How to Enable Office 365 MFA (Multi-Factor Authentication) For Users. All in all, data breaches caused due to compromised security cost a hefty amount to organizations. According to a 2022 survey, over 80% of data breaches are caused due to poor password security. Securing your Microsoft accounts with passwords alone doesn’t assure data safety. Introduced in June 2013, Microsoft’s MFA (Multi-Factor Authentication) helps keep your accounts protected from phishing and cyber attacks.
In this blog post, we explore MFA, why businesses absolutely need it, the benefits of implementing it in Microsoft (Office) 365, and how you enable it in a stepwise manner.
Image Source: Microsoft 365 YouTube
Shall we start with How To Enable MFA (Multi-Factor Authentication) For Users?
What Is MFA (Multi Factor Authentication)?
Image Source: CUNY
Microsoft (Office) 365 provides you with an improved version of MFA in Security Suite and Enterprise Mobility which requires a license purchase for accessibility.
Types Of Office 365 MFA (Multi Factor Authentication)
- Enabled MFA — user is enrolled but has not completed the registration process. Every time a user signs in, they are prompted to complete the registration process, and this prompt is mostly set for a timebound.
- Enforced MFA — the registration process is already complete in this setting. Once a user registers to Azure AD MFA, their access and user account gets automatically changed to enforced from enabled.
- Disabled MFA — a default setting for new user accounts.
Why Businesses Absolutely Need MFA (Multi Factor Authentication)
The common targets of data thefts (where MFA must be implemented) are:
- Enterprises — As per the 2021 Varonis study, an employee from the financial sector has access to over 11 million files.
- Businesses — As per Nexusguard DDoS Threat Report 2020 Q2, 9637 attacks were from 10-30 Mbps.
- Individuals
- Enterprises — As per the 2021 Varonis study, an employee from the financial sector has access to over 11 million files.
Certainly, the most common reasons for data compromise are:
- The exploitation of Software Apps (Backdoors).
- Stolen or Weak credentials or passwords.
- Malicious Software or Malware.
- Complex access permissions.
- Accomplice threat.
Concurrently, most data breaches originate from weak credentials. According to a Symantec survey, 4800 plus websites get compromised because of formjacking code (a form of cyber attack in which the attacker inserts a malicious JavaScript code into a Webpage form).
Also Read Deploy Office 365 User Reports
Authentication Methods In Office 365 MFA (Multi Factor Authentication)
By Personal Phone Or Any Other Device
Here, authentication using this method consists of a six digit OTP or code sent as a text message on the registered device or a phone call followed by an autonomous agent asking you to press ‘#’ to confirm your identity.
On An Office Device
Conversely, the above call authentication process is followed on the office device or phone (in case you have set the authentication call option to office phone).
Microsoft Authenticator App
Download this app on any device. Equally, to authenticate using this app, a notification is sent to the registered device, where you accept or reject the accessibility.
Also Read Use Office 365 Reporting Tool
Benefits Of Implementing Office 365 MFA (Multi Factor Authentication)
Protects Consumer Identity
MFA supplements the existing layer of password security with added defence to save the identity of their users from cyber attacks.
Enhances Third Party Security
In large organizations, the system is accessed by third parties for various business reasons. To save a substantial amount of data, it is beneficial to create stringent authentication methods such as biometric scans, location factors, etc.
Meeting Regulatory Requirements
Evidently, organizations have to comply with multiple regulations and policies while implementing MFA. Such security protocols help organizations to keep their critical data well protected.
Controlled access
Improve your Active Directory Security & Azure AD
Try us out for Free, Access to all features. – 200+ AD Report templates Available. Easily customise your own AD reports.
Now it is the main part of the article How To Enable MFA (Multi-Factor Authentication) For Users.
How To Enable Office 365 MFA (Multi Factor Authentication) For Users
Steps To Set Up Office 365 MFA Enabled Sign In (For Users)
Instructions
- Setting up using two step verification.
- Using the Multi factor authenticator app.
