KTH has started implementing multifactor authentication (MFA) for all KTH accounts. This means you will log in using your username, password, and an approval via a mobile app. The rollout is gradual, and you will receive information when it’s time for your department. Here you’ll find instructions on how to prepare and manage MFA for your KTH account.
Digital support sessions are offered 6, 8, 10 and 13 October 13:00-13:30 through
Zoom
.
To protect your KTH account, you need to use an app to confirm who you are when you log in to KTH services. You do this via multifactor authentication (MFA). This means that you log in in two steps: using your username and password, and with approval via an app on your phone.
Activate MFA
You only need to activate MFA once per device. After activation, you can easily log in with your password and verification via your mobile phone.
When configuring MFA, you need access to a computer and mobile phone at the same time.
Click on the headers below and follow the instructions step-by-step.
Use your mobile phone when performing the following step.
Download and install the Microsoft Authenticator app.
Search for "Microsoft Authenticator" in the App Store or Google Play on your mobile phone.
You can scan the QR code below or tap the direct links on your mobile device to access the correct app for download.
When you open the app, you may be asked about Microsoft's privacy policy. Select Agree.
The app may then ask about app data usage. Select Continue.
Grant the app access to notifications, camera, and location when prompted.
Use a computer when performing the following step.
Right-click on the link
aka.ms/mfasetup
and choose to open the link in a private window or incognito mode.
Enter your username followed by @ug.kth.se in the login box (example: testjp@ug.kth.se)
You will then be redirected to KTH's login service. Enter the password for your KTH account.
You can now proceed to the next step to add a login method.
In this step, you need both your computer and your mobile phone.
On your computer: Once you have logged in via your computer's browser, click Add sign-in method.
On your computer: Click on Microsoft Authenticator.
On your computer: Microsoft Authenticator will now prompt you to install the app on your mobile phone, which you did in step 1 of this guide.
On your mobile phone: Go to the Microsoft Authenticator app. If it's your first time using the app, choose to Scan a QR code. If you already have accounts added in the app, click on the QR code symbol down to the right of the app.
On your computer: Click Next in the box.
On your mobile phone and computer: Scan the QR code that appears on your computer using your mobile phone.
On your computer: After you have scanned the QR code, click Next in the box.
On your computer and mobile phone: Now the configuration will want to test the authentication. A number will appear in the browser on your computer and a push notification will be sent to your mobile phone to approve the login.
On your mobile phone: Enter the same number that appears in the browser on your computer and approve the authentication.
On your computer: After you have approved authentication, a message will appear stating that the notification has been approved. Click Next to complete the configuration.
Activation is complete! You can now start using MFA when you log in with your KTH account.
If you change your mobile phone
Do you have a new mobile phone? If you have MFA enabled on another mobile phone before, you need to add MFA to your new phone before erasing or resetting your old phone.
To add MFA to another phone, follow the same guide as above. The difference is that in “Step 2: Log in with your KTH account” you need to approve the login using the mobile phone you have MFA enabled on.
If you have erased/reset or lost your old phone without first activating MFA on your new phone, you need to
Contact KTH IT-Support
.
FAQ about MFA
Multifactor authentication, MFA is currently the single most important security measure to ensure that the right person is logging in with their KTH account. In this way, we reduce the risk of identity theft, strangers logging in with the account and abusing it. It is about protecting KTH's IT systems from various forms of attacks or intrusions by preventing, detecting and managing threats that target networks, devices, programs and data.
An iPhone 11 or later model with iOS 16 or later installed
An Android phone with Android OS 8 or later installed.
Information about model and version can be found under settings in the mobile phone.
Yes, you can have MFA configured on multiple devices at the same time.
In addition to username and password, you need to use MFA for the central login service. It is used for example for kth.se, Canvas or Zoom.
You need to sign in with MFA per browser and device. If you close the browser window or are inactive for more than 12 hours, you will need to authenticate again with MFA the next time you sign in.
