Multi-Factor Authentication (MFA) for Office 365 Services

Introduction

 

http://www.stcloudstate.edu/its/_files/images/rightnow/office365/mfa/o365mfa.png



 

What is a Multi-Factor Authentication (MFA)?

MFA is defined as a process that requires more than one method of authentication from independent sources to verify the user’s identity. In other words, a person wishing to use the system is given access only after providing two or more pieces of information which uniquely identifies that person. These types of information are usually a combination of two of the below:

  • Validation of your password
  • Utilizing your mobile phone via text or Authenticator App
  • Biometrics such as fingerprint, iris or face recognition

A common method for MFA is that you are sent an access code to your mobile phone that you enter or receive a notification that you approve through a mobile application, along with your usual username and password. The idea of MFA is to keep multiple layers of protection, making it difficult for a hacker to gain access to your account.


 

http://www.stcloudstate.edu/its/_files/images/rightnow/office365/mfa/mfalogo.png


 

Why use Multi-Factor Authentication?

Today many businesses and large companies are using Multi-Factor Authentication (MFA) for an extra security boost as an alternative to using the sometimes-unsafe passwords alone. MFA should be used whenever possible, especially when it comes to your most sensitive data—like your primary email, financial accounts, and health records. In fact, many places are starting to require MFA (not just a password) as a standard for anyone to access the system or service.

 

What is Office 365 Multi-Factor Authentication (MFA)?

Protecting the sensitive data organizations store in Office 365 comes down to preventing various attacks designed to gain access to the data and the account itself. Office 365 MFA is critically important to limiting unlawful access to your data.

In order to better protect you, your data, and our campus network from security threats, Saint Cloud State University will soon implement Multi Factor Authentication (MFA) for Office 365. Once enabled, you must also use another verification method along with your username and password. This adds another layer of security and significantly reduces security threats and account compromises.

 

What things will this impact?

This will impact authentication for ALL Office 365 applications including, but not limited to:

  • Outlook
  • One-Drive
  • Power Automate (formerly Flow)
  • Teams
  • Word
  • OneNote
  • Any items in the Waffle area… (image below)


 

http://www.stcloudstate.edu/its/_files/images/rightnow/office365/mfa/waffle.png

What options do I have to complete Office 365 MFA?

There are a variety of authentication options that can be chosen for Office 365, ranging from a push notification to a smartphone, a verification phone call, to a code sent by text message. It is highly recommend to set up multiple authentication options so that no matter what situation you find yourself in, you are still able to access your Office 365 account.

 

Option 1: Microsoft Authenticator App

This is the easiest option and recommended method for your Office 365 MFA. After you download and configure the Microsoft Authenticator app, your phone will prompt you at login to approve the login request. After you select approve on your phone you will be logged in.

This method does require a smartphone and downloading and app, also be sure to configure other options as a backup in case your phone is lost or damaged. This method can also generate 6-digit codes to use when you are out of country or without cellular data or Wi-Fi. 

 

Option 2: Smartphone Code Generating App

Other apps like Google Authenticator or Duo Security, can also be used for another form of authentication. This method generates a 6-digit code in the app that you will simply enter in Office 365 after you enter your username and password.

This method does not require any data which means even if you are out of country with no cellular data or Wi-Fi you can still access to your account.

 

Option 3: Call My Phone

This option allows you to verify via a phone call. Whenever you login, you will get an automated phone call asking you to approve the login. This method can be used with a personal phone, an office phone, or alternative phone you have access to, no extra configuration will be necessarily upon upgrading or replacing a phone so long as your phone number stays the same.

It is important to note that using an office phone as the only verification method will disallow you from accessing your account when you do not have access to that phone. Also, if you intend on using an office for for verification, please make certain that this is not a shared office phone.

 

Option 4: Cell Phone Text

The next option is text message verification. After you type in your credentials to your account, it will ask permission to send a text message to your phone. After you click “Send”, you will receive a 6-digit code via text on your cell phone. Next you must enter this code into the field now located on the login window of your computer and you will be logged in.

This method works for those without smartphones. There is no extra configuration required when you upgrade or replace your cell phone as long as your phone number stays the same.

 

Option 5: Other Options

If you are unable to use the above options, please Contact HuskyTech for available methods (e.g. physical tokens or fobs).


To set up Office 365 MFA for your account, follow one of the instructions below:

  • If you are able to access Office 365 without being prompted for MFA information, follow the Self-Enrollment guide.
  • If you are prompted to provide additional security verification before accessing Office 365, follow the New Account set-up.

For more information and a list of frequently asked questions go to:  Office 365 MFA Frequently Asked Questions(FAQ)