With 81 percent of data breaches being due to weak, reused, or stolen passwords, turning on Multi-Factor Authentication (MFA) on all of your apps is necessary. In this article we'll show you how to setup MFA for your Office 365 account paired with the Microsoft Authenticator smartphone app.
Microsoft Authenticator App
While you can authenticate by typing in a 6-digit verification code sent your phone or email address, having to jump back and forth between tabs and apps and then typing out the code is really annoying. The Microsoft Authenticator app alleviates this poor end user experience.
Benefits of the Microsoft Authenticator App
- Available for iOS and Android devices
- Can approve an MFA request even if you have no cell coverage
- Can approve an MFA request even if you have no wireless coverage
- If you have a limited SMS Plan and have wifi, you will not be using your SMS plan to get authenticated
- The best of all, Microsoft delivers the best MFA experience. You just need to click a button to MFA, no need to read, remember, and type a 6-digit code
Office 365 MFA Step-by-Step Setup
Before we begin, you or your IT administrator must have enabled MFA and the Azure feature called “Users can use preview features for registering and managing security info – enhanced” before being able to follow the steps below.
Let’s get started!
- Go to https://office.com
- Click on Sign in
- Type your username and click Next
- Type your password and click on Sign in
- You will now be required to provide more information and start enrolling your device against your Office 365 account.
- Click Next in the screen below
- You will now be presented with a wizard to install the Microsoft Authenticator app on your phone
Once you have downloaded the app, please make sure you allow the Microsoft Authenticator app to use your camera (if asked). If the app cannot use the camera, you will not be able to complete the setup correctly. Once the app is installed, you will need to set up your account to connect to the app.
Now that the app has been registered against your account, let’s validate that it has been set up correctly
You will receive a ‘pop up’ notification from Microsoft Authenticator. You will need to press the Approve button to move forward. The nice thing, compared to SMS MFA is that you do not have to type any number, making the process faster and easier.
If the setup is successful, you will receive the following confirmation – “Notification approved”
Now, you will setup the backup solution, which is to use the regular MFA using the SMS option. You will be asked to enter your mobile phone number and decide if you want to have your validation done via an SMS or having Microsoft call you.
In the example below, I have chosen the SMS option. Once you receive the SMS, enter it and click Next
When successful, you will receive the following screen “SMS verified successfully”
You are now ready to use Microsoft Authenticator as the default sign-in method
You have taken a great step to secure your identity!