Multi-Factor Authentication for Office 365 – How to do?
Microsoft added multi-factor authentication to Office 365Midsize Business, Enterprise, Academic, Nonprofit, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This will allow organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.
Previously multi-factor authentication was only made available to Office 365 administrative roles when the feature launched in June 2013. Now this security measure is extended to all users of Office 365. Users who are enrolled for multi-factor authentication are required to configure App Passwords in order to use Office desktop applications, including Outlook, Lync, Word, Excel, PowerPoint, and SkyDrive
Multi-factor authentication has been available for Office 365 administrative roles since June 2013, and today we’re extending this capability to any Office 365 user. We’re also enhancing the capabilities that have been available since June. We’re adding App Passwords for users so they can authenticate from Office desktop applications as these are not yet updated to enable multi-factor authentication. And we’re enabling users who are authenticated from a federated on-premises directory to be enabled for multi-factor authentication.
To start with, if you want to enable user with multi factor authentication,
- Office 365 administrators should enrol the users for multi-factor authentication through the Office 365 admin center.
- Select the user, more settings and select “Manage multi-factor authentication”
3. This will take you to another window.
4. Again select the user and check mark the box and on the rightside click “Enable”
Thats all from the office365 admin portal
Now the activated user has to log into his portal.
Open the browser (On Safari browser, there are few issues, at this stage) i use Chrome and type office.microsoft.com.
Login with his credentials. A successful login will take you to this page
fter being enrolled for multi-factor authentication, the next time a user signs in, they see a message asking them to set up their second authentication factor.
Any of the following may be used for the second factor of authentication.
- Call my mobile phone. The user receives a phone call that asks them to press the pound key. Once the pound key is pressed, the user is logged in.
- Text code to my mobile phone. The user receives a text message containing a six-digit code that they must enter into the portal.
- Call my office phone. This is the same as Call my mobile phone, but it enables the user to select a different phone if they do not have their mobile phone with them.
- Notify me through app. The user configured a smartphone app and they receive a notification in the app that they must confirm the login. Smartphone apps are available for Windows Phone, iPhone, and Android devices.
- Show one-time code in app. The same smartphone app is used. Instead of receiving a notification, the user starts the app and enters the six-digit code from the app into the portal.
Select the preferred option you want and then configure the Azure authenticator app.
Once the user is signed in and in future, if they want to change their multi factor of authentication, goto their Office365 settings and in the settings menu, at the bottom, click “additional security verification” and change the option
Multi-Factor Authentication can be used from smartphones using the browser on the phone to access Office 365. Mail apps on smartphones can use App Password to authenticate if they have Multi-Factor Authentication enabled. Available for iOS, Android & Windows phone.
Certain Apps such as Skype for Business etc…does not support MFA. So for this, you need to use app password.
You can find it next to the additional security verification page, as a tab called “app password”
In this page, click to create the new app password.
Once you have an app password, you use this in place of your original password with these non-browser apps. So for instance, if you are using multi-factor authentication and the Apple native email client on your phone. Use the app password so that it can bypass multi-factor authentication and continue to work. For more info, click here
You might also like
Who can Federate with Microsoft Lync? Check it out…Matt Landis wrote a beautiful blog with tool. Click here to check … Thanks Matt
Open Door is Microsoft’s premier technical education event aimed at offering technology professionals and decision makers the chance to explore and connect with a broad set of current and soon-to-be-released
When you have a mail enabled public folder in your exchange server 2007/2010 environment, you might face issues with email forwarding from the public folder from your user account, where