Multi-Factor Authentication for students

As part of our programme of continuing security improvements, Multi-Factor Authentication (MFA) was rolled out for students on 27 March 2023.

What is MFA?

MFA provides another layer of security in addition to a username and password when accessing university resources. MFA combines two verification methods: 

  • something you know – such as a password

  • something you have – such as a token generated by an app on a smartphone

Once set up, it is easy to use and provides increased protection against cyber-attacks and security breaches.

How do I set up MFA?

 

To set up MFA, click the link below to access the security settings for your university account and follow the instructions in our Multi-Factor Authentication Setup Guide.

Please use @westminster.ac.uk instead of @my.westminster.ac.uk for your email if you are asked to log in.

Set up MFA

Need help? Please refer to the FAQs.

FAQs

All the information you need to register, as well as FAQs, can be found on this page.

If you need further assistance, please email with your student ID and phone number, and a member of the IT Service Desk team will contact you directly.

Alternatively, you can also use the Live Chat service on the Student Hub (in the bottom right corner of your screen).

Once MFA is rolled out in March, you will be prompted to set up your authentication method and will not be able to access the university's online resources until this is complete.

You will be requested to verify your authentication in the following circumstances:

  • the first time you use the university’s Global Protect VPN or Microsoft 365 after MFA has been enabled on your account
  • whenever you change device or location, such as logging in to a new computer or phone
  • every 14 days for Outlook/Microsoft 365
  • whenever you connect to or disconnect from the university's Global Protect VPN

You will not need MFA for computers in teaching spaces, but you may receive a prompt if logging in from your laptop in a classroom.

We recommend that you set up at least two methods of authentication from the following options:

  • Microsoft Authenticator app – this is the most efficient method for authentication
  • text
  • phone call

You can also use alternative authenticator apps such as Google Authenticator. However, we recommend using Microsoft Authenticator as it is simple to use and reliable.

You can update your preferences and details at any time by logging in to the security settings for your account.

If you have any problems with updating your details, you can contact the IT Service Desk.

Yes, the Microsoft Authenticator app can be used on multiple devices.

Microsoft is changing how you use the Authenticator app to make it harder for threat actors to access your account. Number matching prevents accidental approval by asking you to type in a number from the login screen into their Authenticator app.

Please check your phone settings to see if you have notifications silenced or switched off. 

Some Android users have reported issues with receiving notifications despite notifications being turned on. To fix this, we recommend opening the Microsoft Authenticator app when you sign in and closing it once finished.

If you do not have the option to input the numbers into your Microsoft Authenticator app when requested, it may be that you need to upgrade your app to the latest version. Make sure you stay updated with the latest version. You can download it for Android and iOS for the best authentication experience.

If you receive an MFA notification, text or phone call that you were not expecting, it is important that you do not approve it.

Please contact the IT Service Desk to report this and provide the approximate time you received the request. 

Please contact the IT Service Desk to get your MFA reset.

If you are having problems using the Microsoft Authenticator app for MFA because of an accessibility requirement, please contact the IT Service Desk.

The following methods of authentication should be accessible for most users, including those who use mobile screen readers or magnification:

  • receiving a phone notification
  • receiving a passcode via text or a phone call

You can also get accessibility support for all Microsoft products directly from the Microsoft Disability Answer Desk.

If your provider is likely to charge you while you’re travelling, we recommend switching your preferred MFA method to the Microsoft Authenticator app in the security settings for your account.

You can uninstall the app and change back to your preferred MFA method at any time.