This page is about two-factor authentication for students and employees. Those who have not already adopted two-factor authentication will be told when it is activated and what needs to be done.

NTNU requires two-factor authentication for services related to Microsoft 365 and Blackboard.

Norsk versjon - Tofaktorautentisering

Topic page about IT services | Pages labeled with two-factor

What is two-factor authentication?

Two-factor authentication means that you use two factors (proof) to confirm your identity when logging in. The two factors are usually something you know, ie your password, and and something you have, such as a code chip or a mobile phone. In this context, the second factor is usually an app on your mobile phone.

Why do we require two-factor authentication?

The use of two factors makes it much more difficult for unauthorized persons to access the system in question, even in cases where the username and password are lost. Two-factor authentication is an extra layer of security that can prevent misuse of your user account. Statistics show that two-factor authentication reduces the risk of misuse by 99.9%.

Prepare for two-factor authentication - recommended method

Once you have been informed that two-factor authentication is about to be activated for your user, it is a good idea to make everything ready by the day it is introduced. Then you only need to press Approve in the app when you are asked to log in with two factors.

This step by step guide will help you through the setup process.

We recommend that you do this from your PC. Have your mobile phone ready. You will be automatically guided through the setup.

Alternative method with USB security key

We have an alternative method for you who cannot or will not use a private mobile phone in connection with two-factor authentication.

You can read more about this on this page: Use a security key for two-factor authentication

FAQ - Frequently Asked Questions

What do I do when I get a new phone?

To avoid problems with authentication when changing phones, it is a good idea to install the app on your new phone while you still have the old one in use. You will then be able to authenticate yourself from both devices in the transition.

You can set up the app on a your new phone from this page. Select "Add method" and follow the instructions. From the same page, you can delete the association with apps on devices that are no longer in use.

NOTE: If you have lost or no longer have access to your phone, you can sign in via ID-Porten to set up two-factor authentication on a new phone yourself. If you are unable to use ID-Porten you must ask Orakel Support Services for help setting up two-factor authentication on a new phone.

How often do I have to authenticate?

This may vary depending on the equipment you use and where you are located, but the normal interval is every 20 days.

Can I use multiple authentication methods?

Yes. You can easily add more methods and / or change the default authentication method for your user from this page.

I get asked about two-factor authentication very often

There are several possible reasons for this. Here are some tips:

If you use Google Chrome then you can install this extension - Windows 10 Accounts

There is also an extension to Firefox, but you need administrative access to your compter and technical skills - Windows 10 Accounts Port

If you use private or incognito mode in the browser then you have to log in every single time since it does not remember the login.

If you often log off and on VPN and/or use Tor browser, you will more often be asked to log in.

More information on how two-factor authentication works can be found here

Can I use an app other than Microsoft Authenticator?

We recommend the "Microsoft Authenticator" app with one-touch authentication for Android and iOS. Google Authenticator, Yubico Authenticator and a number of other similar apps also work, but then with six-digit code and not a single tap. NTNU IT can only offer support to those mentioned above.

Do I have to use my mobile phone for two-factor authentication?

Mobile phone with the app "Microsoft Authenticator" is the recommended method, but it is possible to use a security key for two-factor authentication instead of a mobile phone.

Contact

Orakel Support Services can help you if you have questions or encounter difficulties.