Multi-factor authentication in Office 365
Before we get into why you should be using multi-factor authentication with Office 365, you may be asking, what is multi-factor authentication? Simply put, multi-factor authentication, or sometimes referred to as MFA, is the combination of two or more independent credentials which can verify a user.
To explain this further, the multi-factor authentication will be made up of what the user knows (their password) and what the user has (a security token or pin code) and lastly what the user is, for example biometric verification or a finger print.
The overall goal of MFA is to secure the authentication process and ensure that whoever is signing in, is indeed them, the additional layers of security helps to confirm the integrity of the login request. Although it may sound longwinded and difficult once setup is straightforward and easy to use.
What are the benefits are using MFA with Office 365 or other products? This can be answered with one word, Security. If you add extra validation to your login requests, it makes it harder for unauthenticated people to gain access to your systems and you ensure that the integrity of your systems are kept safe and secure.
It is our recommended that you implement MFA (or two-factor authentication) wherever you can to help protect your personal information and systems.
How to use MFA with Office 365
Implementing MFA within Office 365 involved several steps and depending upon how your business is setup, may slightly differ from company to company. However once setup, the process is nearly identical to login.
To configure MFA, you will need to be an administrator within Office 365, if this is your instance of Office 365, you will automatically be an administrator, if this is your office or rented from another provider, you may have to ask about permissions.
First log into the Office 365 admin centre, which can be found by logging into portal.office365.com and then clicking on the ‘Admin’ button, Once in the admin section you should see a screen like the following:
Next, you will need to configure the users who are going to use MFA, whether this is one person or everyone. Note: Ensure that if you have any services which are reliant upon a specific user, that it supports MFA, otherwise you may break functionality.
Select the users and enable them for MFA, once this is done, the next time the users log into their account they will be asked to configure a second form of authentication to continue.
Once everything has been setup and configured in the background, when you log into Office 365 using the web portal you will see something like this screen.
One area to remember about and catches a lot of people out, is once MFA has been configured within Office 365, applications may suddenly break as they can’t validate their login requests. This is where application passwords come into play.
More information on setting an application password can be found here: https://support.office.com/en-gb/article/create-an-app-password-for-office-365-3e7c860f-bda4-4441-a618-b53953ee1183
For more information on how to use multi-factor authentication with Office 365, Microsoft have released a detailed explanation of how to implement it into your environment. This can be found here: https://www.microsoft.com/en-us/microsoft-365/blog/2014/02/10/multi-factor-authentication-for-office-365/ and there’s further information on how to setup multi-factor authentication here: https://docs.microsoft.com/en-us/office365/admin/security-and-compliance/set-up-multi-factor-authentication?view=o365-worldwide