Because there is no way to enter verification codes in our VPN client software, users are required to use either the Microsoft Authenticator - notification or a Phone - call as their default sign-in method for MFA. If you have an iOS or Android device, we strongly suggest following the instructions here to use the Authenticator as your default sign-in method. Users who do not have an iOS or Android device should use the instructions below to set their default sign-in method to Phone - call. When using the Phone - call method, you will receive a call each time you encounter an MFA challenge, and can approve or deny the request using your phone keypad.