How to Setup MFA for Microsoft 365

Microsoft Authenticator
Multi-Factor Authentication is (or should be) enabled by default for your Microsoft 365 account, and provides an important additional layer of protection on your account. In this short post we guide you through the steps to set it up.

Multi-Factor Authentication enhances security by requiring two or more verification methods, such as a password and a smartphone code, to confirm a user’s identity before granting access to an account.

If somebody manages to obtain your credentials they won’t be able to sign in without confirmation from your mobile device, it greatly increases security and is required for work accounts.

Pre-requisites

Before we get started you will need to download the Microsoft Authenticator app on your phone.

You can get it from the respective app stores:

iPhone: https://apps.apple.com/us/app/microsoft-authenticator/id983156458

Microsoft Authenticator - iOS
Microsoft Authenticator iOS

Android: https://play.google.com/store/apps/details?id=com.azure.authenticator&hl=en

Microsoft Authenticator - Android
Microsoft Authenticator Android

Note: Make sure the Authenticator app has ‘Notification’ permissions enabled, you can find the Notification permissions in your phones settings.

Setting up MFA

On your first sign in to M365, you will be prompted to setup MFA.

Start by getting the App (see above)
Start by getting the App see above

Click Next until you are presented with a screen displaying a QR code. Leave that on the screen for now.

QR Code for your Account to be scanned in the App
QR Code for your Account to be scanned in the App

On your mobile device where you have installed the Microsoft Authenticator app. Open it up, you will be prompted to sign in, you can sign in with your work account, a personal account, or you can skip the sign in. Signing in provides the option to back it up and makes it easier to transfer to a new device.

Once you are in the app, select the + button in the top right corner

Click the + button to add a new MFA
Click the + button to add a new MFA

Select Work or School account

Select Work or School Account
Select Work or School Account

Select ‘Scan QR Code’. This will open your camera within the Microsoft Authenticator app, now scan the QR code that is on your other device.

Select Scan QR Code
Select Scan QR Code

You should now see your account added to your authenticator app

The new account is listed
The new account is listed

On the device that is displaying the QR code, click ‘Next’. It will now test the authentication, it will display a number (in this case 42).

You are prompted to enter a number into the App
You are prompted to enter a number into the App

On your phone, you will have received a popup window asking if you are trying to sign in. Enter the number shown on screen and click ‘Yes’.

Enter the displayed number into the App
Enter the displayed number into the App

Click next on your other device, and all complete! Microsoft Authenticator has been setup for your account.

You will then be asked to add a phone number to your account, select your country code and enter your number

Select ‘Text me a code’ – once you receive the text, enter the provided code and click next, your phone number can also be used as a fallback method to authenticate sign-in.

Changed Your Phone?

If you have changed your phone, you can easily transfer the Authenticator to a new device:

How To Transfer Microsoft Authenticator To A New Device – Macnamara ICT

Like this article?

Share on Twitter
Share on LinkedIn
Share by Email

Subscribe to our monthly newsletter

Get the best IT tips and Office ideas in your inbox

Further reading

ISO27001

ISO 27001 – We Are Now Certified!

We are exceptionally pleased to announce that as of 14th October 2024 we are now fully and officially ISO27001 certified, a process we started a little over a year ago. We’ve always taken information security seriously, and have been certified with Cyber Essentials and other standards from IASME since 2015. But it’s always been an ambition to go for the internally recognised Gold Standard.

Read More »
Cyber Essentials 2023

Is Your IT Support Cyber Essentials Certified?

Cyber Essentials is the minimum security baseline that all companies should aim to achieve. It checks to ensure that the very basics are covered, such as MFA on all Cloud service accounts, no admin rights for day-to-day use, and that security updates are installed promptly. If you are seeking to certify your own organisation, you should definitely ensure that your IT Support – who likely have far more access and control over your company data than you do – has at least this basic benchmark certification.

Read More »
Scroll to Top