Office 365 Multi-factor Authentication users guide

23/11/2018

Multi-factor authentication for Office 365 refers to the process of having two or more methods of authenticating you as a user. Simply enabling MFA protects against a huge portion of online threats (an estimated 80% of cyber security attacks are initiated through a compromised email password).

Why use Multi-factor Authentication (MFA)?

MFA prevents a major vulnerability for businesses, where individual passwords being stolen represent the biggest risk to online security. When using MFA, as well as your user name and password, you need a code which is sent to your mobile phone via text or phone call in order to gain access to your email account. Phishing and malware attacks are often purposed with gaining your password, and once it is compromised the party responsible can access, exploit, publish and/or encrypt all the information they have access to. Once you enable and configure MFA, even if your password is stolen or compromised, it won't allow any malicious logins using your credentials as they would still not have access to the secondary method of authentication on your mobile device.

Don't want to get a text every time you check your emails?

You can choose if your organization allows for "remember me for X days" (up to 60 days) so you don't have to enter a text code every time you login to your emails, but it will only remember that user on that specific browser on that specific device. So, if you login from a different device or even a different browser on the same device within the 'remember' period select, Microsoft will request a new verification code to ensure that access is only granted to the right person.

Getting started with MFA

Below is a brief video outlining the steps involved in configuring MFA, and then accessing your email account as a user once implemented. We have also produced two user manuals for each of these steps which you can download below.

There are three main steps to configuring multi-factor authentication.
1. The Administrator configures MFA within the Office 365 tenant (the first document shown below)
2. The user sets up their secondary method of authentication (i.e. the mobile number and whether they receive a text or phone call)
3. The user sets up the APP PASSWORDS. Note: These are required when you want to access the desktop versions of Outlook, Skype for Business etc. as well as the online versions available through the portal.

Download and follow the guides below to get started and protect yourself today. Alternatively, if you would like assistance or advice on using MFA or other security measures available within Office 365, please contact us on 1300 228 744 or support@365solutionsgroup.com.au

Office 365 Admin? Learn How to turn MFA on

Download Guide to turn on MFA for Office 365

MFA turned on. Now what?

Download the users guide to O365 MFA

2 Comments

Hung Nguyen

31/10/2019 09:18:23 pm

I use MS Teams with Two factor authentication. I received call but I did not receive text

365 Solutions Group

31/10/2019 09:30:30 pm

Hi Hung,

In the second download above, the "Download the users guide to O365 MFA" on the second page, you'll see a screenshot of the options. You can choose to get a phone call, a text message or approve via an app.

I hope that answers your question, you can adjust the methods for MFA you have in place already by:
1. logging in to office.com in the browser
2. clicking your user icon in the top right corner
3. clicking on "My Account"
4. On the new page, select the "Security and Privacy" menu on the left
5. Select the last link: "additional security information"
6. Then Select the "Update your phone numbers used for account security." link that appears
7. Change the drop down for your preferred method, or setup other methods of MFA :)

I hope this has helped answer your question!

Office 365 Insights