Information – Multi-Factor Authentication for compromised accounts

27/06/2022 01:00:00 PM (BST)

As part of the ongoing efforts to protect the NHSmail platform, Multi-Factor Authentication (MFA) will now be enforced by the NHSmail team on all NHSmail accounts that are identified as compromised.

This action is in addition to the upcoming functionality being introduced into the NHSmail Portal to automate the enabling of MFA for compromised accounts.

As part of the existing process, Local Administrators of accounts identified as compromised will be notified by the NHSmail team to then work with the user(s) to configure MFA in addition to ensuring a malware scan has been performed on the device(s) recently used to access the account.

Further information can be obtained via the NHSmail Support Site guidance on how to configure MFA.

If you require additional help and support, the NHSmail helpdesk is available 24 hours-a-day, 7 days-a-week on 0333 200 1133 or by emailing

back to top