If you would like to add an additional device. Download the Authenticator App to your device and
then select “Set up Authenticator app” and follow the instructions here.
The Microsoft Authenticator app collects three types of information:
- Account info you provide when you add your account. This data can be removed by removing your
account. - Diagnostic log data, which resides only in the app until you choose to Send Logs to Microsoft
through the app's Help menu. These log files contain personal data, like your email addresses (such
as, firstname.surname@tudublin.ie), server/IP addresses, and device data (such as, device name and
operating system version), with the personal data limited to info necessary to help troubleshoot app
issues. You can view these log files in the app at any time to see the info being gathered. If you send
the log files, the Authentication app engineers can use it to troubleshoot customer-reported issues. - Non-personally identifiable usage data, such “started add account flow/successfully added account,”
or “notification approved.” This data is an integral part of our engineering decisions and helps us
determine what features are important to you, and where improvements need to be made in the
form of updates to the apps. You, as an app user, see a notification of this data collection on first
launch of the app, and are informed that it can be turned off on the app’s Settings page. You can
enable or disable this setting at any time.
No. If you are prompted to approve a sign in but haven't tried to sign into anything, there is the
possibility that there was an application that automatically started with your password saved
attempting to log in, or your sign-in attempt was sent twice (e.g. refreshing a log in page).
If the sign in request appears during a time where you have not attempted to sign in or open
applications recently, it may be someone else attempting to access your account without your
permission. If you are ever unsure, click deny and contact IT Support to report suspicious activity.
General FAQs
To change your office 365 email password please go to www.tudublin.ie/password
Phishing is a form of online fraud. In a typical phishing incident, you may receive an email or pop-up message that claims to be from colleague or another business or organisation that you may have previously dealt with for example PayPal or Bank of Ireland. The message may ask you to ‘update,’ ‘validate,’ or ‘confirm’ your account information.
Please use the report the report message function in Microsoft Outlook to report any Phishing emails you receive. If you do fall victim to a Phishing attempt please contact IT support straight away.
You can find more information about in our Phishing section here.
Below are some quick tips t stay safe online.
Keep your computers and mobile devices up to date.
Having the latest security software, web browser, and operating system are the best defences against viruses, malware, and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
Set strong passwords.
A strong password is at least eight characters in length and includes a mix of upper and lowercase letters, numbers, and special characters.
Watch out for phishing scams.
Phishing scams use fraudulent emails and websites to trick users into disclosing private account or login information. Do not click on links or open any attachments or pop-up screens from sources you are not familiar with.
Keep personal information personal.
Hackers can use social media profiles to figure out your passwords and answer those security questions in the password reset tools. Lockdown your privacy settings and avoid posting things like birthdays, addresses, mother’s maiden name, etc. Be wary of requests to connect with people you do not know.
Secure your internet connection.
Always protect your home wireless network with a password. When connecting to public Wi-Fi networks, be cautious about what information you are sending over it.