Multifactor Authentication (Years 10-12)

Because malicious users are increasingly targeting schools and educators, St. Leonard’s College has chosen to implement Multifactor Authentication (MFA) for Senior School students. MFA provides an additional layer of security to protect your account. In the event that your username and password are somehow stolen, your account will still be secure as long as you’ve kept your MFA device safe. After MFA is turned on, when you sign into your St. Leonard’s College Microsoft 365 account, you will be prompted to approve the login on your mobile device.

Important: If you have not attempted to login and you get a request to approve a login – Deny the login, change your password and contact IT as soon as possible!

How to Turn On MFA

  1. Open a web browser (Chrome is the recommended browser) and go to: https://mysignins.microsoft.com/security-info
  2. Log in with your St Leonard’s College email and password:
  3. You will be greeted by the following screen:
    Microsoft MFA Set-up

    There are two methods of authentication available:
    • Authenticator app – you install an application on your mobile device and use that to approve/deny login requests
    • Phone – you get an SMS sent to your mobile phone that needs to be entered to authenticate login requests

  4. Click on the + Add sign-in method link to get started and you will get the following window where you can choose your preference:
    Choose MFA Method

Setting up the SMS Authentication using your phone

Follow these instructions to receive a randomly generated code via SMS to use to authenticate yourself when signing in to your account.

If you would rather use the Microsoft Authenticator app, skip to the next section.

  1. At the Add a method window, click on the drop down menu, select Phone and click Add
    MIcrosoft MFA SMS Setup
  2. Select the country code for Australia (+61), enter your mobile number then click Next
    Enter your Mobile Details
  3. Enter the six digit code sent to your mobile number and click Next to complete the authentication set-up:
    Verify your mobile number
  4. Click on Done
    Set up Complete

You should now be back at the Security info page but now you should see the Phone listed as a sign-in method with your mobile number.

Setting up the Microsoft Authenticator app

Follow these instructions to use the Microsoft “Authenticator” app as your preferred authentication method.

  1. At the Add a method window, click on the drop down menu, select Authenticator app and click Add
    MFA Authentication App Method
  2. Follow the prompts to download the Authenticator app on your mobile device.
    MFA Authenticator Step 1
    The Authenticator app is available for mobile phones or tablets. iPads and iPhones can get the app from the Apple Store and Android devices get it from the Google Play store. Click on the Download now link on the screen for more information.
  3. Once you have downloaded the Microsoft Authenticator app you need to launch the application and add a new account and choose “Work or School” account. You should be asked to Scan a QR code or Sign in. Click on the Scan a QR code option on your mobile device and then click Next on this window:
    MFA Authenticator Step 2
  4. A QR code will appear:
    MFA Set Up QR Code
    Scan this code with your mobile device and you should receive a message in your Authenticator app saying Account added successfully.
  5. Click Next
    You should get a message to test your new authentication method that looks like this on the screen:
    MFA Set Up Test
    And at the same time a notification should appear on the Authenticator app asking you to DENY or APPROVE the login request.
  6. Tap APPROVE in your Authenticator app and the following screen should appear in your web browser:
    MFA Set up Complete
  7. Click Next

You should now be back at the Security info page but now you should see the Microsoft Authenticator as a sign-in method. 

Approving MFA requests

Once MFA has been turned on you will need to provide additional authentication when logging in to your account when you are not connected to the school network. This means that even if someone knows your username and password, they will not be able to sign in without you being asked to approve it.

Note: If you receive a sign in request you are not expecting, please Deny it, change your password and immediately report to the IT Department: ishelpdesk@stleonards.vic.edu.au

If you chose SMS as your preferred method, when signing in to your account you will be sent a text message with a 6 digit code that you will need to enter after putting in your password.

If you chose Microsoft Authenticator you will get a notification on your mobile device that someone is trying to login to your account – if it is you – tap APPROVE and you will be logged in.

Frequently Asked Questions

What is Multifactor Authentication?

Multifactor Authentication (MFA) is an additional security feature designed to protect your account from malicious people or organisations. Traditional security protects your account by relying on something you know : username and password. MFA adds an extra factor of verification, by asking you to verify access to something you have, in this case access to your smartphone or tablet.

How does it work?

When you next log into your Microsoft 365 account, you will be asked to register for MFA. Instructions will be provided to assist you with this process. You will install a Microsoft Authenticator app on your phone. Whenever you log in outside of campus, you will be asked to provide your username and password, as well as approve the login request from your phone.

Why am I being asked to use MFA?

School credentials are being targeted more often so, at this point, we are recommending you enable MFA on your school account. In the future this may change and you may be required to use MFA to access your account.

You should enable MFA for all accounts that provide the option – especially social media accounts, personal email accounts and banking accounts.

What equipment do I need for MFA?

You will need:

  • A smart phone or table (e.g. iPhone, iPad, Android phone/tablet) capable of installing the latest supported version of the Microsoft Authenticator App OR a mobile phone if you prefer to use SMS authentication
  • Your St. Leonard’s College username and password
  • If you read your emails from your smartphone, you may need to install the Microsoft Outlook client app on your phone. Some older versions of other mail clients do not work with MFA.

What do I do if I don’t have a smartphone or tablet?

You will still be able to access your St. Leonard’s Microsoft 365 account, including email, while on campus. If you require access from offsite AND you do not have an iPad or smartphone, please speak to IT.

How often will I receive MFA prompts?

You will not receive MFA prompts when connected to the campus network. When you are off campus, you will be prompted at least once from each device you log into.

For devices you regularly use (such as your smartphone, or your work laptop) you can choose to approve the MFA request once, and then not receive additional requests for this device for 60 days.