Multi Factor Authentication (MFA)

Preston & District Scouts is rolling out Multi-Factor Authentication (MFA) to further secure our Office 365 systems from the growing threat posed by everything from phishing or malicious emails to targeted cyber-attacks faced by organizations.

Multi-Factor Authentication is about providing more than one way to identify yourself — something you know (e.g., your password), something you have (e.g., your phone) or something you are (e.g., your fingerprint). To setup Multi-Factor Authentication, you will need to register some additional security information.

  1. Authenticator Apps
  2. How to Set MFA When Prompted to Do So
  3. How to Manually Set Up MFA

Authenticator Apps

Multi-Factor Authentication requires a secondary authentication method, the something you have. An Authenticator app gives the most seamless experience as well as the ability to work even without a phone signal, so this is the preferred method to use. This guide and our recommendation is to use the Microsoft Authenticator app, but others are available. You can just add your mobile phone number and receive a text message – you can see that here

You can download and install the latest version of the Microsoft Authenticator app for your device as follows,

For more information about how to download and install the app, see Download and install the Microsoft Authenticator app.

Important

Once you have setup Multi-Factor Authentication (MFA) you’ve setup a trust relationship between your network account and your phone. If you remove the Microsoft Authenticator app from your phone, you are breaking that trust relationship so will not be able to access Office365 services.

We strongly recommend setting up your phone number as an additional backup method as described later in this guide.

If you change devices, you should set up MFA on your new device before removing the authenticator app from your old one to avoid disrupting your access.

If you have previously set this up you can check your settings here

How to Set MFA When Prompted to Do So

Follow these steps to set up your additional security information for your office 365 account.

  1. The Keep your account secure wizard appears, the preferred method to use the Microsoft Authenticator app. Note: If you want to use a different method besides the Authenticator app you can select the I want to set up a different method link. However, not all services support all of the other available authentication methods.
  2. The Microsoft Authenticator app also gives the most seamless experiences so the this is the preferred primary method to use. Other methods may, however, be used as backup.
  3. If you haven’t already, download the Microsoft Authenticator app on phone or tablet
  4. Set up the Microsoft Authenticator app on your mobile device.
  5. When you’re ready, select Next.
  6. Open the Microsoft Authenticator app and select to allow notifications (if prompted)
    • Select Add account from the Customize and control icon on the upper-right
    • Select Work or school account
  7. On the Setup your account page on your computer, select Next.
  8. Scan the code with the Microsoft Authenticator app’s QR Code reader, which should open on your mobile device once you add your work or school account in Step 5.
  9. Select Next on the Scan the QR Code page on your computer screen.
    • A notification is sent to the Microsoft Authenticator app on your mobile device, to test your account.
  10. Approve the notification in the Microsoft Authenticator app, you should see that the notification was approved. Press Next.
    • You should see that your notification was approved.Your additional security information is updated to use the Microsoft Authenticator app by default to verify your identity when using Multi-Factor Authentication.
    • Press Done, you should be taken to you My Security Info setting page where you can add additional methods or change exist
    • Remember to logout when you have finished

Important

You may be asked to setup a phone number as a backup MFA method, we always recommended you setup an additional authentication method, you can use SMS or Voice call as a backup MFA method, this will also allow you to access your account if you lose access to your authenticator app.

Configured MFA methods can only be cleared once your identity has been verified.

How to Manually Set Up MFA

We recommended you setup additional, authentication methods, such as a telephone number, so that you can use SMS or a voice call as a backup method.

Important: If you change devices, you’ll have to setup the Authenticator app on your new device, as the trust relationship won’t be transferred. You should set up MFA on your new device before removing the authenticator app from your old one.

Adding a telephone number as an additional authentication method (SMS).

You can add additional MFA methods, such as adding a phone number, during the initial MFA setup, or update your authentication methods later from your My Security Info page

  • Select Add method
  • Select Phone from the available options.
    Note: you can use SMS or telephone call as a MFA authentication method, the difference is that instead of receiving a six-digit code via SMS, you would receive an automated telephone call and you approve your login by pressing the # key, this example we will setting up SMS.
  • Enter the telephone number you wish use as a backup authentication method, this would usually be your mobile number, remember the full international dialling code is required (for UK numbers this is +44)
  • Choose whether you want to receive a text message or a phone call, and then select NextImportant: Only use a phone number that only you have access to, such as your mobile phone. Don’t use a mobile phone that is shared with other people, such as a shared work phone, or a mobile phone that is shared within your household.
  • Enter the six-digit code you receive by SMS
    Look out for the the SMS Verified message to indicate your backup MFA method is setup.
  • Select DoneYour phone number has now been added as an additional MFA authentication method.
  • Remember to logout of the My Security Info page when you have finished.

Note: Some iPhone users that use the native mail app have noticed you need to remove the mail account, and re add to re apply with MFA. This is only the native app, not the outlook app so please bear this in mind if you use the native app.

If you use some other mail clients like thunderbird (e.g. that rely on IMAP which doesn’t support OAuth/MFA) you may need to follow the guide here or switch to Outlook if you don’t want the additional steps.

Feedback
Feedback
How would you rate your experience?
Do you have any additional comment?
Next
Enter your email if you'd like us to contact you regarding with your feedback.
Back
Submit
Thank you for submitting your feedback!
Skip to content