User setup guide for Azure MFA on 365/Azure AD account

Setting up Mulitfactor is an important security task on all externally available services whether its for facebook aswell as services from work.
If you are using services inside Microsoft Azure like Office 365 the option exists for everyone, but is not turned on for the users by default.

Each user can do this by themselves by following this short guide.

1: On your computer, visit the Azure MFA setup page available here:

https://aka.ms/MFAsetup

Login on the site with your Azure ad/Office 365 credentials (email+password)



2: Choose your preferred solution for MFA/2FA, the options are:

-Push notification via the mobile app – probably the most preferred options for users since in requires minimal effort in use – this is the one chosen in this guide.
-Call your phone for verification
-SMS code to your phone
-Confirmation code from app or physical token (randomly generated numberic code for input to service at logon)



3: Download the Microsoft Authenticator app from your devices Appstore

For Android:


For iPhone


4: Choose your option for MFA – we are using the app, so select the “authenticator app or token” choice, then click on the button to configure the app


When clicking the button to configure the app, you get an image displaying the following.



5: Open the Authenticator app on your phone and scan the QR code displayed in the previous step like this:

Open the app, and click the + sign in the top right corner


Select work or school account on the next screen


If asked for permissions for camera click OK, its needed to scan the QR code above.


Point the camera to the QR code, it will scan and add the account in the app – that will start to generate random numbers at intervall, keep the app open like this.


Go pack to your computer and click the Next button to start verification


The verifiction process begins – keep your phone handy.


Ansver accept on the push message displayed on your phone.


The verification process completes.

6: save the configuration with the save button on the bottom

PS: also fill in the options for alternative authentication and phone number to have available in case you loose your MFA setup/change phone, good to have a failsafe.


When clicking save you need to verify that the MFA is functional, click on the button to verify the chosen option.


Again, accept the push message on your phone.


After accepting, the process completes.


You now have MFA enabled on your Azure/365 account and will now need this to be able to login to services set to require this, as well as for the 365 services.

If you wish to add multiple devices to use for authentication, repeat the steps from nr4 for each device.

Leave a Reply

%d bloggers like this: