Set up your IT account

You may have already activated your account when you applied to your course. If so, please go straight to “Protect your account with multi-factor authentication”. 

To activate your IT account you will need your:

• University number (a seven-digit number which can be found on all correspondence from the University)
• Date of birth.

Activate your IT account.

Once you have completed this you will receive the following:

• Username – this will provide you with access to almost all services and consists of your initials followed by five digits: e.g. ab12345.
• Email address – your email address may be required to login into some services instead of your username such as Surrey365 email and Eduroam wi-fi.

Email formats

• Undergraduate and postgraduate taught student email addresses follow the username@surrey.ac.uk format (e.g. ab12345@surrey.ac.uk)
• Postgraduate research students, it follows the initial.surname@surrey.ac.uk format (e.g. a.smith@surrey.ac.uk)

Multi-factor authentication (MFA) is a security method that ensures that only you can log into your account. It does this by requiring at least two methods of authentication – your password and another authentication method. The most secure and preferred method is to use the Microsoft Authentication App from your mobile phone. 

This additional authentication will only take place every 14 days or if unusual activity is suspected on your account.

We recommend setting this up now to keep yourself protected.

Instructions to set up MFA:

• MFA quick start guide (PDF)
• Multi-factor Authentication | Setup Guide Video.

Once you have set up MFA on your account you will continue to enter your university username and password at the usual login screen; however, following that, you will be prompted to approve your login. To do this, you will need to use the Microsoft Authenticator App (recommended) to tap and approve logins from a mobile device or smart watch. Please do not use text messages as your primary authentication method. This method is less secure than the MS Authentication App. Please only use text messages as an authentication method if you change your mobile phone. Never give the text message authentication code to anyone else. 

You can download the Microsoft Authenticator App on your device using the following links:

• Android
• iOS
• Windows.

For more information about MFA visit the IT website on MySurrey.

• If you travel internationally, change your phone number or change your mobile phone you will need to change your MFA setup 
• To change your MFA setup visit the Microsoft site. Then choose from one or more of the following options:
• Preferred method – use a Smart phone with the Microsoft Authenticator App 
• You need access to WiFi or a mobile phone signal 
• To avoid receiving text messages whilst roaming, please use the Authenticator App whilst connected to WiFi.
• Use a mobile phone (not a smart phone) which can receive texts or phone calls and preferably on the local phone service. This is not as secure as the Microsoft Authenticator App. Please use the App.

This essential step will allow you to reset your password should you forget it, or if you want to/need to change your password. Please follow the instructions on the set up guide (PDF) or watch this instructional video.

Once set up, if you ever forget your password, you can easily reset it by visiting this Microsoft webpage.