In today’s ever-changing cybersecurity landscape, a simple password won’t be enough. This is why Microsoft Office 365 allows for Multi-Factor Authentication (MFA). This will ensure the security of your applications, email and data.
How Does Office 365 Multi-Factor Authentication Work?
You’ll be prompted to acknowledge a phone call, text message or application notification on your smartphone. It’s up to you to decide which notification type to use. This way, even if a criminal obtains your password, they would also need the code from your smartphone to access your account. They would immediately be denied.
This single additional step will significantly boost the security of your account. We recommend that all management-level users have Multi-Factor Authentication in place.
Can We Create Application Passwords For Our Office Apps?
Yes…. Multi-Factor Authentication is enabled per user. This means that if a user has MFA-enabled, they won’t be able to use a non-browser client, such as Outlook 2013 with Office 365 until they create an app password. An app password is a password that is created within the Microsoft Azure portal that allows the user to bypass MFA and continue to use their application.
All Office 2016 client applications support Multi-Factor Authentication through the use of the Active Directory Authentication Library (ADAL). This means that app passwords aren’t required for Office 2016 clients. However, if you find that this is not the case, make sure that your Office 365 subscription is enabled for ADAL.
How Do We Set Up MFA In Office 365?
(These directions are according to Microsoft.)
- You must be an Office 365 global administrator to take these steps.
- On the multi-factor authentication page, select the check box next to the people you want to manage.
- On the right, under quick steps, choose Manage User settings.
- In the Manage User Settings dialog box, select one or more of the following options:
- Require selected users to provide contact methods again.
- Delete all existing app passwords generated by the selected users.
- Restore multi-factor authentication on all remembered devices.
5. Choose Save, then choose Close.
How Do We Use Office 365 Multi-Factor Authentication After We Set It Up?
After you enable MFA, give the following instructions to people to set up their second sign-in method for Office 365. By setting up MFA, you add an extra layer of security to your Office 365 account. You sign in with your password (step 1), and a code sent to your phone (step 2).
And you’ll need to create an Application Password For Office 365. An app password is a code that gives an application or device permission to access your Office 365 account.
If your admin has turned on multi-factor authentication for your organization, and you’re using apps that connect to your Office 365 account, you’ll need to generate an app password so the application can connect to Office 365. For example, if you’re using Outlook 2016 or earlier with Office 365, you’ll need to create an app password.
- Check whether your Office 365 admin has turned on multi-factor authentication for your account. If they haven’t, when you try to do these steps, you won’t see the options in Office 365.
- Sign in to Office 365 with your work account with your password like you usually do.
- Choose Set it up now.
- Select your authentication method and then follow the prompts on the page. Or, watch the video to learn more.
- After you verify your alternate contact method, choose Next.
- You’ll get an app password that you can use with Outlook, Apple Mail, etc. Choose the copy icon to copy the password to your clipboard. You won’t need to memorize this password.
- Once you complete the instructions to specify how you want to receive your verification code, the next time you sign in to Office 365, you’ll be prompted to enter the code that is sent to you by text message, phone call, etc.
- To have a new code sent to you, press F5.
How Can We Create Another App Password?
- Sign in to Office 365.
- Choose Settings > Office 365.
- Choose Security & Privacy > Additional security verification. You’ll only see this option if your admin has set up multi-factor authentication for your organization… If you don’t see this option, contact your Office 365 admin and tell them to turn on multi-factor authentication.
- Choose Update my phone numbers used for account security.
- At the top of the page, choose App Passwords.
- Choose to create to get an app password.
- If prompted, type a name for your app password, and click Next.
- Choose copy password to clipboard. You won’t need to memorize this password.
- Go to the application that you want to connect to your Office 365 account. When prompted to enter a password, paste the app password in the box.
Can We Use The App Password In Microsoft Outlook?
Yes…You’ll need to follow these steps once.
- Open Outlook, such as Outlook 2010, 2013, or 2016.
- Wherever you’re prompted for your password, paste the app password in the box. For example, if you’ve already added your account to Outlook when prompted paste the app password in the prompt.
- Or, if you’re adding your Office 365 account to Outlook, enter your app password in the Auto Account Setup.
- Now, just restart Outlook.
When Else Is It Important To Use MFA?
You should use MFA whenever it’s available. Always use it when you’re accessing your sensitive data like financial accounts, medical records or bill-paying services. Most of these organizations will require multi-factor authentication, so you’ll have to use it. Some offer it as an option.
Did you know that using MFA is one of the top three things that security experts do to protect their security online? This is according to a Google survey.
Where Else Should We Use Multi-Factor Authentication?
Even social media accounts are using MFA to protect their subscribers. This keeps anyone from taking over your identity on the platform.
Facebook now has an option where you can have a code texted to your mobile phone, or one generated in your Facebook account that you must enter when signing in. Code Generator is a security feature for your Facebook app used with two-factor authentication. When you turn it on, your phone will generate a unique security code that you can use to authenticate your login attempt on another computer or mobile device.’
Can My MFA Be Saved So I Don’t Have To Do This Again And Again?
Most MFA processes will remember a device. This is called device recognition. Sometimes services will ask if you want this. For a laptop, tablet or smartphone that remains private, you can choose to do this. However, if it’s a shared device, you should always go through the MFA process to ensure no one can get into your accounts.
With device recognition and analytics that banks, credit cards and other services employ, if you make a withdrawal in the U.S., and someone else tries to do this in Malaysia (or anywhere else that you couldn’t travel to quickly on the same day), an alert kicks in to prevent this. Technology is getting smarter all the time.
Have more questions about Microsoft Office 365 Multi-Factor Authentication?
If you need assistance setting up your MFA in Office 365, we can help. In the meantime, visit our Learning Center where we post updated articles every month.