Multi-Factor Authentication

What is multi-factor authentication?

Multi-factor authentication is also known as two-step verification. It adds an extra layer of security to your Office 365 account by requiring both a password and a code sent to your mobile phone.

An unauthorised person won’t be able to access your Office 365 account, even if they’ve learned your password following a phishing attack or by other means.

In this way, your email and files stored in the cloud are further protected from cyber-attack.

There’s a video which accompanies this guide here which you may find useful.

Steps to take

Once My IT Guy has enabled multi-factor authentication for your Office 365 account, you may receive a prompt like the one below in Outlook or OneDrive.

If you don’t receive such a prompt, visit office.com on your computer and sign in using your email address and password.

Click Next.

You now have two options for how you wish to authenticate: either by text message (simplest to set up) or a notification from an app (more elegant).

By default, Authentication phone is selected, and is the simplest method to set up. With this in place, whenever you try to sign in to your Office 365 account on a new device, you’ll receive an SMS text message on your mobile phone containing a code. You’ll need to enter that code into the prompt on the screen to continue.

You’ll be presented with the Additional security verification screen.

Note: If you have several people in your office all sharing just one email account, you might want to consider selecting the Call me option, and entering your office telephone number instead of a mobile.

Select United Kingdom (+44) as your country and enter your mobile number. As you’re using the full international number, you’ll need to remove the leading ‘0’ so 07837001001 becomes 7837001001.

Select Send me a code by text message then click Next.

Once the six-digit code arrives on your phone, enter it in the relevant field on your computer and click Verify

You may see a window mentioning app passwords. You shouldn’t need app passwords, so click Finished.

Once set up, if you receive an unexpected text from Microsoft with a code on your phone, please contact My IT Guy as soon as possible. It could be a sign that someone is trying to gain access to your account.

This method is a little more complicated to set up initially but can be more reliable than text messages if you’re frequently abroad, and is the more elegant solution.

Using the app, you’ll receive a pop-up notification on your phone when you or someone else tries to access your Office 365 account. You simply tap Allow or Deny on the notification to proceed, which is simpler than having to type in a six-digit code, especially if you access more than one Office 365 account.

Firstly, you should install the Microsoft Authenticator app from the app store on your phone, here on Google Play or here on the Apple App Store. You’ll need to approve permissions as they’re requested, such as permission to display notification and permission to access your contacts, if requested.

On your computer you’ll be presented with the Additional security verification screen.

Under Step 1: How should we contact you? select Mobile app.

Select Receive notifications for verification then click Set up.

In the Authenticator app on your phone, add an account and choose Work or school account.

Point your phone’s camera at the QR code on your computer screen, and when the app registers it, click Next on your computer.

The app will be verified, and you’ll receive a notification on your phone. Tap Approve.

Back on your computer, you’ll be asked to provide a phone number in case you lose access to the Authenticator app, which commonly occurs if you lose your phone or switch to a new phone.

Select United Kingdom (+44) as your country and enter your mobile number. As you’re using the full international number, you’ll need to remove the leading ‘0’ so 07837001001 becomes 7837001001.

Click Next then Finished.

You may see a window mentioning app passwords. You shouldn’t need app passwords, so click Finished.

Once set up, if you get an Authenticator notification on your phone when you’re not expecting it, make sure to tap Deny. Please contact My IT Guy as soon as possible as it could be a sign that someone is trying to gain access to your account.

Contact Us

0121 274 0378

Westfield Road, Birmingham B14 7SY

How would you prefer to be contacted?