Entra multi-factor authentication (MFA)

Updated on

Audience: Faculty, staff, students


The university recommends using the Microsoft Authenticator app to authenticate. This option is the most secure and works over Wi-Fi and mobile networks. If you don’t want to use the Microsoft Authenticator app, you can set your authentication method to a phone call or passcode via text message (SMS). Follow the Add a backup authentication method instructions to add a phone number as your authentication method.

Entra MFA authentication methods:

  • Authenticator app/mobile app (notification/code) - RECOMMENDED
  • Phone (text/call)
  • Alternate phone (call)
  • Office phone (call)

You must be enrolled in at least one of the above methods. However, we highly recommend that you enrol in multiple methods to have backup/alternative options if needed. For example, even if your mobile device is enrolled, you can enrol a phone to use as a second factor. This will help you sign in if the Authenticator app is unavailable.

You will need a computer and a mobile (or alternate) device to set up Entra MFA.

1. (On your phone) Download and install Authenticator

On your mobile device, download and install the latest version of the Microsoft Authenticator app based on your operating system.

2. (On your computer) Add Microsoft Authenticator as a sign-in method

  1. Go to and select Security info.  
Screenshot of My Account left menu with Security info highlightd.
  1. On your Security info page, select Add sign-in method.
Screenshot of Security Info page with an arrow pointing to the Add sign-in method option.
  1. Choose Authenticator app from the drop-down menu and select Add. The Start by getting the app screen opens.
Screenshot of the "Add a method" window with Authenticator app highlighted.
  1. On the Start by getting the app screen on your computer, select Next. The Set up your account screen opens.
Screenshot of the "Start by getting the app" screen.

If the setup window times out, sign in again and repeat steps b and c to restart the process.

3. (On your phone) Add your UM account to the Authenticator app

  1. Open the Authenticator app on your mobile device and accept the privacy policy. Allow notifications if prompted. 
  2. Select Add account, then choose Work or school account.
Screenshot of the "Add account" screen in the mobile app with the Woth or school account option highlighted.
  1. In the Add work or school account dialogue box, select Scan QR code
Screenshot of the "Add work or school account" options with "Scan QR code" highlighted.

4. (On your computer) Go to the "Scan the QR code" screen

On the Set up your account screen, select Next.  A QR (Quick Response) code is displayed.

Screenshot of the "Set up your account" window. An arrow points to a screenshot of the "Scan the QR code" screen.

5. (On your phone) Scan the QR code

Use your mobile device to scan the QR code. Your University of Manitoba account will be added to the app.  

The option to scan the QR code is located in the Verified IDs section of the app.

If you cannot scan the QR code, choose "Can’t scan image?" under the QR code on your computer and follow the instructions.

6. (On your computer) Go to the "Let's try it out" screen

On the Scan the QR code screen, select Next. The Let's try it out screen will give you a two-digit number to enter in your Authenticator app and a notification will be sent to your phone.

Screenshot of the "Scan the QR code" window with the "Next" button highlighted. An arrow points to a screenshot of the "Let's try it out" screen.

7. (On your phone) Test your second-factor verification

  1. Select the notification to open the Authenticator app.
  2. In the Authenticator app, enter the two-digit number shown on your computer screen and select Yes to approve the notification.
Screenshot of the "Are you trying to sign in" screen on the mobile app.

8. (On your computer) Notification approved

  1. If successful, a Notification approved message appears on your computer. Select Next.
Screenshot of the "Notification approved" window.
  1. Microsoft Authenticator is now added as a sign-in method on your Security Info page. Your Default sign-in method should be "Microsoft Authenticator - notification."
Screenshot of the "Security info" window with Microsoft Authenticator listed as a sign-in method.

9. Set Microsoft Authenticator as your default sign-in method

Follow the instructions below only if Microsoft Authenticator - notification is not listed as the "Default sign-in method" on your Security Info page.

  1. On your Security info page, next to Default sign-in method: select Change.
  2. Choose App based authentication – notification from the drop-down menu and select Confirm. Your default method is updated, and Microsoft Authenticator – notification is set as the default sign-in method.

10. Add a backup authentication method 

Set a backup authentication method if you forget or lose your mobile device.

  1. Navigate to and select Security info
  2. Select Add a method
  3. From the drop-down menu, select Phone (or Alternate phone or Office phone). 
  4. Enter a phone number. 
  5. Choose Text a code or Call me and select Next. Microsoft will send a verification code to the phone number you added. 
  6.  Enter the verification code on your screen and select Next.
  7. Select Done

For the Alternate phone and Office phone methods, the only option is  Call me.


Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Previous Article Create a new VPN connection for Entra MFA (Pilot)
Still Need Help? Contact us