Multi Factor Authentication

Maastricht University strongly believes in data protection. We continuously strive to improve information security and keep up with contemporary laws and regulations. Various measures have been and are being taken to make the university network even more secure. Implementing Multi Factor Authentication (MFA) is one of the measures taken to achieving this goal and ensuring that access to UM systems is better protected.

 Proceed directly to registering your account
 Manuals and FAQ
 MFA extended with number matching

Multi Factor Authentication (MFA) requires users to provide an additional form of verification, apart from a username and password, to successfully log in. This makes logging in from the office and the home even safer. This login method is also widely used by the Dutch government (DigiD) and banks (for secure online banking).  

In practice, Multi factor authentication (MFA) adds an extra step to the login process.  After you enter your UM credentials (something you know), there is a second authentication step via a separate device, such as your mobile phone (something you have). This two-step verification makes it difficult for unauthorized individuals to gain access to your UM account since it requires a combination of two or more ‘factors’ to gain entry. The activation of MFA within UM is therefore an extra security measure to protect accounts and thereby UM data and systems. 

MFA is activated on:

  • Webbased UM Services such as Intranet, Studentportal, Canvas and SAP Successfactors
  • VPN: secure network connection to the university
  • VDI: virtual workplaces for students and employees 

After you log in with your UM username and password, you will also be asked to use the MFA factor that you have configured for your account through

  Please note!
As of 27 February MFA is extended with number matching. 
Read more on number matching below. 

Take action!

  1. Register your UM-account for MFA via to be able to continue using the       relevant services. 
    TIP: start registering with your laptop or PC and use the manual below. IMPORTANT: Getting a new phone? Install the Microsoft Authenticator app on this new phone ánd register it on FIRST before emptying your old phone. This app and registration will NOT be transferred automatically. 
  2. Check if your MFA registration is done properly at: 

Manuals and FAQ

MFA extended with number matching


What will change?
From 27 February ’23 Microsoft will activate ‘number matching’ as default setting for Microsoft Authenticator – notification users. When you respond to an MFA push notification using the Authenticator app, you will be presented with a 2-digit number. Type that number into the app to complete the approval and continue the login process.

Why does this change?
This feature is intended to prevent accidental approval of fraudulent login attempts (as a result of so called ‘MFA fatigue’ or ‘push bombing’).

What does this mean for me?
What changes for you depends on your default MFA sign-in method.

  • On the website you can see which 'Default sign-in method' you have set for your UM account.
  • Are you using the Microsoft Authenticator - notification option, check for a clear instruction on how this works this FAQ (heading ‘Multi Factor Authentication (MFA) extended with number matching’).
  • Please enter the 6-digit code from your MS Authenticator app, or token.