You are here

Multi-Factor Authentication: New requirement for MS Society email accounts

Every day, people fall prey to malicious emails and hacking scams. Data theft and online crime in the UK has increased by 47% since the beginning of the pandemic. Cyber-criminals are becoming more sophisticated and a password alone is no longer enough to keep information safe.

We therefore need to take action now to protect against personal information being stolen from our systems. Multi-Factor Authentication (MFA) adds a second layer of security to online accounts because it relies on two forms of authentication:

  • Something you know (your password)

  • Something you have (your mobile or landline phone)

Most people now use MFA in many aspects of their online transactions; online banking and credit card services all use MFA.

We’re now making MFA a requirement for all volunteers who access MS Society email accounts and any other MS Society Office 365 services.

How does MFA work?

Firstly, you follow the instructions below to register your phone for MFA. Once that’s done, every time you log in to MS Society Office 365 services (such as your MS Society email) from a different device, there will be an additional step to the process.

Once you’ve entered your usual username and password, you can choose whether a short numerical code will be sent to your mobile phone or to receive a call to your mobile or landline phone.

If you receive a text, you’ll be asked to enter this code on whichever device you’re using to log in. If you choose to receive a phone call, you will need to answer this and follow the instructions on the automated message. Both of these provide an extra layer of security.

Even if hackers have your password, the odds are that they don't also have access to your phone!

MFA will be compulsory for all volunteer Office 365 accounts from 1 March. But please register as soon as you can, to keep our data protected.

Follow the simple instructions here to register your phone for MFA. You just need to have your phone number to hand, and the device you use to access MS Society Office 365/MS Society email.

If you have any questions, or need some help, you can contact the Volunteer Support Team on 0300 500 8084 (#3) or [email protected](link sends e-mail)

FAQs about MFA:

Q. Do I need a smartphone to use MFA?

No. You can use any phone which receives calls or standard SMS text messages.

Q. How long does it take to register a phone for MFA?

It should take no longer than 5-10 minutes. If you’re using a mobile phone, ensure it has reception and is working properly

Q. If I use my personal phone, will the MS Society be able to view data or files stored on it?

No. Your personal phone number will be used only to send you text messages containing a verification code, or to send an automated call, to use when you log on to your Office 365/MS Society email account. The MS Society won’t be able to see any information stored outside your MS Society accounts.

Q. What will happen if I don’t register for MFA?

Because this change is so important to protecting information, we need you to register for MFA before 1 March. From 1 March onwards, you won’t be able to log into your MS Society email account or any other systems accessed via Office 365 without registering for MFA. This may result in your not being able to continue in your current volunteering role.

Q. Once I’ve set up MFA, what happens when I log in to my account?

Once MFA has been activated, you’ll sign in to Office 365 as usual, with your username (MS Society email address) and password.

But, as an extra layer of security, you’ll then receive a six-digit verification code to the mobile phone you registered or an automated call if you’ve chosen this option. For codes received by text, you’ll enter this code in the box provided, to complete your log-in and access your MS Society email. For calls, the system will recognise if the registered phone has answered the call and followed the instructions.

Q. What if I don’t receive a verification code on my mobile phone?

This is typically related to your mobile phone settings. Here are some actions you can try:

- Restart your mobile phone -  When you restart your device, all background processes and services are ended and then refreshed.

- Make sure that your security information is correct -  Make sure your phone number you enter when registering for MFA is accurate. If you put in the wrong phone number, all your alerts will go to that incorrect number. Fortunately, the person who has that number won't be able to do anything with the alerts, but it won't help you sign in to your account.  

- Make sure that your notifications are turned on - Make sure your mobile phone has text message notifications turned on. And ensure this creates an alert that is visible on your device. 

- Make sure you have a device signal and Internet connection- Check that phone calls and text messages are getting through to your mobile phone by asking someone else to call and text you. If your mobile phone is turned on, but you're still not receiving anything, there may be a problem with your network.  

- Turn off ‘Do not disturb’ or ‘Airplane mode’- Make sure you haven't turned on the Do not disturb feature or Airplane mode for your mobile phone. When these are turned on, notifications aren't allowed to alert you on your mobile phone. Refer to your mobile phone's manual for instructions about how to turn these features off. 

- Check your battery-related settings- If you set your battery optimisation to stop apps you don’t use very much from remaining active in the background, your notification system may be affected. Try turning off battery optimisation for your messaging app. Then try again to sign in to your account.