
close
close
Upcoming FREE Conference on Identity Management and Privileged Access Management
In today’s Ask the Admin, I’ll show you how to enable two-factor authentication on a Microsoft account with the help of Microsoft’s Authenticator mobile app.
In What Is Multifactor Authentication and How Does It Work? on the Petri IT Knowledgebase, I explained the concept of two-factor and multi-factor authentication, and why you should enable it for sensitive accounts. Two-factor authentication (2FA) has been available in Office 365 for a couple of years, but you need to manually enable it for your users. Microsoft’s Authenticator app for iOS, Android, and Windows Phone makes it easier than ever to implement 2FA by using push notifications for verification rather than requiring users to type in access codes.
Before setting up 2FA for Office 365 users, make sure you enable Modern Authentication (MA) for Exchange Online if users are accessing Exchange using Outlook 2016 or 2013. Versions of Outlook prior to 2013 don’t support Modern Authentication. For details on how to enable MA for Exchange Online tenants, see Enable Modern Authentication in Exchange Online.
I’ve tested 2FA with Microsoft’s mobile Office apps, Outlook Groups, Office 2016 desktop apps, and OneDrive for Business in Windows 10, and found no problems. But there may be apps that are incompatible or require an app password, so make sure you test all the apps in your organization before enabling 2FA.
If you intend to set up 2FA for tenant administrator accounts, you should note that those accounts won’t be able to sign in to Office 365 using PowerShell. Microsoft recommends creating a specialized account for each administrative user for the purposes of accessing Office 365 via PowerShell. These accounts should be disabled when not in use.
The first step is to enable 2FA for one or more users in the Office 365 admin portal. 2FA can be enabled for individual users or in bulk. In this demo, because I’m testing 2FA before I roll out the feature to all users, I’ll enable 2FA for one account only. Before continuing, I recommend installing Microsoft Authenticator on your mobile device, not to be confused with Authenticator, a similar app from Microsoft but without support for push notifications.
Enable multi-factor authentication for an Office 365 user (Image Credit: Russell Smith)
Enable multi-factor authentication for an Office 365 user (Image Credit: Russell Smith)
The MULTI-FACTOR AUTH STATUS column for the user will change to Enabled. Close the browser window and sign out of the admin portal.
The user is then required to enroll for 2FA once the feature has been enabled for their account by an administrator. The user should sign in to Office 365 as usual with their username and password, and then click Set it up now on the sign in screen and follow the instructions below:
Set up multi-factor authentication in Office 365 (Image Credit: Russell Smith)
Set up multi-factor authentication in Office 365 (Image Credit: Russell Smith)
Web-based and mobile apps can use Microsoft Authenticator app verifications for 2FA logins, but Office desktop apps require an app password. The final step provides you with an app password for these apps.
You’ll be prompted to sign in again, this time by verifying the login using the Microsoft Authenticator app.
In this article, I showed you how to enable 2FA for Office 365 user accounts and how users should enroll once 2FA has been enabled for their accounts, using the Microsoft Authenticator app for verification.
More in Security
Logpoint's Converged SIEM Platform Adds New Case Management Interface and Other New Features
Mar 30, 2023 | Laurent Giret
Microsoft's New Security Copilot Tool Uses GPT-4 to Quickly Respond to Threats
Mar 28, 2023 | Rabia Noureen
CISA Releases New Free Tool to Identify Threats in Microsoft Cloud Services
Mar 24, 2023 | Rabia Noureen
Microsoft Defender for IoT Gets Cloud-Powered Security Features to Protect Enterprise Networks
Mar 21, 2023 | Rabia Noureen
Azure Firewall Basic Now Available to Protect Small Businesses Against Cyberattacks
Mar 16, 2023 | Rabia Noureen
Microsoft Releases Updates to Patch Critical Outlook NTLM Vulnerability
Mar 16, 2023 | Rabia Noureen
Most popular on petri