This page gives advice and guidance for managing MFA when you have MFA on both your primary Oxford Single Sign-On (SSO) account and a secondary account, where you are the only person who accesses it.
Using an Authenticator app
When setting up MFA on your secondary account, you can use the same authentication app which you used when setting up MFA on your primary account, such as Microsoft Authenticator, Google Authenticator or Authy.
- The account names in MS Authenticator will allow you to identify which account is which. In this example "firstname.lastname@example.org" is the secondary account:
- When logging into a secondary account, if you have set-up MicroSoft Authenticator then you will be prompted to approve the "push" notification, in the same way as you would for your primary SSO:
- When using Authy, name your primary and secondary accounts so you can identify which one is which when an authentication code is required:
Note: if you are using an authenticator app and you receive a notification to Approve or Deny a login request which you don't recognise and you think isn’t you, do not approve.
Logging in to a secondary account
- If you are logged into your personal Oxford SSO account using the Chrome browser, you can login to your secondary account at the same time in Chrome using an incognito window. Right-click the Chrome icon and select New incognito window:
- Alternatively, you can login to another browser and go to My Sign-Ins
Using a different verification method for Secondary accounts
You could choose a different method of verification for your secondary account than the one you use for your primary account. For example, you could use the authenticator app for your primary account and text message verification for your secondary account. This would mean that when you receive a text message, you know that it will only work with your secondary account.