Multi-Factor Authentication (MFA) for Office 365 Services

Introduction

What is Multi-Factor Authentication (MFA)?

Office 365 MFA helps protect organizational data by preventing unauthorized access through phishing and other cyber threats. At Saint Cloud State University, MFA is required for Office 365 accounts to safeguard user data and the campus network.

Multi-Factor Authentication (MFA) is a security process that requires users to provide two or more verification methods to gain access to a system. These methods come from independent categories of credentials to confirm the user's identity. Common combinations include:

  • Password validation
  • Mobile device verification (via text message or authenticator app)
  • Biometric identification (e.g., fingerprint, iris scan, or facial recognition)

A typical MFA setup involves entering your password and then confirming a code sent to your mobile device or approving a login request through an authenticator app. This layered approach significantly reduces the risk of unauthorized access.

Once enabled, users must verify their identity using an additional method beyond their username and password.

Why Use Multi-Factor Authentication?

MFA is widely adopted by businesses and institutions to enhance security beyond traditional passwords. It is especially recommended for protecting sensitive data such as:

  • Primary email accounts
  • Financial information
  • Health records

Many organizations now require MFA as a standard security measure to access systems and services.

Applications Impacted by Office 365 MFA

MFA will be required for all Office 365 applications, including but not limited to:

MFA Authentication Options for Office 365

You can choose from several authentication methods. It is highly recommended to set up multiple options to ensure access in various scenarios.

Option 1: Microsoft Authenticator App

  • Recommended method
  • Optional Passwordless authentication 
  • Prompts you to approve login requests via the app
  • Can generate 6-digit codes for offline access
  • Requires a smartphone and app installation
  • Backup options should be configured in case of phone loss or damage

Option 2: Smartphone Code-Generating App

  • Apps like Google Authenticator or Duo Security are supported
  • Generates a 6-digit code without needing cellular data or Wi-Fi
  • Compatible with any app supporting TOTP (Time-Based One-Time Password)

Option 3: Call My Phone

  • Automated phone call prompts you to approve login
  • Can use personal, office, or alternate phone numbers
  • No reconfiguration needed if the phone number remains the same
  • Avoid using shared office phones as your sole verification method

Option 4: Cell Phone Text

  • Sends a 6-digit code via SMS after entering credentials
  • Suitable for users without smartphones
  • No reconfiguration needed if the phone number remains unchanged

Option 5: Other Options

If none of the above methods are suitable, please contact HuskyTech for alternative solutions such as physical tokens or fobs.

Setting Up Office 365 MFA

If prompted for additional security verification when accessing Office 365, follow the New Account Setup instructions.

For more details and frequently asked questions, visit:
Office 365 MFA Frequently Asked Questions(FAQ)

 
Submit a request for help

 

Print Article

Related Articles (9)

Becoming More Aware of Possible Phishing Attempts
How to stay ahead of potential Phishing and what to do if caught
How do I log into Workday?
Information about how employees can access Workday, including a link to log into Workday.
How to Create a Strong Password
Tips on password creation
Microsoft Authenticator App Installation Process for Android
How to install the MFA Authenticator for Android
Microsoft Authenticator App Installation Process for iPhone
How to install the MFA Authenticator for iPhone
Safe Computing Practices & Tips
How to stay safe from scams/phishing, malware, viruses and more.
Setting Up Multi-Factor Authentication For Office 365
This article provides step-by-step instructions for setting up Multi-Factor Authentication (MFA) for Office 365 at St. Cloud State University. It includes guidance for using authentication phone, office phone, or mobile app methods, and now clarifies that the mobile app is the default option—users must actively choose another method if preferred.
Updating Multi-Factor Authentication Settings for Office 365
How to make changes to your Office 365 MFA verification methods.

Related Services / Offerings (2)

Report An Information Security Incident
Report an IT security issue or event such as virus, scams, suspected hacking of account, etc. For confidential matters, please submit a ticket for "Request IT Security Assistance for Confidential Matters".
Request IT Security Assistance for Confidential Matters
Request IT security assistance for confidential matters including but not limited to investigations, litigation, hold requests, compliance (HIPAA, PCI, etc.), requests for confidential information