We will call Microsoft Authenticator as ‘the app’ for simplicity and smartphone as phone.
1. What is Microsoft Authenticator?
Microsoft Authenticator is a security app for multi-factor authentication. It competes directly with Google Authenticator, Authy, LastPass Authenticator, and many others. While there are multiple options available we ask you to use the Microsoft Authenticator app for work purposes. To help us provide a consistently good support service for you this is the only app we will provide helpdesk support for.
2. How do I download the app on my phone?
For Google Android, on your Android phone, go to Google Play and search for Microsoft Authenticator.
For Apple iOS, on your Apple iOS phone, go to the Apple Store and search for Microsoft Authenticator.
If you have an issue downloading please ensure the Operating system of your phone is at least 8.0 for Android, or requires iOS 14.0 or later. See (3) below.
3. How do I find out what os version my phone is ?
For Android, click below
Check & update your Android version - Android Help (google.com)
For iOS, click below
Find the software version on your iPhone, iPad, or iPod - Apple Support
4. What if my operating system does not support the app?
In the first instance please try to update your operating system – this is good practice to make sure the security of your phone is up-to-date. If you cannot do this because your phone is incompatible with the new operating system, please let us know as soon as possible.
5. How often will I get asked for authentication via the app or when do I expect to be prompted for authentication?
After you setup your multi factor authentication for the first time, it should not prompt you again for the next 30 days. However, a number of situations will override this including:
- If you sign in and out again in Office applications (desktop version or web).
- Change your password
- Ensure you tick the box as shown below "Don't ask again for 30 days"
6. Can the app track any information on my phone?
The Microsoft authenticator does not track you and it does not log location data. It will list your logins to Teach First protected resources as a method for you to recognize unauthorised access attempts. The only push notifications it will ever send you are approval requests for logins to Teach First systems. The Microsoft Authenticator does not give Teach First or Microsoft access to any data or information on your device. You can read the privacy policy in the app store or through the Settings & Privacy link in the left-hand navigation in office.com.
7. What should I do if the app asks me to authenticate a sign in that wasn’t me or what to do when you receive an unexpected request?
Please be vigilant. Never approve an authentication request from the app if you have not been attempting to log into a Microsoft resource (please note, if you have left your laptop turned on it may try to authenticate without you knowing, so you may receive authentication requests at irregular times). If you are certain the login was not from you, Select ‘Deny’. (This will block your account, so please contact IT) If you accidentally approved a push notification, you should report these to the service desk immediately.
8. If I accidentally removed the app from my phone, will I have problems just accessing my emails?
You will need to contact service desk to reset your multi factor authentication as you will not be able access your emails like you did previously without the multi factor authentication.
9. The multi-factor authentication app comes up with a one-time passcode when I open it, how do I use this?
The default setup for Teach First is through a push notification from the app. There will be situation where a one-time passcode setup is necessary for workarounds. Please ignore this.
10. I have a new phone replacing the old one. What should I do or how do I move the Microsoft Authenticator to my new phone?
The default MFA setup is through a push notification by tapping ‘Approve’ on your phone. As long as your old phone still connects to the internet and the app is still working. See steps below to follow but if you encounter problem, please contact service desk.
Login to your Office 365 security account https://mysignins.microsoft.com/security-info with your password and on your old phone with the app opened/working, tap ‘approve’.
The browser will open your Office 365 security account page.
In Security info, select ‘+ Add method’.
Select ‘Authenticator app’ as the method, click Add and Next.
Assuming you have the app installed on your new phone, open it.
If not please install it first. With the app opened:
Select the 3 dots on top right
Select ‘+ Add account’
Select ‘Work or school account’
Tap ‘Scan a QR code’
Back on your laptop screen, click Next.
Use your phone to scan the QR code on your laptop screen.
Click Next
Tap ‘Approve’ on your new phone.
Click Next to complete your new phone registration to your Office 365 account.
On the same screen ‘Security Info’, you should delete your old phone once you are happy with the new registration. Select ‘Delete’ and Sign out of this page.