How to Enforce Multi-Factor Authentication for All Users of Your Office 365 Subscription

How to Enforce Multi-Factor Authentication for All Users of Your Office 365 Subscription

Multi-factor authentication (MFA) is an excellent security tool that we recommend. Office 365 administrators can enforce MFA for users. Which means you can help protect any users who share your business subscription.

How to Enforce Multi-Factor Authentication for All Users of Your Office 365 Subscription
How to Enforce Multi-Factor Authentication for All Users of Your Office 365 Subscription

You must be an Office 365 administrator, which is only possible with a business plan for this to work. Your Office 365 subscription will include access to the admin console if bundled with a domain hosting package. Then you will not be able to access the Admin console. You will only able to turn MFA on for yourself if you just purchased personal subscription. Admin tiles can be found on the Office 365 app launcher if you aren’t sure.

Follow these steps:

The Admin console is accessible if it appears there. On the left-hand side, click the Admin tile. Next, click Settings > Services and add-ins.

You can then make several tenant-level changes from the Services and add-ins page. Azure multi-factor authentication is likely to be one of the top items on the agenda.

Then click “Manage multi-factor authentication” in the panel that appears on the right.

A page for this will appear. You can immediately turn on MFA for anyone who uses your Office 365 subscription, but it’s best to familiarize yourself with the default settings first. In “Service Settings,” click on “Encryption.”

Default settings can be left as is, or you can change them. The MFA setting on a device might need to be changed to be remembered. By default, this is turned off, but turning it on will save your family from having to verify their identities every time they check their email or edit a document.

A device can be trusted for 14 days before requiring re-authentication by default. That means a phone, tablet, or computer can be charged for 14 days before the user must go through the MFA process again. Even though the MFA process is simple, going through it every two weeks on every device your family uses might still be too much, and you can set it up to 60 days.

You can adjust this or any other setting by clicking “Save” at the bottom of the panel. Then, click “Users” to return to turn on MFA.

One can enable MFA for each user once you’ve ensured the settings are correct. You need to select the users for whom MFA should be enabled.

You should click “Enable” next to the user table to the right.

When the confirmation screen appears, click “Enable Multi-Factor Authentication.”

Multi-Factor Authentication
Multi-Factor Authentication

MFA will be enabled for the user, and the next time they log in to Office 365 on the web, they’ll have to set up MFA. Alternatively, if they don’t log in often (or if you want to be there to help them through the process), you can email them the link from the confirmation screen so that they can set up MFA when it’s convenient for them. MFASetup can be done by visiting https://aka.ms/MFASetup, which is the same for all users.

After clicking “Enable Multi-Factor Authentication,” the success message you see can be closed.

The user has now been enabled for MFA; now, they must set it up. The process for setting up MFA is precisely the same whether they use the link we mentioned above or wait until the next time they log in.

You’ll be prompted to enter more information so that your account can be kept secure when you log in as usual to Office 365.

To choose your MFA method, click “Next” to be taken to the “Additional security verification” panel. You will need to use Microsoft Authenticator with Office 365. We recommend using an authenticator app. The first drop-down menu allows you to choose whether to use MFA via SMS or not, so when selecting a method, select the one that works best for you.

Also read:-How to Turn Off Voice Control on iPhone

To change the available configuration options, we will use a mobile app. To use Office 365, you must first decide whether to “Receive notifications for verification” (this means that you will see a pop-up message on your phone asking you to approve or deny a login) or “Use verification code” (which will require you to enter a code generated by the Microsoft Authenticator app on your phone). It doesn’t matter which you choose; it’ll work fine. To set up the app, you must click the “Set Up” button.

This is when you’ll be prompted to install Microsoft Authenticator, scan a QR code, or enter a code and URL if you’re unable to scan the QR code. If you’ve completed this step, you’ll be taken to the Additional Security Verification window, where your activation status will be checked. Click “Next” to continue.

It may take a few seconds to complete this process, and once it’s done, the message will show that MFA was successfully configured.

Click Next, and Office 365 will verify that it has been configured correctly. According to the verification method you selected, an Approve or Deny message will be sent to your app, or you will need to enter a code from your app. Here, a message asking for approval or denial has been sent.

You’ll be prompted to enter a phone number if you lose access to the app after verifying that MFA is working.

When you’re not connected to Wi-Fi (or you’ve run out of data on your monthly plan, and you’re out and about), this number will be used to use SMS or voice calls as a backup to the Microsoft Authenticator app. If you lose your phone, you may want to choose the number of a family member instead of your own. You can view the final screen after entering a number.

Microsoft will recognize the password on this page as one generated for MFA use. In the following apps, you will need to use this password instead of your usual one:

Microsoft Outlook for PCs and Macs
Applications for iOS, Android, and BlackBerry devices that support email (except Outlook)
Microsoft Office 2010; Microsoft Office for Mac 2011;
Photos, Movie Maker, and Mail (Windows Essentials)
via the Zune desktop application
on Xbox 360
One or Windows Phone 8

The next time you open one of these apps, you’ll be prompted for your password, so copy it here and enter it when prompted. However, the Outlook app on your phone does not require the generated password, which is also strange, but it’s not a big deal.

Click “Finished,” and you’ll be returned to the login screen for a regular login, but using MFA this time. We at Ciebam strongly recommend this simple, quick process that can add a layer of security.

Leave a Reply

Your email address will not be published. Required fields are marked *