How to Enable Office 365 MFA (Multi-Factor Authentication) For Users. All in all, data breaches caused due to compromised security cost a hefty amount to organizations. According to a 2022 survey, over 80% of data breaches are caused due to poor password security. Securing your Microsoft accounts with passwords alone doesn’t assure data safety. Introduced in June 2013, Microsoft’s MFA (Multi-Factor Authentication) helps keep your accounts protected from phishing and cyber attacks.
In this blog post, we explore MFA, why businesses absolutely need it, the benefits of implementing it in Microsoft (Office) 365, and how you enable it in a stepwise manner.
Shall we start with How To Enable MFA (Multi-Factor Authentication) For Users?
What Is MFA (Multi Factor Authentication)?
Types Of Office 365 MFA (Multi Factor Authentication)
- Enabled MFA — user is enrolled but has not completed the registration process. Every time a user signs in, they are prompted to complete the registration process, and this prompt is mostly set for a timebound.
- Enforced MFA — the registration process is already complete in this setting. Once a user registers to Azure AD MFA, their access and user account gets automatically changed to enforced from enabled.
- Disabled MFA — a default setting for new user accounts.
Why Businesses Absolutely Need MFA (Multi Factor Authentication)
The common targets of data thefts (where MFA must be implemented) are:
Certainly, the most common reasons for data compromise are:
- The exploitation of Software Apps (Backdoors).
- Stolen or Weak credentials or passwords.
- Malicious Software or Malware.
- Complex access permissions.
- Accomplice threat.
Authentication Methods In Office 365 MFA (Multi Factor Authentication)
By Personal Phone Or Any Other Device
Here, authentication using this method consists of a six digit OTP or code sent as a text message on the registered device or a phone call followed by an autonomous agent asking you to press ‘#’ to confirm your identity.
On An Office Device
Microsoft Authenticator App
Download this app on any device. Equally, to authenticate using this app, a notification is sent to the registered device, where you accept or reject the accessibility.
Benefits Of Implementing Office 365 MFA (Multi Factor Authentication)
Protects Consumer Identity
Enhances Third Party Security
Meeting Regulatory Requirements
Improve your Active Directory Security & Azure AD
Try us out for Free, Access to all features. – 200+ AD Report templates Available. Easily customise your own AD reports.
Now it is the main part of the article How To Enable MFA (Multi-Factor Authentication) For Users.
How To Enable Office 365 MFA (Multi Factor Authentication) For Users
Steps To Set Up Office 365 MFA Enabled Sign In (For Users)
Once your user account has been enabled by the administrator for MFA, it needs to be set up for use. Follow these steps:
- Sign in to your individual account with the password. A popup appears seeking more information for authentication.
- Click ‘Next’.
- As per the default authentication method, you need to install and use the free Microsoft Authenticator App.
- But you can also select the SMS method. To select a different method, click on ‘I want to set up a different method’. Enter your phone number to receive the six-digit code to authenticate your phone.
- Once this additional verification method is activated, you will be asked to enter an SMS code that is sent to your registered device every time you sign in.
How To Manage Office 365 MFA User Settings
- As you go on the multi factor authentication page, check the box against the users to be managed.
- Click on ‘Quick steps’ and then choose ‘Manage user settings’. This opens the following options:
- Require users to provide contact methods again.
- Delete all existing app passwords generated by the selected users.
- Restore MFA on all member devices.
- You choose one or all options. Save the selection and close.
Steps To Set Up Office 365 MFA — Applicable for Global Administrators
- Go to the Admin Center of Office 365 and click on ‘Users’.
- Click on ‘Active Users’.
- Go to ‘More’ and choose ‘Azure Multi-Factor Auth’.
- Sort the users for whom you wish to enable MFA. In case it has to be enabled for all the users, change the status view of MFA.
- The view settings are classified as per the following three attributes:
- Disabled — The default setting for all users.
- Enabled — Users with the incomplete registration process (prompted for completion during every signing in process).
- Enforced — The user has completed registration and MFA is already implemented to their accounts.
- Check the box against the users you want to enable MFA for.
- Click on ‘Quick Steps’ on the right.
- Choose ‘Manage user settings’ and click on ‘Enable’.
- A dialogue box appears. Click on ‘Multi factor auth’.
How To Manage Security Defaults (For Global Admins Only)
Common Problems With Two Step Verification
A Lost Registered Device
Hence, if opted for an alternative authentication method such as office phone, email, etc., then you sign in using this method and set up a new password to secure your account.
But in case you have not opted for any additional authentication method, then you need to contact the help desk.
Unable To Turn Off Two Step Verification
On the other hand, if you are using the account as an individual user, you change the settings after signing in.
However, if it is a school or work account, then you cannot alter the settings individually, as it has been enforced by the organization as a mandatory feature.
Moreover, the third case scenario for this issue could be when the security defaults have been applied at the organizational level.
Unable To Sign In After Multiple Attempts
In case the attempts have been made by you, consider using an alternate method.
However, if you suspect malicious activity, contact your administrator with the issue.
Thank you for reading How To Enable MFA (Multi-Factor Authentication) For Users. We will conclude this article now.
Enable Office 365 MFA (Multi Factor Authentication) For Users (Conclusion)
Today, you easily secure your organization against data breaches and identity theft with multi factor authentication (MFA). Available for all users by default, it offers a higher level of security for all Microsoft (Office) 365 services that require authentication.
Basically, the benefits are tremendous with the protection of sensitive information like customer records and the prevention of a hacker accessing your accounts. With access to everything from email to scheduling, and file sharing all at their fingertips, your business is more vulnerable than ever if these services are left unprotected.
If you are still on the fence about implementing multi factor authentication in your company, we hope that this blog post has highlighted how valuable it is for your business and customers plus guided you on how to enable it stepwise.
Try InfraSOS for FREE
Invite your team and explore InfraSOS features for free