Office 365 2fa
Two-factor authentication (2FA) is a proven way to protect your email account against the use of stolen passwords. Verify your identity with a device in your possession, commonly a mobile phone, as part of your HMS and Microsoft Office 365 sign in. 2FA prevents attackers from using compromised accounts to install malicious applications in our environment. In addition to email, two-step verification ensures that all the applications in the Office 365 suite—including OneDrive and SharePoint—are protected against unauthorized access. If you are new to HMS, you do not need to enable 2FA for Office 365; it is automatically enabled for new users. Existing HMS users will be migrated to 2FA.
Requirements
Multi-Factor Authentication (MFA) or 2-Factor Authentication (2FA) provides this additional authentication method. The additional method (also called a “factor”) recommended for Office 365 is the use of a software “token” on your smartphone. Multi-Factor Authentication (MFA) or sometimes called two-step verification, is an advanced security layer included with Office 365 that makes it more difficult for hackers to get access and gain control of your account. MFA verifies your identity through a two-step process before granting you access to online applications. Aside from the security benefits, enabling MFA is also one of the recommendations in the Office 365 Secure Score report, and you’ll get a nice 50 point bump to show your boss. In this example I’ll be using MFA for Office 365 to enable multi-factor authentication.
- You have an Office 365 email account.
- You must be using a supported client (see below)
Desktop | Mobile |
|---|---|
|
|
For web-based access to email and Office 365, you must use a modern web browser. Mail clients that do not use the Outlook Web Access (OWA) protocol are not supported and will no longer work after the change is made. Email clients that utilize POP or IMAP protocols, such as Thunderbird, are not supported. Additionally, Microsoft is discontinuing support for POP and IMAP with O365 in October 2020.
Setup
Harvard University uses a mobile app called ️Duo that makes the two-factor authentication (2FA) process quick and easy.
What to expect after activating 2FA for Office 365
Office 365 2fa Iphone
- Your work should not be interrupted when ️two-factor authentication for Office 365 is enabled. If you are online and working in any of your O365 applications, you should not notice anything when we turn it on.
- After we initially activate two-step, it typically takes 24 to 48 hours for you to notice any change because your credentials will be cached. Using an incognito or private browsing window or browser with a cleared cache should allow you to immediately see the change for web-based access to email (OWA) and O365 (e.g., OneDrive, Sharepoint).
Office 365 2fa Reset
If you use: | Then you can expect: |
|---|---|
The Office 365 website and apps (e.g., OneDrive, Teams, SharePoint) | To occasionally see the Duo screen when you sign in. |
| Microsoft Outlook (2013, 2016) application on your computer | To occasionally see the Duo screen when you sign in. |
Built-in Mail on your iPhone or iPad (iOS 11 or later) | To occasionally see the Duo screen when you sign in. Note: When enabling Duo for Office 365, iOS devices may require removing and re-adding your HMS email account to sync the account. The issue will present itself in the form of a credential pop-up screen. Get more information about how to resolve this issue. |
Microsoft Outlook app on your mobile device (Android or iPhone) | To occasionally see the Duo screen when you sign in. |
Apple Mail (macOS 10.14 and later) | To occasionally see the Duo screen when you sign in. Note: In some instances, Apple Mail may stop downloading mail. Apple Mail may require the removal and re-addition of your HMS email account to sync the account. Click here for more information on how to resolve this issue. |