Making the most of multi-factor authentication (MFA) - top ten tips

[Updated July 2024 - Authy has been retired. Replaced with OneAuth]

Now that we’ve all had multi-factor authentication (MFA) on our accounts for a while, it’s a good opportunity to review your authentication methods and make sure you are getting the best user experience: 

• Set up a second method that doesn’t use the same device as your first (in case you lose your mobile). 
• If you don’t want to use your mobile, you can use a landline, a hardware token or the OneAuth app on your computer. Please note that setting up a hardware token requires another method first. 
  
  
• Don’t delete the Authenticator app on your phone – you won’t be able to set it up again without a reset unless you’ve set up another method. 
• If you lose your phone or get a new phone, we have a guide about setting up MFA on a new phone. 
• You can manage all the authentication methods you have set up on the Microsoft Account page – please see our guide about MFA setup and management. 
• If you don’t have any Wi-Fi or mobile data, you can use a 'one-time passcode' on the mobile authenticator app. 
• Always enter your username as 'abcd1234@OX.AC.UK', where abcd1234 is your SSO username, don’t use your email address. 
• MFA doesn’t work on some older devices or email clients – you can check which here – in this case, you might need to use an app password instead. 
• There are several ways to manage multiple accounts that have MFA, whether they are a secondary account at Oxford or an account from another institution – please see our advice about Managing MFA on a secondary account.
• If you get stuck, you can ask your local IT support or the central IT Service Desk (+44 1865 6 12345) to reset your account. 

Visit the MFA setup and management page on the IT Help website for further detail.