Quick Card - MFA

Enable Multi-Factor Authentication
The Microsoft Authenticator is an app enabling Multi-Factor Authentication (or MFA), a security system that verifies a user’s identity by generating
time-based passwords, providing enhanced security.
At Firmenich, Multi-Factor Authentication is required to access different applications based on criticality of the information accessed, from where
this information is accessed, or even depending on other external situations like cybersecurity risk levels.
This QuickCard will guide you in the setup of the solution as well as on how to perform some basic activities with it.
Initial Registration Other Activities
1. Download Microsoft Authenticator app on your mobile device 3. Sign-In with Authenticator (Notification Method)
2. Configure Microsoft Authenticator application: 4. Sign-In with Authenticator (Verification Code/Token Method)
5. Report Fraud with Authenticator

2.A. from Firmenich PC
6. Security Info: Register an additional device
2.B. If you don’t have a Firmenich PC
7. Security Info: Delete a registered
8. Security Info: Change Default Sign-In Method
9. Re-register Authenticator (Mobile Lost, Broken, Stolen)
Welcome to Office 365

Enable Multi-Factor Authentication on your mobile devices
1. Download Microsoft Authenticator app on your mobile device
From the Firmenich Apps@Work application,

or from the Apple/Android store, search for
Microsoft Authenticator.
Install
Download the Microsoft Authenticator

application and open it.

Configuration
from your
Firmenich PC
2.A) Configure Microsoft Authenticator application from your Firmenich PC
Using your Firmenich PC connected to Office network or via Click Next again, as you have already installed Microsoft Authenticator as
Global Protect, open a browser and sign in into: per previous steps.
https://aka.ms/mfasetup Click Next to set up your account.
Click Next.

Configuration
from your
Firmenich PC
From your computer From your mobile device
You get a QR code, which you’ll have to scan with your Open the Microsoft Authenticator application.
mobile device. Add a Work account, by clicking the + icon and select Work or school account.
Allow the app to access your

camera and scan the QR code
appearing on your screen.
FOR CHINA USERS ONLY: Select “Other (Google, Facebook, etc.)”

and enter the code when asked.

Configuration
from your
Firmenich PC
From your computer From your mobile device
Click Next. Your account is now linked in the

Authenticator.
Magic will happen, and you

will receive a notification to
approve. Simply click on it.
Once you have approved on your mobile application, you

will get the “Success” pop-up on your PC screen. Click Approve, and follow the last instructions on the computer
You’re done!

Configuration for
non-Firmenich Enable Multi-Factor Authentication on your mobile devices
users
2.B) Configure Microsoft Authenticator application if you don’t have a Firmenich PC
Due to security reasons, Microsoft Authenticator Registration is restricted to trusted locations or devices. There might be some
reasons where you don’t have access to a trusted location or device, and therefore, this restriction can be temporarily removed to
allow you registering your Authenticator App from your device.
Please raise a START ticket with the subject “Unrestricted Authenticator Registration for <PID or email>” or contact IS Service Desk.
You can also consult the dedicated Knowledge Base Article : KB0004226
This can be requested while account creation or at any time afterwards.

3. Sign-In with Authenticator (Notification Method)
You are prompted to login with You’ll receive a notification to verify the request in
Notification method. Microsoft Authenticator App.
Simply Approve.

4. Sign-In with Authenticator (Verification Code/Token Method)
If you don’t answer to a notification request, you You are prompted to login with
will be prompted with the following screen. You One-Time Password Code method. From your mobile device/token
request to “Enter a security code”
You’ll find the One-Time code in
your Microsoft Authenticator App
opening your account or, on your
hardware token display.
Enter the code and click Verify.

5. Report Fraud with Authenticator
You are prompted to login with You must click on Deny, to deny this unexpected request and click on Report
Notification method, while you Fraud to alert the IS Security team.
didn’t attempt to access any service.
The Information Security Team will contact you to handle this security incident.

6. Security Info: Register an additional device
Note: Access to “Security info” page requires to have an Authenticator app registered.
Using your Firmenich device (corporate Click on Add method, select Authenticator app and click on Add.
mobile or PC), open a browser and sign
in into https://mysignins.microsoft.com
You’ll be requested to Sign-In with

authenticator.
Please follow the previous slides to:

1) Configure Microsoft Authenticator application on your Corporate device: page3
2) Configure Microsoft Authenticator application from your Firmenich PC: page 5

7. Security Info: Delete a registered device
Using your Firmenich device (corporate Click on Delete to delete the desired authentication method.
mobile or PC), open a browser and sign Please make sure you do not delete a valid authentication method.

authenticator.

8. Security Info: Change Default Sign-In Method
Using your Firmenich device (corporate Click on Change

mobile or PC), open a browser and sign Select “Notification” or “Code” method and click on Confirm.

authenticator.

9. Re-register Authenticator (Mobile Lost, Broken, Stolen)
There might be some cases in which you lost access to your Authenticator Application: mobile lost, stolen or broken, or even you
uninstall/reset the Authenticator App itself.
• In case you lose access to all your registered devices, please raise a START ticket with the subject “Reset Authenticator for <PID>” or
contact the IS Service Desk. This will allow you to perform the initial registration again.
You can also consult the dedicated Knowledge Base Article : KB0004226.
• If you are not a Firmenich Employee, please explain your situation via e-mail to your Firmenich Manager/Contact.
He/she will have to open a Service Request via START as explained at KB0004226.
• If you still have access to a second Microsoft Authenticator App registered, you will be able to Self-Service Delete your lost device from the
authorized devices list and add a new one through https://aka.ms/mfasetup .

Quick Card - MFA

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Quick Card - MFA

Uploaded by

Copyright:

Available Formats

Enable Multi-Factor Authentication

Initial Registration Other Activities

5. Report Fraud with Authenticator

8. Security Info: Change Default Sign-In Method

9. Re-register Authenticator (Mobile Lost, Broken, Stolen)

Welcome to Office 365

From the Firmenich Apps@Work application,

Download the Microsoft Authenticator

Welcome to Office 365

Welcome to Office 365

From your computer From your mobile device

Allow the app to access your

FOR CHINA USERS ONLY: Select “Other (Google, Facebook, etc.)”

Welcome to Office 365

From your computer From your mobile device

Click Next. Your account is now linked in the

Magic will happen, and you

Once you have approved on your mobile application, you

Welcome to Office 365

This can be requested while account creation or at any time afterwards.

Welcome to Office 365

Welcome to Office 365

Enter the code and click Verify.

Welcome to Office 365

Welcome to Office 365

You’ll be requested to Sign-In with

Please follow the previous slides to:

Welcome to Office 365

You’ll be requested to Sign-In with

Welcome to Office 365

Using your Firmenich device (corporate Click on Change

You’ll be requested to Sign-In with

Welcome to Office 365

Welcome to Office 365

You might also like