Microsoft Authenticator is an app for Android and Apple mobile devices.
The app prompts for authorisation if an internet connection is available, or can provide a one-time password.
- Download Microsoft Authenticator from your device's app store
- In a web browser, sign in to the My Sign-ins website using your username in the format abcd1234@ox.ac.uk, SSO password, and MFA if it is already set up on your account
- If account setup does not start automatically,select +Add sign-in method > Authenticator app > Add
- If available, selectPair your account to the app by clicking this link(thenskip to step 8)
- Select Next>Next to display a QR code
- In Microsoft Authenticator, select + > Add account > Work or school Account
- Select Scan a QR code, thenscan the QR code shown on the My Sign-ins website
- Return to the My Sign-ins website, then select Next todisplay a two-digit number
- Return to Microsoft Authenticator, then provide the test notification with the two-digit number from the My Sign-ins website
Many authenticator apps can provide a one-time password. They should not require internet access or phone connectivity.
The setup process is provided below, but you may need to refer to your apps documentation.
- Download and install the authenticator
- Open the authenticator and start the process to add a new account
In a web browser, sign in to the My Sign-ins website using your username in the format abcd1234@ox.ac.uk, SSO password, and MFA if it is already set up on your account
If account setup does not start automatically,select +Add sign-in method > Authenticator app > Add
- Select I want to use a different authenticator app > Next
- Either scan the displayed QR code with the authenticator (then skip to step 9) or select Can't scan image
- In the authenticator, provide the secret key displayed on the MySign-ins website
- If given an option to select the token length, choose 6 digit
- Return to the My Sign-ins website, select Next then provide the 6 digit code displayed in the authenticator
Zoho OneAuth is an alternative authenticator app available for Windows, macOS, iOS, and Android devices.
OneAuth provides a one-time password.
- Install OneAuthfrom the Microsoft, Apple or Android app store (titledAuthenticator App - OneAuth)
- Sign in to OneAuth using a Zoho account. You cancreate a free Zoho accountusing any email address, but you must be able to confirm the email that is then sent to it
- Any OneAuth permission requests can be denied, but if prompted to go passwordlessselect Skip
- In a web browser, sign in to the My Sign-ins website using your username in the format abcd1234@ox.ac.uk, SSO password, and MFA if it is already set up on your account
- If account setup does not start automatically, select+ Add sign-in method > Authenticator app > Add
- Select I want to use a different authenticator app > Next >Can't scan image?
- Return to OneAuth, then from themenu bar select:
Windows OTP Authenticator> + Add new > Manual entry macOS Authenticator> Add new > Manual entry iOS Authenticator> Add new > Manual entry Android Authenticator > Add new> Enter secret manually - Complete the displayed form with:
Issuer Name Oxford University SSO Username Your username in the format abcd1234@ox.ac.uk Secret Key The secret key displayed on the My Sign-ins website Choose Folder My Accounts Choose Brand Your choice of icon - Return to the My Sign-ins website, select Next then provide the 6 digit code displayed in OneAuth
Back up your secret key
Back upyour key to allow it to be restored if you sign out of OneAuth or install it on a new device.
- In OneAuth, from themenu bar select eitherOTP AuthenticatororAuthenticator
- Select Back up Secrets > SET UP
- Provide a recovery passphrase (minimum 8 characters)
Authy byTwilio is an alternative authenticator app available for mobile devices.
Authy provides a one-time password, requiring a phone for its initial setup or internet access to set up additional devices.
- Download Authyfrom your mobile device's app store
- Open Authy, provide a phone number, email address and complete the initial setup
- In Authy, select either + in the Tokens tab, or ⋮> Add Account
In a web browser, sign in to the My Sign-ins website using your username in the format abcd1234@ox.ac.uk, SSO password, and MFA if it is already set up on your account
If account setup does not start automatically,select +Add sign-in method > Authenticator app > Add
- Select I want to use a different authenticator app > Next
- If a QR code is displayed, either scan it in Authy (then skip to step 13) or select Can't scan image
- Return to Authy, if prompted to Scan QR Code select Enter Code Manually
- Provide Authy with the Secret key displayed on the My Sign-ins website
- Select a logo for the account
- Provide a name such as Nexus365
- If prompted, leave the Token length as 6 digit
- If prompted, provide a password for your Authy account
- Return to the My Sign-ins website, select Next then provide the 6 digit code displayed in Authy
Set up Authy on additional devices
If you are setting up Authy on multiple devices you can synchronise your token across them.
During setup, an internet connection is required for both devices.
- On the existing device, open Authy.
- Select ⋮ > Settings > Devices > Allowmulti-device
- Create an Authy backup password
- On the additional device, download and install Authy from your mobile device's app store
- If Authy is already set up, remove and reinstall the app to reset it
- Open Authy and provide the phone number used for your Authy account
- Select the Existing Device verification method
- On the existing device, confirm the notification
- On the additional device, select the Nexus 365 account
- Provide your Authy backup password
An automated call can be made to a land or mobile telephone number,prompting for the press of a specified key.
In a web browser, sign in to the My Sign-ins website using your username in the format abcd1234@ox.ac.uk, SSO password, and MFA if it is already set up on your account
If account setup does not start automatically,select +Add sign-in method > Alternative phone > Add
- Provide the phone number to use
- Select Call me >Next, then verify the call made to the phone
A one-time password can be sent to a telephone number.
In a web browser, sign in to the My Sign-ins website using your username in the format abcd1234@ox.ac.uk, SSO password, and MFA if it is already set up on your account
- If you do not enter the account setup automatically, select +Add sign-in method > Phone > Add
- Provide the phone number to use
- Select Text me a code >Next, then provide the 6 digit code sent to your device
A security key, also known as a hardware token, is a device you can plug into your computer to authenticate your account. Security keys are supported by your local IT support team.
The setup of different keys may vary slightly, but an existing MFA method must have been set up as authentication is required either before or during the setup.
In a web browser, sign in to the My Sign-ins website using your username in the format abcd1234@ox.ac.uk, SSO password and MFA
- Select+Add sign-in method > Security Key > Add >USB device > Next
- If prompted,select Use a different passkey >Use an external security key>OK > OK
- Insert the security key into your device's USB port
- Set a password to use with the key or provide the existing password
- If required,touch the security key
- Provide a name to help you to identify the authentication method
