Enable multi-factor authentication for Office 365 users

Hey folks,

Welcome to my IT Blogs, thanks for visiting.
Today I am going to show you how to enable MFA (multi-factor authentication) for your Office 365 users.
Multi-factor authentication allows us to set another authentication method for any user that wants accessing to corporate office 365 services, we get a free version of Azure multi-factor authentication as part of your Office 365 for business subscription.

Azure MFA possibilities are:

  • The ability to enable and enforce multi-factor authentication for end users
    The use of a mobile app (online and one-time password [OTP]) as a second authentication factor
    The use of a phone call as a second authentication factor
    The use of a Short Message Service (SMS) message as a second authentication factor
    Application passwords for non-browser clients (for example, the Microsoft Lync 2013 communications software)
  • In order to set up the MFA we should go to Office 365 Admin Center> Active Users > More > Setup Azure MFA:

Only users licensed to use Microsoft Online Services are eligible for Multi-Factor Authentication

Select the user you want to enable the MFA and click on Enable at the right side:

By the way, the “Disabled” option which is the default means that there is no enrollment in MFA.

Updates Successfully:

The “Enable” option means that your users have been enrolled and they just have to choose the preferred MFA method,

Follow my steps:
We have to signed out and signed in to office 365 again in order to get the MFA.
Sign in Using Outlook application – After inserting the Email and Password getting the following message:

Sign in through Office 365 web:- After inserting the UPN and Password getting the following message:

When clicking on “Set it up now” getting the following options:
From this point, the user can choose the contact way it wants to complete the verification.

I have chosen a mobile authentication and getting the following step- wait for a second my phone is ringing 🙂

However, if I select the “Enforce” option it means that the user may or may not have completed registration if they completed the enrolment process so they use MFA, Otherwise, the user will be prompted to complete the process at next sign-in

Let’s suppose you are selecting the mobile method just for my demonstration, this is how the mobile authentication looks like:
Don’t hang up the phone, it is Microsoft calls you, you should press on “pound key (#)” in order to complete the authentication.

You can check out the “Service Settings” and allow the following verification options:
Call on phone.
Text message to a phone.
Notification through mobile app
Verification code from a mobile app

 Thanks.