Multi-Factor Authentication - FAQ

The requirements for processing sensitive personal data have been increased with the General Data Protection Regulation (GDPR). Sensitive personal data are, of course, sensitive by nature and enjoy extra protection under the GDPR. Using only a user name and password to log in no longer suffices. The UT uses several applications that process sensitive personal data. On the basis of the GDPR, the UT must provide additional security for these applications via authentication in multiple steps: MFA. 

  • Description

    Multi-Factor Authentication

    Passwords can be easily compromised. MFA immediately increases your account security by requiring multiple forms of verification to prove your identity when signing into an application.

  • Requests

    MFA does not need to be requested.

  • Costs

    There are no costs.

  • Conditions

    To make use of MFA you need a:

    • UT ICT-account
    • Smartphone
  • Support

    For support, please refer to the manual, FAQ (below) or contact the Service Desk ICT.

Explanation MFA application

  • Why is Multi-Factor Authentication necessary?

    In the General Data Protection Regulation (GDPR), the criteria set for processing special personal data have been tightened. Special personal data is highly sensitive and therefore receives additional protection under the GDPR. Logging in with a username and password is no longer sufficient.
    The UT utilises multiple applications within which personal data is processed. The GDPR stipulates that these applications are additionally secured by means of authentication in two steps: MFA.

  • Why is logging in with only my account and password insufficiently secure?

    Programmes may contain data to which others are not permitted access. This may include research data, examination results, or bank account numbers. Passwords can be found out with relative ease, for example when you:

    • use the same password for multiple websites;
    • download malicious software from the internet;
    • accidentally activate incorrect links in a phishing email;
    • provide your password to others.

    Thanks to additional authentication, the university can exclude information from unwanted individuals, even when they possess your password. For this reason, your additional authentication is for personal use only.

  • What is the risk of others knowing my password?

    An individual in possession of your password can block access to your account and:

    • view or even delete your emails, contacts, and educational or research data;
    • masquerade as you and send unsolicited or malicious emails to your contacts;
    • use your account to reset the passwords for your other accounts;
    • gain access to all information accessible to you, such as student data.
  • Will all of the university's systems have additional authentication?

    Eventually all systems will use MFA. First it will be activated for employees. It is expected that in 2021 it will be activated for students also. 

  • Which applications require MFA?

    MFA is required for:

    These and other applications will also be added in 2021.

  • No MFA in exam rooms Therm en NoordHorst?

    At the UT, access to UT applications is secured with MFA, for this, you need a mobile for validation. An exception to this is, the digital tests, taken in the Therm and Noordhorst exam rooms on Chromebooks. This exception is because students are not allowed to use their mobile phones during exams.

Install and Activate

  • Installing and activating MFA application

    You can find the manual here.

Mobile Telephone

  • I have a new smartphone | My current smartphone is stolen or reset | I have collected a spare smartphone. What should I do? 

    If you have a new smartphone due to replacement, loss or theft, you must reconfigure the MFA app. There are two possibilities:

    • When switching to a new phone, make sure to add it here (select Add method) before disposing of the old phone.
    • Contact the Service Desk ICT if you do not have access to your (previous) phone.
  • Is it necessary to provide the UT with my mobile telephone number?

    The UT does not require your mobile telephone number, and this will not be requested and/or registered.

  • I don't want to use my private telephone for work. How can I log in with MFA? (employees)

    If the UT has not provided you with a mobile telephone and you don't wish to use a private smartphone for the MFA, you can obtain a low-budget mobile telephone via the LISA self-service portal. The charges will be covered by the faculty/service department. You will require an OFI number from your organisation for ordering a low-budget telephone.

  • I don't have an internet connection on my mobile telephone, will the app still work?

    An internet connection (WiFi/3G/4G) is only required for app installation/activation. Once it's set you can also use the time-based, one-time passcode in the app.

  • Why does the MFA app request access to the camera? 

    The app requires camera access to scan a code during installation and use of additional authentication. The app only activates the camera for these purposes.

  • Why am I unable to scan the QR code? 

    Tips for successful QR code scanning: 

    • Zoom level of PC browser set to minimum 100%
    • While scanning, do not hold the device too close to the screen! Make sure that the QR code fills approx. 25% of the screen. Hold the device still!
    • Hold your smartphone very still while scanning. Your smartphone may need a few moments for scanning, as the camera must first zoom in on the QR code.
    • Ensure that only the QR code is in the frame when scanning.
    • Keep any objects, such as your finger, from obstructing the camera during scanning.
    • Increase the brightness of your computer screen. This increases the contrast of the QR code, making it easier for your camera to scan.
  • My smartphone is at home and I cannot log in to additionally secured systems now. What should I do?
    • Collect your smartphone, if possible.
    • In case the organisation has a spare smartphone, activate it using an already set up second verification method or contact the Service Desk ICT
  • Which Android or iOS version do I need for the Microsoft Authenticator app?

    For Android, click here.

    For iOS, click here.

  • When do I have to validate again with MFA?

    You must re-validate MFA:

    • after you have changed from workstation/browser
    • after you have changed your password 
    • if you did not use your workstation/browser for a period of 90 days

    * To reduce the number of approvals in a browser you can use the Edge browser and log in with your UT account.

  • Will I be charged for receiving text messages sent through MFA?


  • Can I disable the use of fingerprint, face, or PIN with every prompt for authentication?

    Yes, you can disable it in the settings in the Microsoft Authenticator app.

  • How do I add or remove a sign-in method (app/sms)?

    Go to to add or remove a sign-in method.

Authentication, verification, etc.

  • Is it, next to app notifications, also possible to receive text messages or phone calls for MFA?

    You can add an extra method here.

    Click here for the manual for text messages.

    Click here for the manual for phone calls.

  • How does offline use of additional authentication work?

    During offline use, the Microsoft Authenticator app automatically create an offline code which can be entered on your screen. This allows you to use the additional authentication offline at all times.

  • Can I authorise someone else to log in on my behalf?

    No, this is not possible. MFA is for personal use only and cannot be transferred.

  • Need to approve MFA regularly?

    If you regularly have to approve MFA messages in a browser, we have the following tip:

    Use Microsoft Edge as your browser, click on the profile icon at the right side of the address bar and click "Sign In". Then sign in with your work or school account.

Further questions

  • How do I change my MFA settings?

    You can change the MFA settings here.

  • Who can I contact if I have further questions?

    Please contact the Service Desk ICT.