Office 365 MFA Setup

MFA Set-up in office 365

Multi-factor Authentication (MFA) also known as Two-factor Authentication (2FA) is a method of adding an extra layer of security on your systems log in process. This is considered to be the single, most effective way of securing your accounts. It’s also free and easy to setup since most applications nowadays have built-in MFA, all you need to do is enable it.

What are the benefits of enabling MFA?

  • Added layer of security
  • Confirms user identity
  • Very inexpensive (cheap, if not zero cost)
  • Easy implementation

Step-by-step guide:

This guide will show you the configuration steps to go through after MFA has been enabled in the Office 365 Admin Portal, including the optional setup of the Microsoft Authenticator app.

1. Navigate to an Office 365 website like https://outlook.office.com

2. Log in with your user credentials.

3. You will be prompted with a message that your organisation needs more information to keep the account secure. Click Next.

4. You will be asked for a method of contact. The best option for now is to choose Authentication phone & the Send me a code by text message options. Confirm the country, enter mobile number & click Next.

5. You will now be provided with an “App password”, which will be required for apps like Outlook, Teams & Email apps on a mobile device.

Note if your organisation’s Office 365 tenant has had Modern Authentication enabled, you may not need this “App password.” However, it’s recommended to still store it somewhere easily accessible.

At this stage, MFA has been configured for the user. However, there is an option to use the Microsoft Authenticator app to “Approve” access rather than be required to enter a code.

Follow these next steps to configure using Microsoft Authenticator App:

1. Download the Microsoft Authenticator app on your smart phone from the Apple or Android store.

2. When logged into an Office 365 website (Outlook/SharePoint/Yammer etc), click on your initials on the top right, then View Account. https://portal.office.com

3. On the home page, look for Security Info then select Update Info.

4. Select Add method.

5. You will receive a code from your registered mobile phone which should be entered on your computer for verification. Select Verify.

6. Select Authenticator app and select Add.

7. On your phone, select the plus button up the top right of the authenticator app.

8. Select Work or school account.

9. You may be asked to allow the app to access other apps on your phone (e.g. the camera). Approve these, then point the camera at the QR code on your computer screen.

10. You will then see the app present a 6 digit code. However, you shouldn’t need to use this code.

11. On the computer select Next.

12. You will be then be prompted on your phone to approve the request. Select Approve.

13. On the computer select Change (next to default sign in method).

14. Click the dropdown, select Microsoft authenticator then select Confirm.

15.  The process is complete. Now when you log into Office 365, you will be prompted to approve this with a tap of your phone instead of using an authentication code.

Note if your organisation’s Office 365 tenant has had Modern Authentication enabled, you will be prompted for the app approval in all applications you access, on your computer or phone (i.e. Skype for Business, Outlook, SharePoint etc.).

Do you need a handy copy of this? Click here to download a printable PDF.