How to Set Up Multi-Factor Authentication (MFA) in Office 365

Haseeb Awan
calender icon
April 2, 2024


Imagine your email account is like a treasure chest filled with necessary documents and messages. You wouldn't just leave it unlocked, right? That's where Multi-Factor Authentication (MFA) comes in! It's similar to putting an additional lock on your Office 365 treasure chest—it makes it much more difficult for attackers to get inside, even if they have the key (your password).

SIM Swap Protection

Get our SAFE plan for guaranteed SIM swap protection.

Protect Your Phone Now

Why Use MFA with Office 365?

Passwords can be tricky things. They can be forgotten, guessed, or even stolen by bad guys. Because MFA requires additional information to unlock, even if someone can crack your password, they won't be able to access your Office 365 files (documents, emails, etc.). Think of it as a double security guard system for your digital valuables!

Setting Up MFA in Office 365:

No matter your level of IT expertise, here is a clear, step-by-step tutorial on configuring MFA in Office 365:

Finding the Control Panel (The Admin Center)

  • Logging In: First, log in to your regular Office 365 account, which you use for email or other apps.
  • Entering the Admin Center: Think of the Admin Center as your control panel for managing Office 365 settings. Look for a button or link that says "Admin" or "Admin Center." If you can't find it, don't worry – your IT department might need to give you access.

Turning on the Extra Lock (MFA) for Your Team

  • Choosing Your Team Members: Once in the Admin Center, look for a section called "Security" or "User settings." Here, you can pick which users (like your colleagues or family members who share your Office 365 subscription) will need MFA.
  • Picking the Extra Security Check (MFA Method): There are different ways to add an extra layer of security with MFA. Here are two standard options:
  • Phone Call or Text: When someone tries to log in with an account from a new device (like a new phone or computer), a code (via call or text) will be sent to their mobile phone, which they must enter to complete the login.
  • Authenticator App: This is a unique app you install on your smartphone. It generates unique codes you must enter with your password when logging in from a new device.

Fine-Tuning Your MFA Settings

  • App Passwords (Like Spare Keys): If some apps or programs don't work well with MFA, you can create unique "app passwords" that bypass the extra security check. Think of them like spare keys for specific situations where the regular key (your password) might not work.
  • Customizing MFA for Different Needs: You might want to set different MFA requirements for different users or groups within your organization. For example, managers might need stricter security than someone using Office 365 for basic tasks.

Making the Extra Lock Mandatory (Enforcing MFA)

  • Conditional Access Policies (Setting Rules): You can create rules requiring everyone to use MFA whenever they access Office 365 from a new device or an unfamiliar location. For example, you could say, "MFA is mandatory unless you use your usual device at home."
  • Enforcing MFA for All Users: Now you can set a rule that says anyone trying to access Office 365 needs to use MFA, with no exceptions! It might be necessary for businesses or organizations with sensitive information.

Testing Your Work (Double-Checking the Locks)

  • Verifying MFA for Chosen Users: Ask some colleagues (for whom you've enabled MFA) to try logging in from a new device. It will test whether they receive the code and can access Office 365 with MFA.
  • Fixing Any Glitches: If someone has trouble with MFA, check your settings and make sure everything is configured correctly. You might need to consult your IT department for help with any technical issues.


Following this guide and keeping your Office 365 security settings up-to-date can significantly reduce the risk of unauthorized access to your essential information. Setting up a more secure digital environment for your company and yourself takes little effort!

SIM Swap Protection

Get our SAFE plan for guaranteed SIM swap protection.

Protect Your Phone Now

Haseeb Awan
CEO, Efani Secure Mobile

I founded Efani after being Sim Swapped 4 times. I am an experienced CEO with a demonstrated history of working in the crypto and cybersecurity industry. I provide Secure Mobile Service for influential people to protect them against SIM Swaps, eavesdropping, location tracking, and other mobile security threats. I've been covered in New York Times, The Wall Street Journal, Mashable, Hulu, Nasdaq, Netflix, Techcrunch, Coindesk, etc. Contact me at 855-55-EFANI or for a confidential assessment to see if we're the right fit!

Related Articles

SIM SWAP Protection

Get our SAFE plan for guaranteed SIM swap protection.