Multi-Factor Authentication Guidance

If you have Multi-factor authentication (MFA) enabled on your nhs.net account and you use the Outlook desktop client, you will need to follow the instructions outlined in this article to temporarily disable MFA following your upgrade and prior to the first launch of your desktop Outlook client. Local Administrators will receive a scheduling email 1 week ahead of their upgrade slot, where the specific date on which to follow the MFA guidance below will be provided.

Important Note

If you have MFA enabled and do not follow these steps, you will not be able to send or receive emails through Outlook following your upgrade.

There are two options to temporarily disable MFA – please follow the appropriate steps for you:

  1. Disabling MFA on your own account
  2. Disabling MFA for another user – to be able to follow these steps you need to be a Local Administrator with the correct privileges

Option 1:  Self-Service Disablement of MFA

1) Sign-in to the NHSmail portal using your .net credentials

2) Navigate to your Profile

3) Click on the self-service tab

3) Select ‘Temporarily Disable MFA

4) You will see a pop up which informs you that disabling MFA is a temporary action and will be re-enabled automatically after 15 minutes.

5) Click Confirm

6) You will see a pop-up notification on the top right of your screen confirming you have successfully disabled MFA for 15 minutes.

7) Launch and log in to your desktop outlook client (it is important that this is done during the 15 min timeframe, otherwise, you will need to repeat this process of temporary disablement). Select ‘Send/Receive All Folders’ and confirm Outlook connectivity is established.

After 15 minutes, MFA will be automatically re-enabled. If Outlook connectivity is established and you can send and receive emails, you should not need to perform this task again

Option 2: Disabling MFA for another user

Important Note

You will only be able to complete these steps if you are a Local Administrator, with admin privileges for the organisation the user is part of.

1) Sign-in to the NHSmail portal using your .net credentials

2) Navigate to Admin and User Management

3) Search for the user account in question by entering their nhs.net email address in the search bar. Double click on the user account when it appears

4) The user details window should appear, on the ‘Action’ box select ‘Disable MFA’

5) A green pop up should appear on the top of the window stating MFA will be disabled for 15 minutes. The ‘Re-Enrol MFA’ option will be disabled during these 15 mins

6) Communicate to the user in question that they will need to launch and log in to their desktop outlook client (it is important that this is done during the 15 min timeframe, otherwise, you will need to repeat this process of temporary disablement)

 

 

 

Updated on 19/10/2021

Related Articles

Need Support?
Can’t find the answer you’re looking for? Don’t worry we’re here to help!
Contact Support
back to top