At EUR we work with sensitive and valuable information. It is important that we protect that information and carefully check who you are when logging in to the EUR systems. That is why we use Multi Factor Authentication (MFA): logging in with an extra security step via confirmation through an app on your mobile phone.
How do you set up MFA?
Have your mobile phone at hand, click the button below and follow the steps.
Phone lost or broken?
Have you lost your mobile phone, has it been stolen or does it no longer work and can you no longer log in?
Are you an EUR employee?
Contact the IT Service Desk on telephone number 010 – 408 88 80 or by visiting the desk on the ground floor of the Sanders building (LB-029). They can help you set up MFA on another phone. They will then ask you to identify yourself with a driver's license, passport or ID card.
How does MFA work?
You install an authenticator app on your telephone. EUR recommends Microsoft Authenticator. After entering your ERNA-id and password when logging into Microsoft 365, you will be prompted to confirm the login via the authenticator app on your phone.
What does this mean for EUR students?
- MFA is required for all Microsoft 365 applications, including Outlook (email), Teams, OneDrive, SharePoint, Word, Excel and PowerPoint.
- You do NOT have to log in with MFA for other applications, such as ANS, Canvas or Osiris.
- You do NOT have to log in with MFA if you are at the locations Woudestein, Erasmus MC, EUC or ISS and your computer is connected to the EUR network or Erasmus MC network via cable or Eduroam (wifi). You are not allowed to take a telephone with you in exam rooms such as the Exam Center, so you do not have to log in with MFA at those locations.
What does this mean for EUR employees?
- MFA is required for almost all EUR applications.
- You do NOT have to log in with MFA when you are at the locations Woudestein, EUC or ISS and your computer is connected to the EUR network via cable or Eduroam (wifi).
More information
Do you have any questions? View the frequently asked questions below. Is your question not listed? Please contact the IT Service Desk on telephone number 010 – 408 88 80, by email at it.servicedesk@eur.nl or by visiting the desk on the ground floor of the Sanders building (LB-029).
Have you lost your mobile phone, has it been stolen or is it no longer working and can you no longer log in with MFA? Students can reset MFA themselves and do not need the IT Service Desk. Use the button at the top of this page or go to https://mytap.eur.nl/. Employees need to contact the IT Service Desk for a reset.
Go to portal https://mysignins.microsoft.com/security-info. You can set up another phone, authenticator app or hardware token here.
From 2 September 2024, students will be required to use MFA for all Microsoft 365 applications.
To do this, you first need your current phone. Go to the Microsoft portal https://mysignins.microsoft.com/security-info in the internet browser on your computer and log in with your ERNA ID and the MFA message on your current phone.
Add your new phone as a method in the Microsoft portal. You also need to install the Microsoft Authenticator app on your new phone.
If your new phone is registered, so confirmed with a notification on your new phone, then you can do two things:
- You still use the current / old phone as a spare MFA method in case your new phone is broken or lost.
- You get rid of the old phone. Then remove that phone from the Microsoft portal and remove your account from the Authenticator.
In that case, you can purchase a USB hardware key, such as the Yubikey 5NFC. The USB hardware key works in combination with software that you install on your computer. Activate the USB hardware key using the manual below.
Please note: a USB hardware key works well with Microsoft 365 and many of the other EUR applications, but not on all applications.
You do not need to log in with MFA for exam applications. If you need to open an Excel or Word file during an exam, make sure you have Microsoft 365 (Word and Excel) installed on your laptop and have used it once, before you start your ProctorExam. This will prevent you from needing your phone to log into Microsoft 365 with MFA during the exam. For more information, visit the Examinations page on eur.nl.
EUR can see the brand and type of phone on which you have installed the Microsoft Authenticator app. EUR does not use this data.
When you install the app in the App Store or Google Play Store, you can see what data the app shares with Microsoft via your phone. See also Microsoft's privacy policy: https://privacy.microsoft.com/en-US/privacystatement
EUR advises you not to give Microsoft permission to collect usage data to improve the app. This approval is enabled by default. Go to your Microsoft Authenticator app, go to Settings, and turn off the Usage Data slider.
We recommend that you use the Microsoft Authenticator app. There are also many alternative authenticator apps, for example Google Authenticator, Duo Mobile or FreeOTP Authenticator. If you want to use an alternative authenticator app, when setting up MFA, in the step "Download the app first", click the option "I want to use a different authentication app".
You need an internet connection to use MFA with push notifications. Without an internet connection you can log in to Microsoft 365 by using codes. In the pop-up, after entering your username and password, select ‘Sign in another way’ and then select ‘Use a verification code from my mobile app’. Then open the authenticator app and click on your ERNA account and enter the displayed code on your computer.
If you are not logging in with your EUR account yourself, this is suspicious. Are you sure it's a notification from your EUR account (the account name is in the notification)? Then there is a chance that someone else has your data and tries to use it.
Do you receive a request for approval on your smartphone that you don’t trust? Then click on ‘Deny’. After that, you can choose ‘Fraud Alert’.
When you click on ‘Fraud Alert’, a notification is automatically sent to the Computer Emergency Response Team (CERT) and the IT Service Desk.
What should I do next?
- Change your password as soon as possible to prevent further misuse of your account. Your ERNA account will not be blocked by the Fraud Alert, so it is still possible to log in to services that are not yet equipped with MFA.
- After that, contact the IT Service Desk.
Not often for Microsoft 365 applications. Microsoft 'remembers' your registration with MFA for 90 days. If you use the application again within those 90 days, that period will start again. So the 90 days move forward, so to speak.
It works the same way in your browser. If you check the 'Keep me signed in' option when logging in and do not log out manually, the 90-day period will move forward and you will not be asked to log in with MFA again. This is stored in your browser with a cookie. If you delete your cookies in your browser, you will have to log in again with the Microsoft Authenticator the next time you use Microsoft 365.
If you change your ERNA-id password, the remembered authentication will also expire and you will be asked for MFA confirmation again.