Two Factor Authentication (2FA) adds an extra layer of security to the sign-in process of your accounts. By verifying your identity using a second method (such as a Microsoft Authenticator App or text message) in addition to your password, you can make sure that the person trying to access an account is who they say they are.

Increase password security with Two-Factor Authentication (2FA) in Microsoft Office 365

What’s the difference between 2FA and MFA?

Both Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA) both enhance security for accounts. The only real difference is the number of authentication methods used. For example, 2FA uses, you guessed it, 2 methods of authentication while MFA uses two or more.

Why should I add 2FA to my Microsoft Office 365 user account?

Strong passwords can still be broken and with countless number of email accounts and passwords leaked onto the dark web, many businesses are discovering that their users’ credentials are compromising their own business security. But by enabling 2FA, you can add an extra layer of security by requiring a second form of authentication from your users.

Without 2FA enabled on your Microsoft Office 365 user accounts, anyone who has knowledge of you or your employees username and password would be able to access all your Microsoft applications, steal data and/or misuse your identity.

Your organisation will most likely be enforcing 2FA/MFA onto all devices and services as part of their internal security policy. If you already have 2FA implemented on to your Microsoft Office account, it’s good practise to enable this security measure to the rest of your personal business accounts.

How do I enable 2FA on my Microsoft 365 account?

To enable 2FA on your Microsoft Office 365 account, you need your password and the Microsoft Authenticator App installed on your phone. The app will act as a second piece of evidence to prove your identity using a 6-digit random number generator, which changes every 30 seconds.

You can use the instructions below to enable Office 365 two factor authorisation (2FA), and how to use the Microsoft Authenticator App for 2FA.

You will need your:

Company Email Address name@company.co.uk
Password Login password for your Microsoft Office 365 account
Computer to access your Microsoft Office 365 account via a web browser
Mobile phone to host the Authenticator app, and a mobile phone number for additional security purposes

 

These instructions take you through the following steps, it is important that all these steps are followed.

Step 1 – Download Microsoft Authenticator app to your mobile device

Step 2 – Access Microsoft Office 365 user account online

Step 3 – Configure the Microsoft Authenticator App

Step 4 – Login to Microsoft Office 365 account using 2FA

Questions provide additional information and how to sort out things when they go wrong.

 

Step 1 – Download Microsoft Authenticator app to your mobile device

  1. Navigate to your phones App Store and search for Microsoft Authenticator app. The search results should have found the following apps:

Microsoft Authenticator Screenshoot

2. Download the Microsoft Authenticator app to your phone.

3. Once download is complete, a new app icon will have appeared on your phone called Authenticator.

Phone Screen Apps Screenshot

You will need this later in step 3.

Step 2 – Access Microsoft Office 365 user account online

  1. Using your computer, open a browser and navigate to https://login.microsoftonline.com.
  2. Log into Microsoft Office 365 online with your company email address and password.
  3. Your IT Administrator will already have enabled 2FA on your company user account, so you should receive the following prompt asking you to setup 2FA.

Microsoft More info needed

4. Click on Next.

5. You will then arrive on the page called Additional Security Verification asking you which security method you would like to use.

6. Select the option Mobile App from the drop-down list and select Use verification code from the list of choices, click Set up.

7. Once this has been completed you will be displayed with the message below.

 

 

Configure Mobile App
This is an example image for reference

 

This contains the QR Code (black square) which you will need to scan with the Authenticator app downloaded in Step 1 to setup your account.

 

Step 3 – Configure the Microsoft Authenticator App

  1. With your mobile phone in hand, open the Microsoft Authenticator app.
  2. Skip any intro screens the app may present to you, until you get to the Ready to add your first account? screen or similar.

3. Select Add account or “+” icon in the top right corner of the app screen.

4. Select the option Work or school account.

5. You may be asked to allow the app to use your phone’s camera, click OK to allow this.

6. You will be presented with a screen called Scan QR code with a square camera box in the centre of the screen.

7. Lift your mobile device so that the QR code on your computer screen sits inside the Scan QR code camera square on your mobile phone.

8. As soon as the Authenticator app has scanned the QR code the following screen will appear on the computer screen. Set up button is greyed out and the Next button is highlighted.

On the Authenticator app on your mobile phone a new account will have been created, displaying a set of 6 digits that updates every 30 seconds.  This ever-changing number provides the second authentication factor required for 2FA.

9. Click Next on your computer screen.

10. You will then be prompted for the six-digit verification code from the Authenticator app.

11. Enter the six-digit code displayed on your mobile phone Authenticator app and click Verify.

12. Select the country from the drop-down list and then enter your mobile telephone number. Click Next.

 

Step 4 – Login to your Microsoft Office 365 account using 2FA

  1. Open any Microsoft application on your computer (i.e Outlook) and when prompted enter your company email address (username) and click next.

2. Enter your Windows password (your computer logon password) then click Next.

3. the Authenticator app on your phone will prompt you to enter a six-digit verification code. Once you’ve entered the code, your Outlook will function as usual.

Your organisation may configure Single-Sign on (SSO) to your Microsoft Account to which you will not need to enter your password to login.

 

Will I need to use 2FA every time I log into my Microsoft office 365 account?

If you try to access your Microsoft account through a browser or a new device, you will need to use the app to authenticate your login credentials.

 

Can I enable 2FA on other accounts and applications?

Since 2021, major online services have made 2FA a default security setting. These include Banking services, online shopping sites, social media and email. You can verify this in your account’s security settings.

2FA is a great way to protect your account, identity and mitigate against phishing attacks.

 

Strengthen your IT Resilience through Access Management

Over the last 6 months, the threat landscape has undoubtedly worsened. While advancements in technology drive innovation for businesses, they also empower cyber criminals to become increasingly inventive in their tactics.

On the other hand, there are numerous proactive steps that SMEs can take to enhance their IT and cyber security posture.

For example, prioritising the security of data and applications is critical. Implementing a multi-layered approach using Conditional Access and Multi-factor Authentication (MFA) can significantly bolster resilience against these rising security threats.

There are plenty more things SMEs can do to improve the condition of their IT and cyber security posture. Discover these strategies in our blog, Strengthening your IT Resilience in 2024 & Beyond!

Alternatively, contact us to further strengthen your security posture through cyber resilience!

 

resilience-it-timeline