Office 365: Cloud Identities – Managing multi-factor Authentication from Admin center site

Hi All,

In this article we will discuss what multi-factor authentication is, how to enable it, what the options for multi-factor authentication are and how to configure them from Office 365 Admin center site.

What is multi-factor Authentication?

Multi-Factor authentication is the mechanism to identify user by more than one way. Rather than having just user name and password for data access there is second form of authentication. This means while signing to Office 365 user have two or more forms of authentication.

For Office 365, username and password remains the primary authentication method. Following are the secondary options for Office 365

1. Use of Mobile Device App: Microsoft Authenticator App
   • This is mobile app, can be downloaded from app store.
   • We provide it with a QR or numerical code.
   • This app generate new code every 30 seconds
   • While signing to Office 365, user needs to enter this code
2. Authentication Phone : In this we have following two method
   • Phone Call: We receive the phone call and we get the code which we need to enter while signing to Office 365
   • SMS Message:
     1. SMS having code sent to configured mobile number
     2. While signing to Office 365, user needs to enter the received code

Enabling multi-factor authentication: Navigate to “Active Users” page – https://portal.office.com/adminportal/home#/users as

Figure 1: Active Users

From “More” drop-down click on “Setup Azure multi-factor auth” as

Figure 2 – Active User Page – “Setup Azure multi-factor auth” option from “More” drop-down

We will be redirected to “MultifactorVerification.aspx” which is hosted in Azure as

Figure 4 – Enabling MFA for selected user

From the multi-factor authentication page, select the user for whom we want to enable the multi factor authentication and click on “Enable” link as

Figure 4 – Enabling MFA for selected user

Once we clicked on “Enable” link “Enabling MFA dialog box” appears as

Figure 5 – “Enable multi-factor authentication” dialog box

In this way MFA will be enabled for the user.

When user for whom MFA is enabled, on next sign in he / she will be redirected to page where multi-factor authentication need to set up as

Figure 6 – After enabling MFA, user need to set up the MFA

Once we clicked on “Set it up now” button, we will be redirected to “proofup.aspx” page which is also hosted in Azure as

Figure 7 – Additional security verification page – proofup.aspx hosted in Azure

On the “Additional security verification” page we need to select the next authentication option as

Figure 8 – Additional security option

We need to select either on option from

1. Authentication phone
2. Office Phone
3. Mobile App

Here, now we will discuss configuring “Mobile app”, select the “Mobile app” option from drop-down, we will get two options as

Figure 9 – Selecting “Mobile app” option for MFA

Next step is to configure the mobile app – “Microsoft Authenticator App”. Click on “Set up” button. We will get “Configure mobile app” dialog as

Figure 10 – “Configure mobile app” dialog

Before going to next step here we need to install the mobile app – “MICROSOFT AUTHENTICATOR APP”, install this app on your phone, in the app select the account and scan the above given image shown in the Figure 10.

Once we scanned the “QR code” from above image, app will start creating verification code for every 30 secs.

Next step will be, entering the verification code from mobile app as

Figure 11-Step 2: Additional Security Verification

Enter the verification code and click on “Verify” button as shown in above figure

Once security code is verified, in step 3 it will confirm mobile number in case there is no access for security app as

Figure 12-Step 3:Additional security verification

Please confirm here mobile number and click on next button. You will be redirected to Step 4 as

Figure 13-Step 4:Additional security verification

Copy the password and click on “Done” button as shown in above figure.

Office 365 will logout you automatically and will ask password again. Once you enter the password, code will be asked from the “authenticator app” as

Figure 14-“Enter code” dialog from authenticator app

Once you enter the code and verified you will login to Office 365 successfully.

Thanks for reading 🙂

Keep reading , share your thoughts, experiences. Feel free to contact us to discuss more. If you have any suggestion / feedback / doubt, you are most welcome.

Stay tuned on Knowledge-Junction, will come up with more such articles.