Enable Multi Factor Authentication in Office 365 – Double Verification

enable-office365-mfa

Microsoft added multi-verification for Office 365 users in 2014 and allowed them to set up & enable multi-factor authentication in office 365. This acts as double-layer protection for an anonymous user to access your Exchange Online account.

Who can enable Multi-factor authentication in Office 365? 

This complete task is from the admin department, which can enable any co-member to use multi-factor authentication (MFA) in Office 365. To turn on authentication, it’s important to know about your subscription. If you have a global administrator subscription, you can set up multi-factor authentication in Office 365.

How many types of second verification in Office 365?

MFA provides multiple options to sign in to Office 365 account. You can add any two or more verification methods to the account.

  1. Mobile: – Use your mobile no. to receive a SMS or Call for authentication.
  2. Randomly generated pass code: – It is a mix series of Numbers & Alphabets.
  3. A biometric device
  4. A smart card (virtual or physical)

You can make an additional security cover on the Office 365 account by selecting anyone.

Enable modern authentication in Exchange Online or Office 365

MFA is a great level of security to protect your valuable data from unauthorized access. It is easy to implement and good deal of flexibility for the user. The best part is that this is a user-side proprietor who is able to choose the type of authentication that enables authenticating personally.

Steps to enable Office 365 authentication!

  • Login to Office 365 admin center via admin credential >> Go to User and Groups or Click on User (In the updated version of Office 365)
  • Under the Active user, you will see the “Set multi-factor authentication requirement” >> Click on Set up. (Note: if you are using office 365 in small business and dedicated plan then you cannot enable it.) OR

active-users

  • If you have an updated version then Click on More >> choose “Multifactor Authentication setup“.

mfa

  • In the next window, you will notice that all the multi-factor auth status is disabled. So select one of that users (in which you want to enable the second authentication) and click on “Enable”.

mfa-enable

  • It will show you a confirmation window with the deployment guide of MFA authentication and register of multi-factor auth. If your user does not regularly use the browser to log in then click on the register link otherwise hit on the “enable multi-factor auth” button.

mfa-deployment-guide

  • When it shows a pop-up window of update successfully and enables authentication that means the next process is ready for the user side.
  • When the user login into the Office 365 portal, the “set it up now” button shows after login. Which means “admin has required some additional security verification?”
  • Click on setting it up now >> New window shows the different options to authenticate it via mobile phone, Office phone, and mobile app.

For Mobile Authentication

  • If you choose Mobile phone >> then you can enable one option from SMS or Call >> Select region and put the real number to get the Call or SMS then press Next.
  • Click on the “verify now” option >> Now, wait a few minutes to get a message or call.
  • When it did then click on Next.
  • Ahead, you will see an app access password code. This is for the non-browse app such as MS Outlook app, Lync, or Mobile apps for email.
  • If you want to generate the password for the app then hit on “Generate app password” otherwise hit on the second button (I don’t use this account with these apps).

All the procedures have ended here. In the future, whenever a user logs in at any time, he or she will get a message or call on the registered mobile phone.

Enable multi-factor authentication in office 365 Using PowerShell

Here I am going to explain one more method to enable multi-factor authentication in Office 365 Exchange Online by using PowerShell Command. So follow the given step-by-step instructions.

Step 1: Download and install the following required modules.

  1. Microsoft Online Services Sign-In Assistant for IT Professionals RTW
  2. Azure Active Directory Module for Windows PowerShell  (64-bit Version)

Step 2: Now run the Windows PowerShell as administrator.

Step 3: Then confirm the setting changes by putting the following command line.

Get-ExecutionPolicy

But if this not work so type

Set-ExecutionPolicy Unrestricted –Scope CurrentUser

Step 4: After that connect the Exchange Online account and MoslService with the PowerShell by typing the following command.

Log in to your Office 365 Admin Mailbox.

Import-Module MSOnline

Connect-MsolService

Connect-MsolService –Credential $UserCredential

$auth = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement

Step 5: Now select the Multi-Factor Authentication (MFA) between “Enforced” and “Enable”.

$auth.State = “Enabled”

Step 6: After that choose a date – Any device released for a user before this date will require MFA setup. Generally, we will select the date of the run order.

$auth.RememberDevicesNotIssuedBefore = (Get-Date)

Step 7: If you want to enable the multi-factor authentication for a single or all users then type the following commands

For Single User: Set-MsolUser -UserPrincipalName <UserPrincipalName> -StrongAuthenticationRequirements $auth

All Users: Get-MsolUser –All | Foreach{ Set-MsolUser -UserPrincipalName $_.UserPrincipalName -StrongAuthenticationRequirements $auth}

 

If you want to be a regular user or if you are looking at a device for migrating to Office 365 with authentication, then there is good news for you. All Office 365 solution of MailsDaddy works accurately with authentication.

Final Verdict

After reading this blog, you will be clear about “How to enable multi-factor authentication in Office 365“. If you have any doubts, feel free to comment.