Multi-Factor Authentication for Office 365 – How to do?

Microsoft added multi-factor authentication to Office 365Midsize Business, Enterprise, Academic, Nonprofit, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This will allow organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.

Previously multi-factor authentication was only made available to Office 365 administrative roles when the feature launched in June 2013. Now this security measure is extended to all users of Office 365.  Users who are enrolled for multi-factor authentication are required to configure App Passwords in order to use Office desktop applications, including Outlook, Lync, Word, Excel, PowerPoint, and SkyDrive

Multi-factor authentication has been available for Office 365 administrative roles since June 2013, and today we’re extending this capability to any Office 365 user. We’re also enhancing the capabilities that have been available since June. We’re adding App Passwords for users so they can authenticate from Office desktop applications as these are not yet updated to enable multi-factor authentication. And we’re enabling users who are authenticated from a federated on-premises directory to be enabled for multi-factor authentication.

To start with, if you want to enable user with multi factor authentication,

  1. Office 365 administrators should enrol the users for multi-factor authentication through the Office 365 admin center.
  2. Select the user, more settings and select “Manage multi-factor authentication”


3. This will take you to another window.

4. Again select the user and check mark the box and on the rightside click “Enable”


Thats all from the office365 admin portal

Now the activated user has to log into his portal.

Open the browser (On Safari browser, there are few issues, at this stage) i use Chrome and type

Login with his credentials. A successful login will take you to this page


fter being enrolled for multi-factor authentication, the next time a user signs in, they see a message asking them to set up their second authentication factor.

Any of the following may be used for the second factor of authentication.

  1. Call my mobile phone. The user receives a phone call that asks them to press the pound key. Once the pound key is pressed, the user is logged in.
  2. Text code to my mobile phone. The user receives a text message containing a six-digit code that they must enter into the portal.
  3. Call my office phone. This is the same as Call my mobile phone, but it enables the user to select a different phone if they do not have their mobile phone with them.
  4. Notify me through app. The user configured a smartphone app and they receive a notification in the app that they must confirm the login. Smartphone apps are available for Windows Phone, iPhone, and Android devices.
  5. Show one-time code in app. The same smartphone app is used. Instead of receiving a notification, the user starts the app and enters the six-digit code from the app into the portal.


Select the preferred option you want and then configure the Azure authenticator app.


Once the user is signed in and in future, if they want to change their multi factor of authentication, goto their Office365 settings and in the settings menu, at the bottom, click “additional security verification” and change the option


Multi-Factor Authentication can be used from smartphones using the browser on the phone to access Office 365.  Mail apps on smartphones can use App Password to authenticate if they have Multi-Factor Authentication enabled. Available for iOS, Android & Windows phone.

Certain Apps such as Skype for Business etc…does not support MFA. So for this, you need to use app password.

You can find it next to the additional security verification page, as a tab called “app password”


In this page, click to create the new app password.

Once you have an app password, you use this in place of your original password with these non-browser apps. So for instance, if you are using multi-factor authentication and the Apple native email client on your phone. Use the app password so that it can bypass multi-factor authentication and continue to work. For more info, click here


About author

You might also like


OAB…long time to download?

An offline address book (OAB) is a copy of a collection of address lists that has been downloaded so that a Microsoft Outlook user can access the information it contains

Microsoft Azure

Rights Management Services (RMS) – Office 365 vs EMS

Azure Rights Management services (RMS) can be purchased through Office 365 or from the Enterprise Mobility Suite (EMS), or as a standalone subscription or an Enterprise licensing model. These offerings has its

Lync Online

Nokia Lumia 920 – The Phone that sets the standard

8.7 megapixels Camera sensor (main camera resolution) Nokia PureView Camera 4.5 ” Display size Snapdragon™ S4 Processor name 10 h Talk time (3G) 400 h Standby time (3G) 67 h


No Comments Yet!

You can be first to comment this post!

Leave a Reply