This site uses cookies to improve your user experience. By using this site you agree to these cookies being set. To find out more, please read our privacy policy.

Multi-Factor Authentication (MFA)

Multi-Factor Authentication, or MFA, is a security measure that is being introduced across the NHS. If you use digital services outside of work, there is a good chance you already use MFA in your personal life for shopping, banking and social media. 

What is MFA? 

MFA protects you by enhancing your IT security - making it more difficult for someone else to sign into your accounts and access data. 

How does MFA work?

Cyber criminals can access your account if they guess your password correctly or trick you into sharing your details using a phishing email.

To prevent this from happening, MFA adds an additional layer of security to the sign-in process by asking you to prove who you are by providing a second form of identification, in addition to your username and password.  

For your second form of identification, it is recommended that you install an app on your mobile device (work or personal) called Microsoft Authenticator. This will enable you to generate a unique passcode that can be used to verify your identity when signing in.

When will I be asked for MFA?

You will only be asked for MFA if your identity needs to be further verified for security reasons.

An example could be when signing in to your work Microsoft account from a personal computer or personal mobile device, which is not on the NHS network.  

How do I get started?

To help ensure your account and data remain secure, please install the Microsoft Authenticator app and set up MFA on your accounts as soon as possible by following the guidance below. 

Please note: By enrolling now, you will avoid having to do this at an inconvenient time if prompted for MFA.

Set up MFA on your NHS Microsoft account

Set up MFA on your NHSmail ( account