What is Multi-Factor Authentication?
Multi-factor authentication (MFA) is an authentication method that requires two or more verification factors.
MFA can also go by the name Two Factor Authentication (2FA).
2FA = two authentication factors only.
MFA = two or more authentication factors.
Types of MFA
Something you know:
Something you have:
Something you are:
MFA Mobile Apps
MFA apps are the simplest way to secure your accounts. Once linked to your account, the app will generate random codes for you to enter after your password. These codes change regularly.
You can also enable sign-in notifications for certain accounts, including Office 365. This means that rather than entering a code, a notification will pop-up and you simply hit an approve or deny button.
To begin with MFA, visit your mobile app store and search for the Microsoft Authenticator app:
Once you’ve downloaded the app, it will look pretty empty. Below is an example of the app with MFA activated on some accounts:
If you click on the plus button in the top right to add new MFA accounts, you’ll be given three options:
Personal account: this will cover a Windows account you use at home.
Work or school account: your work or school accounts can be added here.
Other: this will allow you to add any other accounts, such as other email accounts or social media accounts.
When you select one of the options, you’ll then be asked to scan a QR code or you have the option to manually enter a code. Both the QR code and manual code will be on screen when setting up MFA on your account.
For some accounts, you may then be asked to enter the MFA code from the app to confirm setup.
When you click on an account in the MFA app, it will bring information about the setup. This can include the option to enable notification approval. If you enable this, an approve or deny option will appear when you sign into the account.