Once Multi-Factor Authentication (MFA) has been enabled for your account you'll need to setup options for login verification.  


By setting up MFA verification, you add an extra layer of security to your Office 365 account that has been shown in studies to be 99% effective at preventing unauthorized access to your online accounts.

 

You sign in with your password (step 1) and a code sent to your phone via SMS or using a mobile app (step 2).

  1. After MFA has been enabled on your Office 365 account you'll encounter a screen that looks like this: 

  2. First Sign in screen

  3. Choose Set it up now.

  4. Select your authentication method and then follow the prompts on the page. 

    Choose your authentication method and then follow the prompts on the screen.

  5. After you verify your alternate contact method, choose Next.

  6. The next time you sign in to Office 365, you'll be prompted to use the additional authentication factor.  If you've configured your account to use SMS to get your code you'll need to enter the code you get as a text message into a screen that looks like this:

    When you sign in with 2-step verification, you'll be prompted for a code.

  7. If you've configured a mobile application for additional login verification you may need to retrieve a code from the app or you may be prompted with a push notification to accept the login depending on the chosen app.  

We strongly recommend setting up the Microsoft Authentication app as your additional verification method. This application makes MFA verification as simple as touching "approve" when authenticating.  This will also help prevent having problems related to receiving SMS messages if you're traveling in areas where coverage may be unpredictable (international travel).  You can find this app by searching for "Microsoft Authenticator" in the respective app stores.  


iPhone Users


When MFA is enabled for your account you will need to remove your email account from the iOS Mail app and add it back to get it working with MFA.  This should only be necessary the one time.


Expiration


MFA authentication is stored on devices, and can be remembered in browsers for up to 60 days.  After 60 days expire your apps will prompt for the second authentication factor again.