Multi-Factor Authentication (aka Two-Factor Authentication) is routinely used as an additional step in verifying that the user logging into a service is the intended and expected user. MFA follows the premise of “something you know” (aka the username and password pair) and “something you have” (such as a phone or device with an authentication app).

There are several methods available that can provide the “something you have” authentication – such as a text message to a phone, a voice call to a phone, and the Microsoft Authenticator mobile app. For simplicity’s sake, and to provide what we feel is the best option for security, we recommend the Microsoft Authenticator app which is free for Android and iOS devices.

Below are the steps in enabling MFA for Office 365.

Each user will need to perform the following:

  1. Download and install the Microsoft Authenticator app onto their mobile device.
    https://www.microsoft.com/en-us/account/authenticator
    Do NOT log into the APP
  2. Visit https://aka.ms/MFASetup on your PC
  3. Follow the directions for verifying that you’re authenticating to the correct account, then providing the appropriate password: Type your work email address and computer password.
  4. Change the settings to use the “Mobile App” and “Receive notifications for verification”.

    Then click “Set up”.
  5. On the next screen you’ll see a QR code:

    Open the Microsoft Authenticator app on your mobile device. Add an account to the app, select “Work or school account,” and using the camera, scan the QR code until the app accepts it. Click Next. You will return to the previous screen on the computer while your MFA account is configured.

    After providing your email address and password, you will see the following:

    Click “Next”.
  6. Leave the settings as above and click “Next”.
  7. Microsoft will now send a verification alert to your phone. When you receive the alert, tap “Approve”
  8. Verify that your phone number is correct. If not, add your number or change it. This number will be used for additional account verification, if needed. Click Next.
  9. Verify your security verification settings on this page. At least one phone number, either an Authentication Phone or an Office phone, are required in addition to the Authenticator app. These settings can be changed in the future if needed.

    If no changes are needed, click “Cancel”
    If you make any changes to your phone number or primary notification option, Click “Save”