Cookies on this website

We use cookies to ensure that we give you the best experience on our website. If you click 'Accept all cookies' we'll assume that you are happy to receive all cookies and you won't see this message again. If you click 'Reject all non-essential cookies' only necessary cookies providing core functionality such as security, network management, and accessibility will be enabled. Click 'Find out more' for information on how to change your cookie settings.

What is Multi-Factor Authentication?

Multi-Factor Authentication (MFA) is an authentication method that requires the user to provide different verification methods to gain access to a particular system or account.

MFA is being rolled out to all Nexus accounts. This means you will need additional methods of authentication to log into systems using it (such as your email) by confirming your access on a different device, such as your mobile phone. 

Setting up MFA

You'll be emailed by IT letting you know when MFA will become compulsory, and telling you what you need to do.

However, you can set up your MFA sign in methods in advance (e.g. Microsoft Authenticator app, phone number(s), Yubico key) on your Single Sign-On account.

You can also download the Microsoft Authenticator app

Helpful links 

Common problems and how to fix them 

Email client not working after MFA migration

If there is an issue with your mail client not working, please test you can log into the webmail client.

If you can, it is an application issue local to your computer.

If not, it is an account issue.

If it is just an incorrect/forgotten passphrase/password, that can be reset from the WebAuth page.

Application Issue

If an application issue, the usual fix is to remove the account from your mail client/device and then re-add it back in.

Please make sure your email client and OS are both up to date and latest versions (e.g. Outlook 2013 will not work).

Getting a MESSAGE: YOUR ACCOUNT DOES NOT EXIST 

If when adding your account to an email account and it gives a "your account does not exist" type of error message, confirm if it is asking for your email address or SSO. Some clients ask for email address first and then ask for your SSO, and some will insert the email address in a field when it should use your SSO after you have put in your email address. More client specific details are available from the University pages on setting up mail clients.

e.g. kenn1234@OX.AC.UK or example.name@kennedy.ox.ac.uk

Adding and Removing Email Accounts

How to remove Outlook account

University advice on setting up mail clients

On this page