User setup guide for Azure MFA on 365/Azure AD account

Setting up Mulitfactor is an important security task on all externally available services whether its for facebook aswell as services from work.
If you are using services inside Microsoft Azure like Office 365 the option exists for everyone, but is not turned on for the users by default.

Each user can do this by themselves by following this short guide.

1: On your computer, visit the Azure MFA setup page available here:

https://aka.ms/MFAsetup

2: Choose your preferred solution for MFA/2FA, the options are:

-Push notification via the mobile app – probably the most preferred options for users since in requires minimal effort in use – this is the one chosen in this guide.
-Call your phone for verification
-SMS code to your phone
-Confirmation code from app or physical token (randomly generated numberic code for input to service at logon)

3: Download the Microsoft Authenticator app from your devices Appstore

For Android:

For iPhone

4: Choose your option for MFA – we are using the app, so select the “authenticator app or token” choice, then click on the button to configure the app

When clicking the button to configure the app, you get an image displaying the following.

5: Open the Authenticator app on your phone and scan the QR code displayed in the previous step like this:

Open the app, and click the + sign in the top right corner

Select work or school account on the next screen

If asked for permissions for camera click OK, its needed to scan the QR code above.

Point the camera to the QR code, it will scan and add the account in the app – that will start to generate random numbers at intervall, keep the app open like this.

Go pack to your computer and click the Next button to start verification

The verifiction process begins – keep your phone handy.

Ansver accept on the push message displayed on your phone.

The verification process completes.

6: save the configuration with the save button on the bottom

PS: also fill in the options for alternative authentication and phone number to have available in case you loose your MFA setup/change phone, good to have a failsafe.

When clicking save you need to verify that the MFA is functional, click on the button to verify the chosen option.

Again, accept the push message on your phone.

After accepting, the process completes.

You now have MFA enabled on your Azure/365 account and will now need this to be able to login to services set to require this, as well as for the 365 services.

If you wish to add multiple devices to use for authentication, repeat the steps from nr4 for each device.

Geir Dybbugt

Consultant manager & SME @ iteam, localized in Kristiansund, Norway.

Focused on EUC, security, mobility, virtualization, management and a modern workplace. Highly specialized around RDS/Citrix/EUC/Mobility.

You can view my profile over at Credly here

dybbugt.no

Original content here is published under these license terms:		X

License Type:	Non-commercial, Attribution, Share Alike

License Abstract:	You may copy this content, create derivative work from it, and re-publish it for non-commercial purposes, provided you include an overt attribution to the author(s) and the re-publication must itself be under the terms of this license or similar.

License URL:	https://creativecommons.org/licenses/by-nc-sa/3.0/

Share this post:

Like this:

Related

Leave a Reply Cancel reply