Recently updated on March 21st, 2023

The days of relying on a lonesome password for authentication are coming to an end. With the rise in cybercrime, improving the security of online accounts is critical. Multi-factor Authentication (MFA) can greatly increase security to help curtail cyberattacks. According to Google, even using basic SMS verification–which is the least secure secondary authentication method–can block 100% of automated bots, 99% of bulk phishing attacks, and up to 66% of targeted attacks.

Cloud security is critical in today’s world, and most companies that offer cloud-based services are now implementing multi-factor authentication to help protect your accounts. Among those is Microsoft. If you have an Office 365 account, you now have the option to turn on MFA, which is highly recommended.

Turning on multi-factor authentication for your Office 365 account is straightforward and takes just a few basic steps. Even if you don’t work in IT support, the following process should be relatively painless.

Ensure You Have Permissions

In order to manage MFA settings, you need to be a global admin for your organization. If you already have Global admin permissions, then you’re set to begin. If you don’t, you’ll need to have your account added to the proper admin role.

Also, if you have previously enabled per-user MFA, this has to be disabled before continuing to the next step. Doing so is a simple three-step process:

  1. Go to the Office 365 admin center and choose ‘Active Users’ from the ‘Users’ menu option in the left navigation pane.
  2. Once you’re on the active user’s page, choose multi-factor authentication.
  3. After the multi-factor authentication page has loaded, simply select each user in your group and set their MFA status to ‘Disabled.’

Use Security Defaults

Most organizations will be satisfied with the Security default settings. These defaults offer a strong level of sign-in authentication. For newer subscriptions, chances are these security defaults are turned on automatically.

If you are unsure, you can view and change your security default settings from the Properties pane on the Azure Active Directory. This can be found within the Azure portal.

After navigating to the Office 365 admin center, sign in with your global admin credentials. Next, go to the left navigation menu and choose “Show All” under the Admin Centers menu option, and select Azure Active Directory.

You should see the option for ‘Manage Security defaults’ at the bottom of this page. If the security defaults setting says ‘No,” switch it to ‘Yes’ and click ‘Save.’

Switch on Modern authentication

Like the Security defaults setting, most new accounts already have modern authentication turned on. For older subscriptions, though, you may need to turn it on to get all of the multi-factor authentication features to work. Simply log into the Office 365 admin center, and choose ‘Settings’ then ‘Org settings’ in the left navigation.

Under the services tab, you should see the option for Modern authentication. Select ‘Enable Modern Authentication’ if it is not already, and click ‘Save changes.’

With these settings in place, MFA will now be enabled.

Logging In

After multi-factor authentication is enabled, the next time a user tries to sign in, they will be prompted to set up authentication for their specific account. By default, the authentication method will use the free Microsoft Authenticator mobile app, which is the most secure way to authenticate your account.

At this point, the user will be prompted to download the Authenticator app on their mobile device. After downloading the app, simply click ‘Next’ and you will be prompted to add the Office 365 account to your Authentication app.

For those who would rather use the less secure SMS verification method, you can click ‘I want to set up a different method’ rather than following the Authenticator app prompts. In this case, a 6-digit code will be sent to your phone as an SMS, which you will type into the prompt to authenticate.

Setting Up MFA for Office 365 is Simple and More Secure

Microsoft has made it very easy to get multi-factor authentication setup up for your organization. While this adds one additional step to the login process, that small amount of time is well worth the effort if it means an added extra layer of security to your account. However, if you don’t want to set it up on your own, we have highly qualified IT support professionals that would be happy to do it for you.

See More Related Articles