Two Factor Authentication for Office 365 – What it is, why you need it, and how to set it up. 1


You’ve no doubt heard a good many discussions on Two Factor Authentication and wondered about it.  Please read on and I’ll tell you all about it.

Two Factor Authentication adds an extra layer of security to your online accounts and makes them much harder to hack. It requires more than just a simple username and password. You and your account service use two different means of verifying your identity.  This type of authentication is not new and you’ve likely been using it all along; every time you visit an ATM, both your credit/debit card AND your PIN are required for access – two factors!

On an Office 365 account, the two factors are (1) your username and password and (2) a text message sent to your mobile phone or a code provided by an Authenticator App.  The Microsoft Authenticator App, for example, connects to your account service and provides the second factor in one of two ways:

  • Notification. The app sends a notification to your device. Make sure the notification is right, and then select Verify. If you don’t recognize the notification, select Deny.
  • Verification code. After you type your username and password, you can open the app and copy the verification code provided on the Accounts screen on to the sign-in screen. The verification code acts as a second form of authentication.

Here’s how to get the Authenticator App and set it up:

Install the app

The Microsoft Authenticator app is available for Android, iOS, and Windows Phone. For the best experience, you should let the app get notifications when you’re asked.

Add accounts to the app

You can add work or school accounts or personal accounts to the Microsoft Authenticator app.

Add a personal Microsoft account

For a personal Microsoft account (one that you use to sign in to Outlook.com, Xbox, Skype, etc.), all you have to do is sign in to your account in the Microsoft Authenticator app.

Add a work or school account

  1. If possible, go to the Additional security verification screen on another PC or device. For information about how to get to this screen, see Changing your security settings or contact your administrator.(Note: If your administrator has turned on the security info preview experience, you can follow the instructions in the Set up security info to use an authenticator app section.)

2. Check the box next to Authenticator app, and then select Configure.

The Configure mobile app screen will then appear with a QR code for you to scan with the authenticator app.

  1. Open the Microsoft Authenticator app. On the Accounts screen, select Add account, and then select Work or school account.
  2. Use your device’s camera to scan the QR code, and then select Done to close the QR code screen.

(Note: If your camera isn’t working properly, you can enter the QR code and URL manually – see below).

The Accounts screen of the app shows you your account name and a six-digit verification code. For additional security, the verification code changes every 30 seconds preventing you from using the same code twice.

Add an account to the app manually

  1. Copy the code and URL information from the Configure mobile app screen (shown above) so you can manually type them into the QR scanner.
  2. Open the Microsoft Authenticator app. On the Accounts screen, select Add account, and then select Work or school account.
  3. In the QR scanner screen, select Enter code manually.

4. Type the code and URL from the screen with the QR code into the Add an account screen, and then select Finish.

The Accounts screen of the app shows you your account name and a six-digit verification code. For additional security, the verification code changes every 30 seconds preventing you from using the same code twice.

Using your device’s fingerprint or facial recognition capabilities

Your organization might require a PIN to complete your identity verification. You can set up the Microsoft Authenticator app to use your device’s fingerprint or facial recognition capabilities instead of a PIN. You can set this up the first time you use the authenticator app to verify your account, by selecting the option to use your device biometric capabilities as identification instead of your PIN.

Use the app when you sign in

After you add your accounts to the app, you can use the app to sign in to your accounts.  If you chose to use verification codes in the app, you’ll start to see them on the Accounts page. The codes change every 30 seconds so that you always have a new code when you need one. But you don’t need to do anything with them until you sign in and are prompted to enter a verification code.

The Microsoft Authenticator App is not limited in its use to just Office 365 and Microsoft accounts, it will also work with Two Factor accounts provided by, and many more, here a list:

Click any of the links below to learn how to set up 2FA on your online accounts.

Online Service Enabling 2FA Step-by-Step
Amazon Amazon Two Step Verification
Apple Accounts Apple Two Step Verification
DreamHost DreamHost Two Step Verification
Dropbox Dropbox Two Step Verification
Facebook Facebook Two Factor Authentication
Google Accounts Google Two Factor Authentication
Instagram Instagram Two Factor Authentication
Lastpass LastPass Multifactor Authentication
LinkedIn LinkedIn Two-Factor Authentication
Microsoft Accounts Microsoft Two Step Verification
Slack Slack Two Factor Authentication
Trello Trello Two Factor Authentication
Twitter Twitter Two Step Verification
Zapier Zapier Two Step Verification

 

Two Factor Authentication is called different names by services out there. It can be called Multi-factor Authentication, 2-Step Verification, or something similar. No matter what a company calls it, the fact remains, it adds an extra layer of security to your account that makes it much harder for the bad guys to break into it.

Next steps


Leave a comment

Your email address will not be published. Required fields are marked *

One thought on “Two Factor Authentication for Office 365 – What it is, why you need it, and how to set it up.

  • frank kloiber

    I had to remove my account from my tablet after i got hacked. I was able to reinstall it on my phone and the work computer, but i am unable to reinstall my accounts on my tablet. It tells me i have the wrong user name or password, but it works fine on my phone. How to i solve this?