Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            NHSmail: Elevated rights and MFA

            Modified on Tue, 28 Nov, 2023 at 5:46 PM

            TABLE OF CONTENTS

            What's changing?

            NHSmail are increasing the minimum security requirement for those with elevated rights in NHSmail. If you currently authenticate with any of the following, you will need to move to "push" phone app notifications. 
            • SMS
            • Voice call
            • 6-digit codes generated in an app 

            This change comes in on 30th November 2023; however, it is advisable to change as soon as possible (1) to increase data security, (2) to ensure you are prepared before the requirement, and (3) as it is typically faster to sign in this way rather than the other authentication methods.

            How to update your authentication method

            1. Visit https://mysignins.microsoft.com/security-info and sign in with your NHSmail account if you aren't already.
            2. If you do not already have the Microsoft Authenticator app on your mobile and linked to NHSmail:
              • Click ➕ Add sign-in method
              • Select Authenticator app and Add
              • Follow the instructions to download and setup the Microsoft Authenticator app on your mobile
            3. Ensure your Default sign-in method is set to 'Microsoft Authenticator - notification' (like below)
            4. If it's not, click Change 
            5. Set to App based authentication - notification and Confirm

            A work app on my personal mobile!?

            Authentication apps aren't "work" apps; they can be used to secure a large number of personal and professional accounts and services such as; Amazon, PayPal, Facebook, HMRC and your NHSmail account.

            If you don't already, we encourage you to consider using authentication apps to help protect your personal accounts; even if your password is compromised (which no one is immune to) the malicious individuals would not be able to access the account without you approving access with your Authentication app.

            What about when I get a new mobile?

            Use the instructions above (or on the NHSmail support website) to add and setup Microsoft Authenticator to your new phone before you wipe your old mobile.

            What about other staff/users?

            The requirement to use the most secure authentication method is only for those with elevated rights within NHSmail and separate to the upcoming requirement for all User mailboxes to be registered for MFA. Typical users will not be limited to "push" phone app notifications.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0