Multi-Factor Authentication

What is multi-factor authentication?

Multi-factor authentication (MFA) adds an extra layer of security to your Office 365 account by using more than one factor to confirm your identity – something you know (your password) and something you have (your phone). An unauthorised person won’t be able to access your account even if they’ve learned your password following a phishing attack, or by other means.

In practise, when signing in on a new device you’ll receive a six-digit code in a text sent to your mobile phone, or a notification from an authenticator app. You can also choose to receive an automated call to your desk phone. You may already be familiar with this type of security with your Apple account, Facebook, Gmail and the like.

MFA is one of the best methods of protecting your email and files from cyber-attack.

There’s a video which accompanies this guide here which you may find useful.

Steps to take

Firstly, you can set up MFA yourself at any time by visiting aka.ms/mfasetup and signing in with your company Office 365 email account and password. You’ll be able to enter your mobile number or an office phone number, and set how you want to receive authentication codes. This method allows you to enable MFA in your own time.

If you haven’t already set up MFA by the time My IT Guy enables multi-factor authentication for your Office 365 account, then not to worry! You’ll receive a prompt like the one below in Outlook, OneDrive or when you sign in to your PC.

Click Next.

You now have two options for how you wish to authenticate: either by text message (simplest to set up) or a notification from an app (more elegant).

By default, Authentication phone is selected, and is the simplest method to set up. With this in place, whenever you try to sign in to your Office 365 account on a new device, you’ll receive an SMS text message on your mobile phone containing a code. You’ll need to enter that code into the prompt on the screen to continue.

You’ll be presented with the Additional security verification screen.

Note: If you have several people in your office all sharing just one email account, you might want to consider selecting the Call me option, and entering your office telephone number instead of a mobile.

Select United Kingdom (+44) as your country and enter your mobile number. 

Select Send me a code by text message then click Next.

Once the six-digit code arrives on your phone, enter it in the relevant field on your computer and click Verify then Finished.

Going forward, if you receive an unexpected text from Microsoft with a code on your phone, please contact My IT Guy as soon as possible. It could be a sign that someone is trying to gain access to your account.

This method is a little more complicated to set up initially but can be more reliable than text messages if you’re frequently abroad, and is the more elegant solution.

Using the app, you’ll receive a pop-up notification on your phone when you or someone else tries to access your Office 365 account. You simply tap Allow or Deny on the notification to proceed, which is simpler than having to type in a six-digit code, especially if you access more than one Office 365 account.

Firstly, you should install the Microsoft Authenticator app from the app store on your phone, here on Google Play or here on the Apple App Store. You’ll need to approve permissions as they’re requested, such as permission to display notification and permission to access your contacts, if requested.

On your computer you’ll be presented with the Additional security verification screen.

Under Step 1: How should we contact you? select Mobile app.

Select Receive notifications for verification then click Set up.

In the Authenticator app on your phone, add an account and choose Work or school account.

Point your phone’s camera at the QR code on your computer screen, and when the app registers it, click Next on your computer.

The app will be verified, and you’ll receive a notification on your phone. Tap Approve.

Back on your computer, you’ll be asked to provide a phone number in case you lose access to the Authenticator app, which commonly occurs if you lose your phone or switch to a new phone.

Select United Kingdom (+44) as your country and enter your mobile number. 

Click Next then Finished.

Going forward, if you get an Authenticator notification on your phone when you’re not expecting it, make sure to tap Deny. Please contact My IT Guy as soon as possible as it could be a sign that someone is trying to gain access to your account.

Once complete, you’ll soon be required to sign in again to Outlook and OneDrive on your computer and any other devices you use to access Office 365. Complete the sign-in as normal and provide the code texted to you when prompted.

Possible issues

OneDrive

Keep an eye out for a red cross over the OneDrive icon in the system tray in the bottom-right of your screen, or top-right if you’re using a Mac. If you see that, OneDrive will need you to sign in again so click on the icon and click Sign in.

Mobile Devices

If you access your company email on your phone or tablet, then after MFA is enabled you’ll be prompted for your password on that device. If it doesn’t recognise your password, you might need to remove your company email account from that device and add it again. Please see our separate guides for that for Apple devices or Android phones or contact us for assistance. 

Contact Us

0121 274 0378

Kings Heath, Birmingham