Two-factor verification adds an extra layer of security. When logging in to your mailbox in future, you will need to use your password and one other factor or form of verification. We recommend that you use Microsoft’s app for this purpose. You must thus enter your password and press ‘Approve’ in the mobile app. This will effectively help stop phishing attacks, as hackers will no longer be able to access your mailbox using just one password. They will also need to have access to your mobile app.

Why a mobile phone? The use of a mobile phone as the second step in the two-factor authentication ensures, that the second step happens on a device you presumably have with you all the time. The use of a mobile phone can be done in several ways. We recommend as written that you install an app if you have a smartphone, but the approval process can also happen by an SMS message or a phone call. If you choose to use the option with the SMS message, you will receive an SMS message with a code to be entered. It is not a requirement that the mobile phone is issued by Aarhus University.

The use of the app is not dependent on you using your mobile phone to access AU e-mail or among other things. The app is generic and can also be used in combination with several other services e.g. Facebook.

We recommend that you use the mobile phone that you are most likely to have on you.  

Connect to the VPN service and have your smartphone ready:

Enter your username, eg. au123456@uni.au.dk (for consultants: ext-xxx@uni.au.dk ) and password:

On your mobile you will see a drop-down menu on which you can select ‘Approve’ or ‘Deny’. Select ‘Approve’.

If you do not manage to press ‘Approve’ on the drop-down menu you can always open the Microsoft Authenticator app and press ‘Approve’ there. When you’ve pressed ‘Approve’ on the app you will be logged in.

Remember that you must enter your username in the format au[auid]@uni.au.dk, e.g. au12345@uni.au.dk.

If you are out of range you cannot carry out two-factor authentication in the app. If you see a dialog like the one below you can temporarily change your authentication method by clicking "Sign in another way". If you are trying to log on to a system that does not give you the option of temporarily change method, you will need to change your standard method as described here.

Click on ‘Use a verification code from my mobile app’.

Enter the code and press ‘Verify’.

You will find your six-digit verification code by opening the ‘Microsoft Authenticator’ app on your mobile.

If you don’t have a mobile (you may use your private phone if you wish to) you can instead choose to use a hardware token. You may only order a hardware token if you absolutely need one, e.g. if you don't have access to a mobile phone. 

See more about hardware tokens here.

How to setup two-factor authentication if you have a landline

When you receive the email stating that you can set up two-factor authentication you must go to https://portal.office.com to do so.

If asked to enter your username you must always use the format au[auid]@uni.au.dk, e.g. au12345@uni.au.dk. If you’re at your work computer at AU you will not necessarily be asked to enter either your username or your password.  

If you see the following dialogue box in Outlook you can instead start setup of two-factor authentication here by clicking on ‘OK’.

When you log in to https://portal.office.com, you will see the following message. Click on ‘Next’ to continue with setup.

Select ‘Phone number (approval)’. Select ‘Denmark (+ 45)’ as country code and enter your landline number. Select ‘Call me’ under Method, and conclude with ‘Next’.

A robot will now call your landline and ask you to press # to confirm that it is you who are attempting to log in.

Click on ‘Finished’.