Microsoft MFA – Authentication Methods

This article provides information on the various authentication methods users can choose from for use with Microsoft MFA.
 
Microsoft MFA offers a variety of ways for users to authenticate including text message, phone call, or the Microsoft Authenticator App's push notification or code entry. The following is a description of the various authentication methods that users can choose from. Users must choose two or more of the methods below for their authentication methods.

Microsoft Authenticator App 

Push Notification with number matching and location mapping.

Requires the device to have a screen lock 

This method offers convenience to users. When a user attempts to sign in, they will have the following experience:

  • When signing into a UWM service, a number will be displayed in the sign in prompt.
  • The attempted sign in sends a push notification to the user’s registered mobile device.
  • Upon opening the push notification, the app displays the location map of the IP address where the attempted sign in occurred, and a text box and number pad.
  • The user enters number from the sign in prompt into the authenticator app and taps Yes.
  • The user gains access to the UWM service by matching the correct number. 

Note: If the location map presented in the prompt does not match your physical location, this could be for reasons such as IP Address location, VPN use, and cell phone tower location. If you receive a prompt that you did not initiate, do not approve the prompt.

The following image shows the Microsoft Authenticator App Push Notification with number matching and location mapping on an iOS device. If you are viewing this article on a computer, you can securely install the Microsoft Authenticator App by using your Android or iOS device to scan the respective QR codes directly from Microsoft's website. If you are viewing this article on your mobile device, you can click the link to securely install it for Android from the Google Play Store, or for iOS from the App Store

Microsoft Authenticator App Number Matching

Microsoft Authenticator App Number Matching Location Mapping

Note: If the MFA App is requiring you to sign in twice every 12 hours please make sure you are logging out of your Outlook web session and close your browser at the end of the day. This is considered best practice and will make sure your session does not remain open. If left open your Authentication will expire and you will be required to re-authenticate within a 12 hour period. 

Microsoft Authenticator App - Code Entry

Does not require an internet connection for use, therefore it is recommended for international users. Requires the device to have a screen lock
 
After entering your password, you will be prompted to enter a 6-digit one-time password code for authentication. Codes are refreshed every 30 seconds in the app. The following image shows the Microsoft Authenticator 6-digit one-time password code on an iOS device.
If you are viewing this article on a computer, you can securely install the Microsoft Authenticator App by using your Android or iOS device to scan the respective QR codes directly from Microsoft's website.
If you are viewing this article on your mobile device, you can click the link to securely install it for Android from the Google Play Store, or for iOS from the App Store.
Microsoft MFA App One-time Password Code
To the top

Phone Call

This method allows users to answer a phone call and validate their identity by using the keypad on their phone. Because this method relies on audio, we do not have an image to share.
Do not use your Teams phone number because it is tied to your Microsoft account, and if you are logged out of Teams you cannot access this phone to answer and approve the call. Calling, messaging, and data rates apply.
To the top

Text Message (SMS)

This method sends a text message with an authentication code. The user then enters this code into the authentication field on the device where they are logging in.
Calling, messaging, and data rates apply.
Text message code entry

Hardware Tokens (FOB)

Hardware tokens are available to only those users who are unable to use any other method.
If you forget your mobile device and are in need of an MFA option to get into your machine, please contact the Help Desk and request an MFA Bypass Code.
Hardware tokens, or fobs can be requested by contacting the Help Desk. The Help Desk can be reached by calling 414-229-2020, emailing helpdesk@it.uwm.edu or by filling out the online form here. 
Hardware tokens that were distributed with Duo are not compatible with Microsoft MFA.

Keywords:
Microsoft, MFA, Office, 365, M365, O365, Azure, password, passcode, enroll, enrollment, method, technology, fob, phone, mobile, android, iOS, student, faculty, staff, academic, authenticate, authentication, method, methods, choice, choose, SPPR, multi, factor, multi-factor, hardware, token, call, text, txt, message, data, rates, code, more, info, information, required, require,outlook auth 
Doc ID:
67968
Owned by:
Help Desk K. in UW-Milwaukee Help Desk
Created:
2016-10-24
Updated:
2025-07-03
Sites:
UW-Milwaukee Help Desk