Multi-factor authentication for Office 365 refers to the process of having two or more methods of authenticating you as a user.  Simply enabling MFA protects against a huge portion of online threats (an estimated 80% of cyber security attacks are initiated through a compromised email password).


Why use Multi-factor Authentication (MFA)?

MFA prevents a major vulnerability for businesses, where individual passwords being stolen represent the biggest risk to online security. When using MFA, as well as your user name and password, you need a code which is sent to your mobile phone via text or phone call in order to gain access to your email account. Phishing and malware attacks are often purposed with gaining your password, and once it is compromised the party responsible can access, exploit, publish and/or encrypt all the information they have access to. Once you enable and configure MFA, even if your password is stolen or compromised, it won’t allow any malicious logins using your credentials as they would still not have access to the secondary method of authentication on your mobile device.

Don’t want to get a text every time you check your emails?

You can choose if your organization allows for “remember me for X days” (up to 60 days) so you don’t have to enter a text code every​ time you login to your emails, but it will only remember that user on that specific browser on that specific device. So, if you login from a different device or even a different browser on the same device within the ‘remember’ period select, Microsoft will request a new verification code to ensure that access is only granted to the right person.

Getting started with MFA

Below is a brief video outlining the steps involved in configuring MFA, and then accessing your email account as a user once implemented.  We have also produced two user manuals for each of these steps which you can download below.

There are three main steps to configuring multi-factor authentication.
1.  The Administrator configures MFA within the Office 365 tenant (the first document shown below)
2.  The user sets up their secondary method of authentication (i.e. the mobile number and whether they receive a text or phone call)
3.  The user sets up the APP PASSWORDS. Note: These are required when you want to access the desktop versions of Outlook, Skype for Business etc. as well as the online versions available through the portal.

Download and follow the guides below to get started and protect yourself today. Alternatively, if you would like assistance or advice on using MFA or other security measures available within Office 365, please contact us on 1300 228 744 or