Frequently asked questions

If the device you are using to verify your details is lost or has been stolen, you should change your University account password to keep your account secure. Once you have done this, you should arrange to have your MFA settings cleared. You should either: 

Request Support for Students 

Request Support for Staff 

After your settings have  been cleared, the next time you sign in to your account you will be prompted to set up MFA again.  You can follow the instructions to set up each type of authentication method on the Registration page.

You can visit the Information Security site for more guidance about keeping mobile phones and tablets safe and secure:

Security for mobile phones and tablets 

If your phone number has changed and you set up MFA using your phone to receive texts or calls to verify your identity, you will need to update your MFA settings to include the new number. Doing this will ensure your authentication prompts go to the right place.

To update the phone number you should go through the following steps: 

1. In a web browser, login to the My Sign-ins website using your University Username (uun) in the format uun@ed.ac.uk and your login password.
2. Select Delete next to your old sign-in method and select Ok
3. Select Add sign-in method
4. Choose Phone and select Add
5. Select your country code and enter your phone number
6. Choose Text me a code or Call me and select Next
7. Enter the 6 digit code and select Next
8. A message will show stating that your method is verified, select Done.
9. If you would like to make the new method your default, select the Change option next to Default sign-in method
10. Select the drop-down menu and choose your preferred default sign-in method. 

1. In a web browser, login to the My Sign-ins website using your University Username (uun) in the format uun@ed.ac.uk and your login password.
2. Select Add sign-in method
3. Choose a method and select Add
4. Follow the on screen instructions to add your new method
5. If you would like to make the new method your default, select the Change option next to Default sign-in method
6. Select the drop-down menu, choose your preferred default sign-in method and select Confirm. 

1. In a web browser, login to the My Sign-ins website using your University Username (uun) in the format uun@ed.ac.uk and your login password.
2. Select the Change option, next to Default sign-in method
3. Select the drop-down menu and choose your preferred default sign-in method and select Confirm.

1. In a web browser, login to the My Sign-ins website using your University Username (UUN) in the format uun@ed.ac.uk and your login password.
2. Select the Delete option, next to the method you want to remove.

If you delete your default sign-in method, the next available method will automatically become your default method.

Yes, you can use Google Authenticator as a method of authentication for MFA.

Google Authenticator is an app for Android and Apple mobile or tablet devices which prompts for authorisation using a time-based numerical password. The following instructions tell you how to add it to your account as an additional authentication method;

1. Download Google Authenticator from your device’s app store.
2. In a web browser, login to the My sign-ins website using your Edinburgh username in the format uun@ed.ac.uk and your login password.
3. If MFA is already set up on your account, provide authentication using an existing method.
4. If you do not enter the account setup automatically, select +Add sign-in method > Authenticator app > Add.
5. Click I want to use a different authenticator app then select next.
6. In the Google Authenticator app, select Add a code.
7. Select Scan a QR code and scan the QR code displayed on the My Sign-ins website.
8. Select next and key in the 6-digit code shown in the Google Authenticator app.
9. Google Authenticator has now been added to your account.

If you have set up MFA to verify by entering a code received in a text or phone call you may encounter one of these scenarios:

1. I didn't enter the code in time and now it won't work

The codes sent are programmed to expire after a few minutes, therefore you should enter these as soon as possible for the verification to succeed. If you are delayed in entering the code, and it has expired, you should close the Microsoft application you are using and re-open it. This will prompt a new code to be sent by Microsoft and you should enter this new code as soon as possible to verify your details.

2. Nothing happens when I enter the code

If the process doesn't progress when you enter the code to verify it may have timed out for security reasons. If this happens, you should close the Microsoft application you are using and re-open it. You should then be prompted to restart the process.

If you receive an MFA request that appears unusual or when you're not trying to actually connect to a University MFA-secured service, DO NOT authenticate it and instead immediately contact the IS Helpline sending them a screenshot of the request. They will investigate the matter.

Contact the IS Helpline

If you receive an MFA request and have no signal or Wi-Fi on your device, you can generate an authentication code using authenticator app.

All applications settings are different. The most common authenticators used at Edinburgh University are:

MS Authenticator App

Open the Authenticator App, select the University of Edinburgh account relating to the authentication request and it will open a screen showing a One-time password code. Enter the code into the authentication request screen and verify. Please note that the code refreshes every 30 seconds. 

authenticator.cc

Open your browser, click the authenticator Extension’s icon in your browser to reveal the current temporary code.  Enter the code into the authentication request screen and verify. Please note that the code refreshes every 30 seconds. 

In these, and other circumstances which prevent a notification being received for the MS Authenticator app, a secondary function of the app can be used:

1. When logging-in and receiving the Approve sign in request screen, it is necessary to select I can't use my Microsoft Authenticator app right now as per below:
2. Then select Use a verification code if prompted.
3. Now go back to the Authenticator app and manually tap on the University account from the list.
4. If the account is added properly there will be a number listed which periodically changes as displayed below:
5. Enter this number into the request screen and continue in order to complete authentication.

You may encounter difficulties with the MFA process if you are travelling, or if you are based outside the UK.

If you have chosen to verify your details by receiving verification codes by calls or texts to a mobile device, you should be aware that this relies on your phone signal. If you are likely to have a poor phone signal due to travelling, it may be better to set up the Microsoft Authenticator app as your verification method, as this does not rely on connectivity to work.

You should set up the Authenticator app before travelling, you will find the instructions to set up the MS Authenticator app on the Registration page.

If you have both a staff account and a student account you will likely have already set up MFA for your student email account. If you do not already access your staff email regularly you may now need to separately set up MFA for your staff account, for example to access your payslip. While the recommended Microsoft Authenticator app can be used for both staff and student accounts, if you wish to more easily differentiate which account you are using you may choose to set up a different authenticator app for your second account, see “Add a new authentication method” above on this page. If you inadvertently lock either your student or your staff account due to a mix-up help is available: https://www.ed.ac.uk/information-services/help-consultancy/contact-helpline

If you get requests to set up MFA for third-party services that are NOT provided directly by University (such as Diversity Travel, JISC, etc or other services where you have used your university email to register), you may be able to add the service to the same authenticator app you use for the University. 

If you are not using an app or if the app is not compatible, then you will need to follow the instructions provided by the third-party or contact their support, as the University can only support the University configured MFA options. 

In the future, as other University services begin to use MFA this will require no action on your part as the MFA used will be the same as for existing University services.