Microsoft MFA (How To) Set Up MFA To Use Authenticator App Codes Instead of Push Notifications
This article will provide instructions on how to set up and/or reconfigure Microsoft MFA to use authenticator app codes by default instead of push notification, recommended for international or traveling students.
As of February 21, 2023, the Microsoft Authenticator App has been updated to include number matching and location mapping for the Push Notification authentication methods.
Introduction
When traveling internationally, some users may have issues when trying to log into their accounts and authenticate with MFA via the phone call, text message, and push notification options. To avoid issues logging into their account, it is recommended that international users enroll an Android or iOS device using the Authenticator app option with Microsoft MFA before traveling. Users can update their account information through the Microsoft 365 Security Info page. This article will be broken up into the following parts:
Setting Up Microsoft Authenticator App
Begin by installing the Microsoft Authenticator App on the Android or iOS device you wish to use. If you are viewing this article on a computer, you can securely install the Microsoft Authenticator App by using your Android or iOS device to scan the respective QR codes directly from Microsoft's website. If you are viewing this article on your mobile device, you can click the link to securely install it for Android from the Google Play Store, or for iOS from the App Store.
1. Log in to Microsoft 365 and click on your Person Icon in the top right corner of your working screen and then choosing View account from the drop-down menu.
2. Click the UPDATE INFO link on the Security info tab.
3. Click Add method.
4. From the drop-down menu that appears, select Authenticator app and click Add.
5. When prompted to get the app click Next.
6. When prompted to set up your account click Next.
7. This will bring up a QR code for you to scan using your Android/iOS device.
8. Open the app on your Android/iOS device, and tap Add account.
9. If prompted tap Continue.
10. Tap Work or school account.
11. When prompted tap Scan QR code.
12. Use your Android/iOS device to scan the QR code from the prompt on your web browser.
Note: If you can not scan the QR Code enter the 9-digit code listed under the QR Code.
13. Once it registers your account, you will see your UWM email address (ePantherID@uwm.edu) listed in the Microsoft Authenticator app on your Android/iOS device.
14. In your web browser you will be prompted to run a test to ensure MFA is working with your Android/iOS device. On your screen you will see a number displayed in the prompt. On your mobile device you will receive a push notification. When you open the push notification, you will see the location map of the IP address where you are attempting to sign in, and a prompt with a text box and number pad to match the number on screen. Enter the number from the sign-in prompt on screen, and tap Yes to approve the sign in.
Please Note: If the location map presented in the prompt does not match your physical location, this could be for reasons such as IP Address location, VPN use, and cell phone tower location. If you receive a prompt that you did not initiate, do not approve the prompt.
15. If the test is successful, you will see Notification approved In your web browser. Click Next.
16. You will now see Microsoft Authenticator listed in your Security info sign-in methods.
17. Next, you will change your Default sign in method from your old method (Phone call or text message) to the Microsoft Authenticator app that you just registered.
18. Click on the Change button next to Default sign-in method.
19. From the drop-down menu that appears, select Authenticator app or hardware token code, and click Confirm.
20. Your Default sign-in method is now updated.
21. If you are done making changes to your Security info, click on your Person icon in the top right corner of your working screen and Sign out.
22. When asked which account you want to sign out of select your account.
23. After you are signed out, close your browser.
Note:
- To utilize the push notification option with the Microsoft Authenticator app, you will need to have an internet connection. Data rates and charges may apply.
- You do not need an internet connection to utilize the code option. Therefore, we recommend this method for international use.
- If you do happen to run into issues with the push notification option, please see the following section.
- If you continue to have issues authenticating, or if you have other barriers that prevent you from access to a mobile device you can use to authenticate, please reach out to the UWM Help Desk for assistance. Any user who feels they do not have the technology to successfully enroll should call the UWM Help Desk at 414-229-4040 or visit uwm.edu/helpdesk.
Microsoft Authenticator (How to) Sign in another way
If you are experiencing issues trying to authenticate when logging in with Microsoft Authenticator, please try the following action to troubleshoot:
When the authentication window appears, click Sign in another way.
You will have the option to sign in with a backup method if you have one entered, or a push notification or code if you are using the Microsoft Authenticator app. Select your chosen backup method and authenticate.
If you are still unable to authenticate, contact the UWM Help Desk.