Traveling internationally with Azure MFA

Description

Before traveling internationally, OIT recommends that you follow the guidelines below to avoid any disruptions to your multi-factor authentication experience. If you have not already enrolled in Azure MFA, please follow the instructions in Enrolling in Microsoft Azure MFA.  

Environment

Smartphone or tablet  

Computer 

Audience 

Students and faculty going abroad 

International students, faculty, and staff coming to Ohio University 

Table of contents

 

I plan to use my current phone/ tablet abroad.

You should be able to take your existing phone/tablet abroad and authenticate on Wi-Fi with the Microsoft Authenticator app without any disruptions.

  • Before you travel, check that your default authentication method is set to the Microsoft Authenticator app. You may encounter issues authenticating via a phone call or text in an international location.

  1. Navigate to myaccount.microsoft.com

  2. Log in with your OHIO email and password.

  3. You may be prompted to authenticate with Azure MFA to access the portal.

  4. Under Security Info, select Update Info >

  5. Your default sign-in method is listed at the top of the screen.

  6. If you need to change your default sign-in method for the Microsoft Authenticator app, follow instructions in Changing your default authentication method with Azure MFA.

Microsoft account screen showing default authentication method.

 

  • While abroad, connect your phone/tablet to Wi-Fi.

    • It’s possible that your device can cause you to incur roaming charges if you are using cellular data instead of Wi-Fi. 

    • If Wi-Fi is not available, you can authenticate by accessing a one-time passcode in the Microsoft Authenticator app. Your device does not need to be connected to a network to do this. View instructions in Using a one-time passcode with Azure MFA.

 

SIM card considerations

If you are planning on using a new SIM card in your existing phone, you should be able to use your Microsoft Authenticator app without any disruptions. If you encounter issues, please contact the IT Service Desk.  

  • Getting a new SIM card means that your phone will have a new number.

  • We recommend enrolling your new phone number in Azure MFA as a back-up method, so you can authenticate through a call or text in case you experience issues with the Authenticator app.

  • Follow the instructions for in Adding an additional authentication method to enroll your new phone number in Azure MFA as an alternate phone.

 

I plan to get a new phone or tablet abroad.

Before you get your new phone

There are a few ways to authenticate until you get your new phone.

  • Option 1: Use your current phone or tablet

    • You can use your current device to authenticate via the Microsoft Authenticator app over Wi-Fi. You can also use a one-time passcode in the Authenticator app, which does not require your phone to be connected to Wi-Fi or cellular data.

  • Option 2: Get a temp password

    • If you can’t take your current phone/tablet abroad, contact the IT service desk before you travel to request a temporary password. 

      • Call the service desk at 740.593.1222 or email servicedesk@ohio.edu to request a Microsoft Teams meeting to set up your temporary password.

      • After, when you attempt to access any online service that requires your OHIO email and password, you’ll then be prompted to enter the temporary password given to you by the service desk.

      • This temporary password is valid for 30 days and can be used while you set up your new phone.

      • Single sign-on screen showing request for a temporary passcode

 

After getting your new phone:

Once you have your new phone, follow the instructions below to set up MFA. You will need both your phone and your computer for setup. 

  • We recommend setting up the Microsoft Authenticator app as your default authentication method (rather than a call or text) to avoid any issues. 

 

On your computer:

  1. Navigate to myaccount.microsoft.com

  2. Enter your OHIO email and password.

  3. You may then be prompted to enter the temporary password provided by the service desk to access the portal. 

  4. Under Security Info, select Update Info >

  5. Select + Add sign-in method

  6. Under Add a method, choose Authenticator app from the drop-down menu, and select the blue Add button.

  7. You will see a series of prompts. Select the blue Next button until you see the QR code.

  8. Keep this window open in your internet browser.

 

On your new phone

  1. Download the Microsoft Authenticator mobile app on your new smartphone. Keep this window open.

    • Open the app store on your device (Apple or Android). 

    • Search for the Microsoft Authenticator app published by Microsoft Corporation.

    • Microsoft Authenticator logo

  2. Download and open the Authenticator app.

  3. Accept the terms and conditions.

  4. Select Scan a QR code.

  5. Microsoft Authenticator prompt to scan QR code.

  6. Use your phone to scan the QR code shown on your computer screen.

Outcome: You have successfully set up multi-factor authentication on your new phone! Once your temporary password expires, you’ll be prompted to authenticate via the Microsoft Authenticator app on your new phone. 

Note: You can select Remember me for 90 days at any single sign-on screen to limit your authentication requests. 

Tip: While abroad, connect to Wi-Fi when possible.

  • Connecting to Wi-Fi is the most reliable way to use the Microsoft Authenticator app.

  • If Wi-Fi is not available, you can authenticate by accessing a one-time password code in the Microsoft Authenticator app. Your device does not need to be connected to a network to do this. View instructions in Using a one-time passcode with Azure MFA.

Travel considerations

Get help from OIT