Cyber Security Office 365 Guides Tips and Problem Solving

Enable two-factor authentication in Office 365 Business Premium

Microsoft Office 365 includes (at no additional cost!) Azure Multi-factor Authentication (2fa in reality), enabling many organisations to increase the security posture from Credential Theft.

The Azure Multi-factor (2fa) authentication service can utilise SMS or an authentication app on a smart phone to verify a user login.

Pre-Requisites

  1. The setup must be completed by an Office 365 tenant global administrator
  2. A mobile phone or smart phone is required
  3. Ensure mobile telephone number is added to the users contact information in Office 365
  4. Microsoft Office, Outlook and Teams may require updating (some versions do not include a prompt for 2FA verification therefore causing authentication problems once enforced)

Enable the 2FA Service in Office 365

  1. Login as a Global Administrator
  2. Navigate to the Admin section
  3. Select Settings > down-down Settings
  4. Services tab -> Azure Multifactor Authentication
  5. Tick the “Enable Modern Authentication” option

You can also view this guide on the Microsoft website

Configure 2FA in Office 365

  1. Click ‘Manage Multi-factor authentication’
  2. See a list of Office 365 Users
  3. Begin with testing the enforcement of MFA on your user account and some select others (typically members in the IT team)

Setting up 2FA as a user

  1. Navigate to https://portal.office.com
    (If logged, log out of the account and re-open the browser)
  2. The user will be prompted with a notice to setup security verification and a button to press “Set it up now”
First Sign in screen

3. Choose the authentication method

Choose your authentication method and then follow the prompts on the screen.

4. Copy the applciation password which can be used with popular Mail clients

Image of the copy icon to copy the app password to your clipboard.

5. Once the instructions are complete, the user will be prompted to choose how to receive the verification code and the next time they login they will be asked to enter a code

When you sign in with 2-step verification, you'll be prompted for a code.

We recommend that users download and configure the Microsoft Authentication app on smart phones to improve reliability and further enhance security. SMS verification can be bypassed in some circumstances.