Two Step Sign-In - Frequently Asked Questions

Please see below our list of frequently asked questions in relation to Two Step Sign-In

Setting up Two Step Sign-In

How to set up Two Step Sign-In for your account

Please see the setting up section.

Using Two Step Sign-In

When will I need to use Two Step Sign-In?

Please see the start of the main Two Step Sign-In page for a list of services that use Two Step Sign-In.

What do I need to use Two Step Sign-In

You will need to have your mobile phone close by and powered on.

Verifying via phone

If verifying via phone, you will receive a text message with a code or else a phone call.

If you are outside Ireland, we recommend you have data roaming switched on.

Verifying via Microsoft Authenticator app

If verifying via the Microsoft Authenticator app, you will need to have the app installed on your phone.

What will I expect to see when using Two Step Sign-In?

Please see what will I see when using Two Step Sign-In.

Why do I have to provide a phone number?

You will need to receive a text to your mobile to verify your identity. There is no extra cost for receiving SMS messages, even if you are travelling within EU member states. As from June 2017 you will ‘roam like at home’ and pay the same prices for calls and texts as you would at home.

Where is my phone number held?

When you add your phone number during Two Step Sign-In registration, it is held on a secure server in Microsoft. The server is within the EU as part of our Enterprise Agreement and is GDPR compliant so your information is protected. Your number is only held for the purposes of sending you validation codes and will not be used for any other purpose. It is not visible to any other users or applications in the service.

What if I change my phone number?

Please see change the verified phone number section.

Can I add a second number?

Please see add an alternative sign-in method.

I am getting verification codes sent to me, but I am not trying to sign-in!

Don't panic, the good thing about two step sign-in is that no one can access your account unless they have the verification code.

Work through this quick checklist to see where the request might be coming from:

If you are on Trinity campus, make sure that your devices are connected to the wired network or TCDwireless WiFi network.
If you are off campus:
- On your laptop check that your VPN is on and connected
- If you don’t have VPN on your laptop
  - Check that you don't have a browser window open that is connected to office.tcd.ie / mail.tcd.ie
  - Check that you don’t have Teams or Outlook open as they could be requesting a connection in the background.
- On your smartphone/tablet:
  - Check that Outlook or Microsoft 365 apps are not running in the background.
  - Check that you don't have a browser window open that is connected to office.tcd.ie / mail.tcd.ie

Once you know that none of your devices or apps are trying to connect without your knowledge, report this to Service Desk (itservicedesk@tcd.ie) but be assured that without the verification code, another party cannot access your account.

Will the verification texts always come from the same number?

Sometimes the sender ID of the verification text message may be different, if you are worried about whether to trust a verification message, note that they are only sent in response to a login attempt. So if you are not logging in to email or Microsoft 365 outside Trinity networks and you receive a verification text, your account may have been compromised and you should change your password and report this to Service Desk (itservicedesk@tcd.ie).

Here are some examples.

How do I use the option 'Don't ask again for 30 days'?

Please see using the 'Don't ask again for 30 days' option section.

I travel a lot and don't always have access to 3G/4G networks to receive texts, any advice?

In situations where you may not be able to receive text messages but you have access to Wi-Fi, setting up the Microsoft Authenticator app as an alternative sign-in method is a good option.

Please see Changing/adding sign-in methods.