Multi-Factor Authentication Project
Multi-Factor Authentication Information for Staff and Students
What is Multi-factor authentication?
The University is implementing multi-factor authentication (MFA) for all Oxford Single Sign-On (SSO) users across the University. This means you will be asked to verify your account using a second factor, such as a code from an app on your phone, text message, or a phone call.
MFA is being rolled out to all SSO accounts from January 2021 by surname.
What's already happened?
On 10 November, the existing Webauth login page, where you sign in with your SSO, was replaced with an Oxford-branded Microsoft login page.
You will also be required to follow the University password policy, when you are next prompted to change your password, which we hope will also improve security for SSO account users.
How does MFA work?
You can verify your account using any of the following methods:
- Using the Microsoft authenticator app on your mobile phone
- Receiving an SMS on your mobile phone
- Requesting a phone call on a landline or mobile phone
- Authy desktop authenticator app
- Using a hardware token
There is more detail about each of these methods on the How to prepare for MFA page.