| Microsoft Authenticator app |
The Microsoft Authenticator App is one version of an Authenticator App that can be used for multi-factor authentication. |
Default choice for an authenticator app when setting up MFA at Oxford University
Once set up, can be used without mobile data or Wi-Fi access if you use a one-time passcode
|
Requires a smart phone
|
| Alternative authenticator app |
It is not a mandatory requirement for the Microsoft Authenticator App to be used and alternative authenticator apps, such as Google Authenticator or Duo can be used for multi-factor authentication |
If you already are using a different authenticator app, then you don’t have to install a new app
|
Requires a smart phone
|
| Text message on a mobile phone |
A mobile device that is capable of receiving text messages can be used for multi-factor authentication. |
Any mobile phone that can receive text messages can be used, it does not have to be a smart phone
|
Requires mobile phone connectivity
|
| Authy authenticator app |
Authy is a free application which provides a secure way to protect your online accounts. There is no requirement for an administrative password to authorise the installation on a computer. |
Authy can be used on both a mobile device and a desktop computer or laptop
Authy allows you to sync between your mobile and computer, if you have it set up on both, and allows online backup for recovery
|
Can be a long process to set up initially
Requires a phone number for the initial setup
|
| Automated call on a phone |
A phone that is capable of receiving phone calls can be used for multi-factor authentication. |
Any phone can be used, either mobile or landline
|
Requires mobile connectivity if using a mobile phone
In situations where a phone number is shared between multiple phones, the recorded phone message doesn’t indicate who is trying to login
|
|
App password
|
App Passwords are required where you use apps or older devices that are incompatible with multi-factor authentication methods. An app password is a special password that you generate via your My Sign Ins which proves to the system that you have multi-factor authentication set-up. When accessing an older application, such as Outlook 2013, you need to use an app password in place of your Single Sign-On password.
|
If you are using devices or apps that are incompatible with MFA, then this is the only way to access your account once MFA has been deployed
|
The ability to create App Passwords is not enabled by default, so you must request that App Password to be enabled via the Service Desk, using IT Self-Service
|
| Hardware token (Security key) |
A hardware token or security key is a dedicated physical device that you plug into your computer or laptop that is used to authenticate your account. |
Once set up, does not require any other devices or mobile data or internet connection |
A hardware token must be purchased before it can be used to authenticate your account
You need to set up another authentication method before you can set up a Hardware token, so you will need a phone at initial set up
|
