How to set up multifactor authentication for Office 365 users

Requiring MFA for some or all Microsoft Office 365 users will better protect your network and email system from attacks.

This Microsoft Office 365 security tip covers one of the best settings you can do, but might get you in the doghouse with your users: multifactor authentication (MFA). Face it, using passwords alone can be dangerous. If a single password is cracked, attackers could have their way in your system and you’d probably not be alerted to their access. Enabling Azure MFA for Office 365 users ensures that if access occurs from an unusual location, it will be blocked until the user provides additional verification.

Too often end users reuse the same username and password on various websites. They might use their normal domain password on multiple websites. Think your domain isn’t at risk now? Try out a sample username and password on the site haveibeenpwned to see if you are already at risk. This site is set up by a security researcher and sites such as Github use it to check on the quality of passwords.

You can set up MFA on individual users or for all users. If you’d like all users, you can set it up from Microsoft’s Secure Score site. To enable MFA on Office 365 admin site go to the Microsoft Admin Portal, and then go to “Users”, “Active users”. Choose “More” and then “Multifactor Authentication setup”. If you are not a global admin you won’t see the “More” option.

bradley mfa 1 Microsoft

Office 365 admin center - review MFA setup

I’m assuming that you will choose multifactor authentication with cloud services only and not by setting up a local authentication server, but you may review your options and requirements before setting up your options.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!