Microsoft Office MFA

Microsoft are now strongly recomending all organisations implement Multi-Factor Authentication immediately

Important: This feature will be switched on for all users using Microsoft 365 by August 2020

Set up your Microsoft 365 sign-in for multi-factor authentication

We have seen a big increase in companies being phished and scammed over the last 12 months.

Microsoft are strongly recommending that MFA (Multi-Factor Authentication) is implemented as one of the best ways to avoid someone hacking or socially engineering there way into your account.

What is MFA?

MFA works very similarly to how lots of online banks work. When you login to your Office 365 account, based on a few factors it may ask you for another way to verify who you are. In Microsoft’s case it would be a code on a mobile device to verify that you are who you say you are! These factors include new locations, new devices, if you’ve recently logged in (it may not ask you daily, but once a month for example).

Once your admin enables your organization with Multi-Factor Authentication (MFA) (also called 2-step verification), you have to set up your user account to use it.

By setting up MFA, you add an extra layer of security to your Microsoft 365 account sign-in. For example, you first specify your password and, when prompted, you also type a verification code sent to your phone.

1. The first time you sign in to Microsoft 365 with your work or school account with your password like you normally do. After you choose Sign in, you’ll be prompted for more information.
2. Choose Next.
3. Select your verification method and then follow the prompts on the page. You can also watch the video to learn more.
4. After you test your additional verification method, choose Next.
5. Once you complete the instructions to specify your additional verification method, the next time you sign in to Microsoft 365, you’ll be prompted to provide the additional verification information or action, such as typing the verification code that is sent to you by text message.
6. To have a new code sent to you, refresh your browser tab.

We strongly recommend setting up MFA.

For example, if you travel a lot, consider setting up the Microsoft Authenticator app for your additional verification method. It’s the easiest to use and avoids text or call charges.

If you have applications, such as Office 2010 or earlier and Apple Mail before iOS 11, that don’t support an additional verification, you must set up an app password.

See manage app passwords for more information.