Multi-Factor Authentication

Home > Staff > Multi-Factor Authentication

Multi-factor authentication (MFA) is an added security measure that prevents unauthorised users accessing accounts. It requires you to verify your login using an additional "factor" on top of your username and password. In the case of your WCCS account, the additional factor will be your mobile phone.

WCCS requires MFA whenever you access your school account from an untrusted location or an untrusted device. The internet connection at school is considered trusted, as are school owned staff laptops, so sign-ins from these will not require MFA.

The following describes how to setup MFA on your WCCS account.

After MFA becomes required on your account, you will see this message the first time you attempt to log in to a WCCS service (e.g. Outlook Online, MS Teams) from an untrusted device or location (e.g. personal mobile, personal pc, home internet connection). Alternatively, to manually start the process, you can click on the link https://aka.ms/mfasetup. Either way, you should see a screen as shown to the right, click "Next".

2. Fill in the required information. Under 'How should we contact you?' you can choose:

Authentication phone (recommended) which allows you to receive a login code via text message or phone call to your mobile
Mobile phone app

Authentication phone is recommended as its generally the most convenient option. Please note, entering your mobile phone number here will not make it available to other WCCS staff. It is only used by Microsoft's automated authentication processes.

If you are happy with this option, enter your mobile number in the appropriate box. NOTE: with the +61 prefix selected, you do not need to enter the leading 0 of your number (e.g. for 0412 345 678, you would enter 412 345 678). In the 'Method' section, it is recommended you select 'Send me a code by text message'.

Mobile phone app will require an application to be installed on your phone. You will need to verify future logins using this app. This option is helpful if you frequently have poor mobile signal, as it will always work, even when there is no phone reception.

Lastly, press 'Next'.

3. You will need to verify your selected contact method.

If you selected authentication phone and 'send me a code by text message' you will receive a text with a code to enter. You should receive the text message within 1 minute of pressing the 'Next' button in the previous step.

4. After receiving the code, press 'Verify' and then enter the code.

5. Press 'Done'. Set up of MFA is now complete. From now on, you will required to enter an MFA code whenever accessing your school account from an untrusted location.

An example of how this might look is shown below.

Signing in using multi factor authentication

When attempting to sign in webmail from a browser, enter your WCCS account password as normal.

After entering your password correctly and selecting 'Text' or 'Call', Microsoft Authentication services will recognise someone is attempting to log in to your account. At this point a code will be sent to your chosen method to verify it is actually you attempting to sign in.

If you receive a code at any time other than when you are attempting to login, please contact the IT department immediately and request a password change.

Enter the code and press 'Verify'.

Choose whether you wish to remain signed in to this account on this device. If this is a device you only plan to use as a one off, it is recommended you press 'No'.

You should now be signed in to your account.

Page updated

Report abuse