Overview
Up to now you only had a password to protect your account. If someone got hold of your password (an authentication factor), this person could use your username and password to impersonate you. If the system would request a second or third unique factor, taking over your account is a lot harder. There are 3 factors of authentication:
- Something you know: your password
- Something you have: your (smart)phone
- Something you are: your fingerprint
As you can see, with MFA just stealing your password will not be enough to take control of your account.
Setup
If you have a smartphone, we recommend using the Microsoft Authenticator App. It makes using Microsoft 365 MFA quick and easy. Install it ahead of time from the:
On your first log in you will get a more information required prompt that will walk you through the setup. You can also find more information on the setup here.
- The default authentication method is to use the free Microsoft Authenticator app (Highly recommended). It is available for iOS and Android. If you have it installed on your mobile device, select Next and follow the prompts to add this account. If you don't have it installed there is a link provided to download it. You can also simply search for it on the App Store or Google Play store by searching for "Microsoft Authenticator"
- If you would rather use SMS messages sent to your phone instead, select I want to set up a different method. Microsoft 365 will ask for your mobile number, then send you an SMS message containing a 6-digit code to verify your device.
Tip: For a faster, and more secure, experience we recommend using an authenticator app rather than SMS verification.
Once you complete the instructions to specify your additional verification method, the next time you sign in to Microsoft 365, you'll be prompted to provide the additional verification information or action, such as typing the verification code provided by your authenticator app or sent to you by text message.
Troubleshooting
If you get a new phone you can change your configuration at https://aka.ms/mfasetup
If you change phone numbers and you can no longer receive MFA codes you will need to submit a ticket so we can reset your configuration.