Steps
Once your user account has been enabled by the administrator for MFA, it needs to be set up for use. Follow these steps:
- Sign in to your individual account with the password. A popup appears seeking more information for authentication.
- Click ‘Next’.
- As per the default authentication method, you need to install and use the free Microsoft Authenticator App.
- But you can also select the SMS method. To select a different method, click on ‘I want to set up a different method’. Enter your phone number to receive the six-digit code to authenticate your phone.
Image Source: unDraw
- Once this additional verification method is activated, you will be asked to enter an SMS code that is sent to your registered device every time you sign in.
How To Manage Office 365 MFA User Settings
- As you go on the multi factor authentication page, check the box against the users to be managed.
- Click on ‘Quick steps’ and then choose ‘Manage user settings’. This opens the following options:
- Require users to provide contact methods again.
- Delete all existing app passwords generated by the selected users.
- Restore MFA on all member devices.
- You choose one or all options. Save the selection and close.
Steps To Set Up Office 365 MFA — Applicable for Global Administrators
Image Source: pk Tech
- Go to the Admin Center of Office 365 and click on ‘Users’.
- Click on ‘Active Users’.
- Go to ‘More’ and choose ‘Azure Multi-Factor Auth’.
- Sort the users for whom you wish to enable MFA. In case it has to be enabled for all the users, change the status view of MFA.
- The view settings are classified as per the following three attributes:
- Disabled — The default setting for all users.
- Enabled — Users with the incomplete registration process (prompted for completion during every signing in process).
- Enforced — The user has completed registration and MFA is already implemented to their accounts.
- Check the box against the users you want to enable MFA for.
- Click on ‘Quick Steps’ on the right.
- Choose ‘Manage user settings’ and click on ‘Enable’.
- A dialogue box appears. Click on ‘Multi factor auth’.
How To Manage Security Defaults (For Global Admins Only)
- Sign in to your admin account.
- Click on ‘Azure Active Directory Properties’.
- Select ‘Manage Security Defaults’.
- Select ‘Yes’ to enable or ‘No’ to disable them.
Also Read Deploy Office 365 Contact Reports
Common Problems With Two Step Verification
A Lost Registered Device
Hence, if opted for an alternative authentication method such as office phone, email, etc., then you sign in using this method and set up a new password to secure your account.
But in case you have not opted for any additional authentication method, then you need to contact the help desk.
Unable To Turn Off Two Step Verification
On the other hand, if you are using the account as an individual user, you change the settings after signing in.
However, if it is a school or work account, then you cannot alter the settings individually, as it has been enforced by the organization as a mandatory feature.
Moreover, the third case scenario for this issue could be when the security defaults have been applied at the organizational level.
Unable To Sign In After Multiple Attempts
Repeated sign in attempts are observed by Azure MFA. In such a case, it prevents you from further signing in attempts to counter any security threats.
In case the attempts have been made by you, consider using an alternate method.
However, if you suspect malicious activity, contact your administrator with the issue.
Thank you for reading How To Enable MFA (Multi-Factor Authentication) For Users. We will conclude this article now.
Also Read Try Active Directory User Reports Tool
Enable Office 365 MFA (Multi Factor Authentication) For Users (Conclusion)
Today, you easily secure your organization against data breaches and identity theft with multi factor authentication (MFA). Available for all users by default, it offers a higher level of security for all Microsoft (Office) 365 services that require authentication.
Image Source: Microsoft Tech Community
Basically, the benefits are tremendous with the protection of sensitive information like customer records and the prevention of a hacker accessing your accounts. With access to everything from email to scheduling, and file sharing all at their fingertips, your business is more vulnerable than ever if these services are left unprotected.
With Microsoft (Office) 365 multi-factor authentication ‘enabled’, all accounts are better secured against unauthorized access.
If you are still on the fence about implementing multi factor authentication in your company, we hope that this blog post has highlighted how valuable it is for your business and customers plus guided you on how to enable it stepwise.
Try InfraSOS for FREE
Invite your team and explore InfraSOS features for free
- Free 15-Days Trial
- Easy Setup
- Full Access to Enterprise Plan
