I keep getting MFA approvals from the Microsoft Authenticator app

Tagged with: MFA

Note: You should always deny any approvals you do not know, and sometimes you are just seeing approval notifications you missed previously. If you keep getting unexpected MFA approval notifications, please follow the steps below.

  1. Visit the following website:  https://aka.ms/mfasetup or https://mysignins.microsoft.com/security-info.
  2. Before you login or approve MFA, keep hitting *deny* multiple times until the notifications don't show up. Then open up the app, and tap the circling arrow icon (refresh). "Deny" any notifications that come up.
  3. Login with your Drexel userid @drexel.edu and Drexel password. Check your phone for more approval notifications and *deny* them BEFORE clicking Submit/Login.
  4. Now click Submit/Login and approve notifications on your phone.
  5. Once logged in, and the page fully loads, click "Change" (little blue link) next to "Default sign-in method." And change your default sign-in method to "Authenticator app or hardware token - code". The "code" option will show a 6-digit number that changes every 30 seconds.
  6. Now sign out on the "Security info" page. Click "Disconnect" if asked. And sign in again to the following link: https://aka.ms/mfasetup or https://mysignins.microsoft.com/security-info Try out the new MFA method, if prompted.
  7. Now visit https://aka.ms/mfasetup or https://mysignins.microsoft.com/security-info in a different web browser that you often don't use and make sure the MFA method works there.
  8. If all is well, after logging into https://aka.ms/mfasetup: Click the "Sign out everywhere" option (only once you're ready!) And sign into again on your phone and computer and such.
  9. You may now want to add another "method" for MFA on the site mentioned above.
  10. Also, on the site mentioned above, click "Overview" > "My Sign-ins" and look if there are any strange sign-in locations you don't recognize.

If you have already changed your password and the steps listed above don't help, or if you notice any strange/unrecognized sign-in locations, call the DU IT Accounts department at 215-895-2020, and report the issue.