Basics

Handle your Azure MFA token with care

• Most Azure MFA methods use your phone. Your phone is private, do not share it with others.
• Never leave your phone unattended; keep your phone separated from your computer

Register

• Please visit the Registration Portal and start a new token registration.
• Choose Azure MFA and register your Azure MFA token for future logins.
• Follow the instructions in the Registration Portal.
• Done registering your token? Then you still have to activate your token. Depending on your situation or the requirements of your institution, you must choose an activation method, or you will immediately see instructions for the method that is right for you:
  • Activate yourself; you do this by choosing a recovery method (SMS or recovery code).
  • Activate at a service desk. Do this within 14 days, because your activation code expires after 14 days
  • Activate with an existing token.
• Having trouble? Please read our manual.

Log in

When accessing a service that uses SURFsecureID,

• Depending on your chosen Azure MFA method, you will receive an SMS, phone call or push message to log in.
• In the case of an SMS or a phone call, you have to retype a code.
• It could be that you were already logged in with Azure MFA. In such a case, you do not have to log in again with your Azure MFA token and you have direct access to the service.

Replace and remove

• You can replace your Azure MFA token with Microsoft at https://mysignins.microsoft.com/security-info. This has no effect on your registration with SURFsecureID
• To remove the SURFsecureID registration of your Azure MFA token, go to the Registration Portal and remove your token registration. This has no effect on your registration with Microsoft.
• If necessary, you can register a new token.