Overview
At Saitama University, multi-factor authentication (Multi-Factor Authentication / MFA) is mandatory for all users when using Microsoft 365.
By doing this, the risk of account hijacking and information leakage due to password leakage can be reduced.
※ For the time being, multi-factor authentication will be omitted only within the university network.
Even if you forget your mobile device, you can use it at the university.
Cost
If communication charges or call charges occur due to multi-factor authentication, they will be at the expense of each user.
When using the Microsoft Authenticator app under a Wi-Fi environment, the burden of cost is less likely to occur.
For information on which cases will incur costs, please confirm with the telephone company you have contracted with, or refer to the FAQ on this page.
User Guide
When using Microsoft 365, we conduct multi-factor authentication (MFA) using a mobile phone as an additional security device.
Multi-factor authentication refers to the act of authenticating using two or more of the following three types of authentication information.
- Knowledge Information ... Password, PIN code, Secret question
- Possession Information ... Mobile phone, Hardware token, IC card
- Biometric Information ... Fingerprint, vein, voice pattern
For example, authentication is done with a "password" (Knowledge Information) and the "Microsoft Authenticator App" (Possession Information).
To our users, we particularly ask for your attention to the following items.
- Users will need to utilize their own mobile phones.
In addition, it is also possible to set up authentication via voice calls to landline phones.
- The methods for additional security include "Mobile app (Microsoft Authenticator)", "SMS", "Voice Call", etc.
For details, please refer to the Documents & Manuals section.
We strongly recommend setting up more than two types of supplementary security features as a precaution.
- Email software that does not support multifactor authentication will become unusable.
You will need an email software (MUA) that supports advanced authentication (OAuth2).
→Information on compatible MUAs is introduced here.
Documents and Manuals, etc.
Initial setup procedure
We have prepared a document that consolidates information for easy reference. Please view it from here (PDF file).
When you sign in to Webmail and the like, the initial setup screen for multi-factor authentication will appear.
Please follow the initial setup using the instructions below.
※Limited to inside the university Please access with the username and password of the university-wide unified authentication account.
Please also refer to the information published by Microsoft.
Public Information Links
Page for changing multi-factor authentication (additional security) settings
If you want to change the mobile phone or phone number used for additional security,
Access "My Account" from the Microsoft 365 portal (Office Portal) or
Please access the settings page from this link.
Preparation is required when changing the model or phone number
Caution is needed when changing the model of the mobile phone used for multi-factor authentication or changing the phone number.
Especially, it is not recommended to change both the mobile phone model and the phone number 【at the same time】.
If you change the model and let go of the old device, you will not be able to authenticate through the mobile app,
and if you change the phone number, you will not be able to authenticate via SMS or call.
Preparation Before Changing Your Device/Phone Number
If you're planning to change your device or phone number, always make sure to add multi-factor authentication settings beforehand.
For instance, by setting up two factors such as "Mobile App" and "SMS", you can avoid situations where multi-factor authentication becomes unavailable.
→FAQ "Can I change, add, or delete my phone number for multi-factor authentication?"
If Multi-Factor Authentication Becomes Unavailable
At the Microsoft's page you canProcedures for dealing with such situations are introduced, so please read through them and follow them.
If you lose everything, including alternative additional security, for some reason, please refer to the FAQ below and respond accordingly.
→FAQ "I can't do multi-factor authentication when I change my mobile phone model"
At our center, in preparation for the loss, misplacement or malfunction of multi-factor authentication devices, including model changes,
We strongly recommend setting up at least two additional security measures for multi-factor authentication.
Please set it up on the
Microsoft 365 settings page.
FAQ
What is the most recommended option for multi-factor authentication?
Microsoft recommends the Microsoft Authenticator mobile app for multi-factor authentication in Microsoft 365.
Microsoft Authenticator App is compatible with Android and Apple iOS devices.
For more details, please refer to Microsoft's information.
We strongly recommend setting up more than one additional security measure, in addition to Microsoft Authenticator, in case of any contingencies.
I am going abroad. Which multi-factor authentication should I use?
The Microsoft Authenticator app is recommended (please use it on Wi-Fi hotspots etc.).
For other options, please be aware that you may incur roaming charges for text messages abroad or forwarding charges for voice calls.
For more information, please refer to Microsoft's information.
I am going on a business trip to China. Is there anything I should be aware of?
In the case of the Microsoft Authenticator app for Android, you won't be able to receive push notifications.
Refer to Microsoft's information.
Will I be charged for the international call I receive during authentication?
According to Microsoft, it is set up so that "users are charged according to the phone service they have contracted".
For Japanese domestic carriers, most domestic calls in Japan are thought to be free of charge.
If you are going overseas, please check the call charges with your contracted carrier.
For more details, please refer to the Microsoft information.
Can you change, add or delete the Phone for multi-factor authentication?
When changing your mobile phone number or model, you may need to change your multi-factor authentication settings.
Access "My Account" from the Microsoft365 Portal (Office Portal), or
click on this link to go to the settings page.
Please note that you may need to re-authenticate with multi-factor authentication (additional security authentication) to access the above page.
Please prepare your mobile device at hand, and proceed with the process.
I can no longer do multi-factor authentication after changing my mobile phone model
First, try multi-factor authentication by means other than a mobile phone.
If you cannot do that, please request a 'multi-factor authentication information reset' at the Information Technology Center's contact form (
for students・
for faculty and staff
).
※Please note that the reset process is subject to review and may take some time.
Please note that once a "Reset" is performed, you will need to reinitialize your multi-factor authentication.
In the Information Technology Center,
we highly recommend setting up more than two additional securities for multi-factor authentication.
For more details, please refer to this section.
I lost the computer I was using with Microsoft 365
If you leave it as it is, someone who finds your computer might access your emails and documents!
First of all, urgently change your password.
If you cannot do so, please request for "MFA session revocation" through the Information Technology Center's inquiry form (
For students・
For faculty staff
).
Due to the above operation, the trusted information on computers, etc. will be invalidated, and re-entering the password and multi-factor authentication is required.
This can prevent intrusion into the Microsoft 365 system from a lost computer.
However, data stored on your computer cannot be prevented from leaking. Please continue to report and handle it according to the information security policy.
I'm having trouble with my mobile phone, and I want to use the second multi-factor authentication security
If your mobile phone is having problems, you may not receive your usual multi-factor authentication notifications.
By setting up more than one type of multi-factor authentication security in advance, you are more likely to be able to mitigate such situations.
Setting up alternative multi-factor authentication security in advance is
strongly recommended.
To use the second multi-factor authentication security,
please visit Microsoft's page "Procedure to proceed with sign-in using multi-factor authentication"Please refer to the section "Sign in with a different method" in the middle.