Skip to main content

Add an account to Microsoft Authenticator

Quincy Powell
Updated

Introduction

Microsoft Authenticator is an authenticator application that integrates natively with Entra (Microsoft's cloud native IAM solution). It also may act as a general time-based one-time password (TOTP) provider.

This guide is for adding your Cochran account to Microsoft Authenticator. But it should also work for most Entra accounts and Microsoft accounts if adjusted.

Note: The images in this guide were taken from Apple iOS. There may be minor variances for Android or future versions of Apple iOS.

Requirements

  • A mobile device that supports Microsoft Authenticator. Most current Apple / iOS devices and Android devices will work.
  • A current and active Entra account. A Cochran account is a good example of this.
  • For QR code-based configuration only: another device with web access. A PC or a tablet are good examples.

Process Overview

  1. Install Microsoft Authenticator app if it is not installed.
  2. Open Microsoft Authenticator, step through welcome prompts.
  3. Prepare to scan QR code if that option is available to you.
  4. Configure Microsoft Authenticator.
  5. Recommended - upgrade your authenticator connection to password-less sign-in.

Install Microsoft Authenticator

  1. For most devices Microsoft Authenticator was administratively pre-installed, feel free to check for it.
  2. Open the App Store for your device.
  3. Locate Microsoft Authenticator. Be sure that the publisher is Microsoft - competing 3rd party publishers may pay to be listed ahead of this official application.
    The icon looks like a blue shield / padlock.
    MS Authenticator iOS app icon.png
  4. Install the application.

First launch

This only applies if you are launching Microsoft Authenticator for the first time on a particular device. Skip ahead to your configuration option if you have used Microsoft Authenticator on this device before.

  1. Locate the app tile for Microsoft Authenticator and then tap to open it.
  2. Read the informational greeting and proceed.
  3. If you wish, you may opt-in to providing telemetry data to Microsoft to assist in developing the Microsoft Authenticator application. Default selection is opt-out. Proceed after you decide.
  4. Select Work or School from the options.
  5. Select Scan QR code. Allow camera access if prompted.

QR code based configuration

On your mobile device

  1. Open the Microsoft Authenticator application if it is not open.
  2. If you followed the steps above in "First launch" move to the web browser section below. Otherwise:
    1. Tap the small plus '+' icon near the upper right part of the screen.
      1. If you don't see the small plus icon, navigate back using the icon '<'
    2. Select "Work or School"
    3. Select "Scan QR code" your mobile device is ready to scan the setup QR code.
      1. If prompted allow camera access

On another device with a web browser

  1. Open any web browser.
  2. Navigate to mysignins.microsoft.com
  3. Sign-in if prompted.
  4. Navigate to Security info (menu on the left)
    1. You should see a list of sign-in methods
  5. Click the "+ Add sign-in method" button
  6. Select "Microsoft Authenticator" from the list of options
  7. This step directs you to install Microsoft Authenticator.
    Assuming you installed Microsoft Authenticator already, click "Next" to proceed.
    1. If you did not, please install Microsoft Authenticator and do the initial launch as described above.
  8. This step directs you to step through the initial prompts, which you should have done already.
    Click Next to proceed.
  9. A QR code should be displayed. Switch back to your mobile device.
    1. If a QR code was not displayed, then something went wrong. Please contact IT.

On your mobile device

  1. Unlock your device if you need to.
  2. Launch the Microsoft Authenticator app if it is not already in the foreground.
  3. If you did not get Microsoft Authenticator in the QR code scan state described in the "First launch" section:
    1. Locate the small + icon in the upper right part of the screen and tap it.
    2. Select "Work or School account"
    3. Select "Scan QR code"
      1. Allow camera access if prompted.
    4. Scan the QR code displayed on your browser with your mobile device camera.
  4. Allow notifications if prompted. You may need to repeat the above steps if notifications were disabled, and you had to enable them in Settings.
  5. The authenticator account should be added but must be verified.
    Switch back to your other web browser device but keep your mobile device ready.

Coordinating between both devices

  1. You should be looking back at the screen with the QR code. Click the Next button.
  2. A number should be displayed, and your mobile device should receive a notification.
  3. Back on your mobile device, enter the number and press the confirmation prompt. Usually "Yes" is the correct confirmation prompt.
    1. Language and localization settings may result in variances.
  4. Confirm your mobile device's authentication prompt by entering your device PIN, fingerprint, or face ID.
  5. Back on your web browser device you should have automatically proceeded past the challenge number to a success prompt. Click "Next" and sometimes "Done". You should see a new sign-in method titled "Microsoft Authenticator"

Congratulations. You have completed required set-up of Microsoft Authenticator.

 

Device only configuration

Only perform these steps if you are unable to complete Microsoft Authenticator set-up using the QR code method.

  1. Open the Microsoft Authenticator application. Read and proceed through any introduction prompts that may appear. If prompted to add an account skip that step.
  2. Tap the + icon (plus sign) in the upper right if you were not prompted to add an account.
  3. Select "Work or school account" from the menu of choices.
    MS Authenticator select account type.png
  4. Select "Sign in" from the menu of choices.
  5. Enter the email address of the account you wish to add. Then press the Next button.
  6. Provide the requested authenticators. This will vary depending on your circumstances.
  7. Read and proceed through any remaining steps.
    1. If prompted to allow notifications, please do so.
  8. Verify your newly added account in Microsoft Authenticator is working properly. You should see something similar to the image below. Minor variances are fine.
    device_only_result.PNG

 

Recommended - upgrade to password-less

Completing these steps enhances your authenticator account from multi-factor authentication to password-less multi-factor authentication.

  1. If you're not there currently, open Microsoft Authenticator on your mobile device
  2. Navigate into your Cochran account.
  3. Identify the "Set up passwordless sign-in requests" button in the "other ways to sign in" section.
    Tap that button.
  4. If the "Set up passwordless sign-in requests" button is not present:
    1. Password-less may already be configured. If your account has a line near the top that reads "Passwordless sign-in requests" then your authenticator account is already configured for password-less sign-in.
    2. You might be looking at the wrong authenticator account, if you have multiple double check.
    3. Your authenticator account might be incorrectly configured. Contact IT for support.
  5. Follow the on-screen prompts to complete passwordless sign-in configuration. Typically, you must authenticate with password or multi-factor and register the device.

Troubleshooting and help

If you find yourself stuck, or in a sequence of events that repeat, please reach out to helpdesk@cochraninc.com

Loss of Microsoft Authenticator - if you lose the authenticator app after it is set-up it might be difficult to re-configure. If you have a Windows 11 computer then aka.ms/mfasetup should get you going again. Otherwise reach out to helpdesk@cochraninc.com

 

 

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk