Frequently Asked Question
365 - Set up your Microsoft 365 sign-in for Multi-Factor Authentication (MFA)
Last Updated a year ago
By setting up MFA, you add an extra layer of security to your Microsoft 365 account sign-in. For example, you first specify your password and, when prompted, you also type a dynamically generated verification code provided by an authenticator app or sent to your phone.
- Visit portal.office.com.
- Sign in to Microsoft 365 with your "work or school account" with your 365/email password
- If you can't remember your password, and your organisation has not enabled self-service password reset, please contact us for advice.
- After you choose Sign in, you'll be prompted for more information.
- Choose Next.
- The recommended authentication method is to use the free Microsoft Authenticator app.
- If you have it installed on your mobile device, select Next and follow the prompts to add this account.
- If you don't have it installed there is a link provided to download it. You can use any other authenticator app on your phone e.g. Google using a provided QR code or token which you will need to enter manually.
- If you would rather use SMS messages sent to your phone instead, select I want to set up a different method. Microsoft 365 will ask for your mobile number, then send you an SMS message containing a 6-digit code to verify your device.
Tip: For a faster, and more secure, experience we recommend using an authenticator app rather than SMS verification. It is likely, also, that other methods of authentication may be discontinued in the future.
- Once you complete the instructions to specify your additional verification method, the next time you sign in to Microsoft 365, you'll be prompted to provide the additional verification information or action, such as typing the verification code provided by your authenticator app or sent to you by text message.
Note: Generally you'll only need the additional verification method the first time you sign into an app or device, or after you've changed your password. However logging into a browser usually prompts more frequently.
- If you have any problems signing-in to an App, such as Teams or Outlook, especially on a phone or Mac, then you may need to generate an "App password" for that device and use that instead:
- Select "My account" from your user icon in the top right-hand corner of any Office On-line app (such as Outlook for the Web) or sign-in directly to https://myaccount.microsoft.com
- Select Security Info
- In the Security info screen, select + Add method and choose App password from the drop-down in the pop-up.
- Follow the on-screen instructions.
- Use the App password for the Office sign-ins on one device.
- Generate additional App passwords for use on other devices.
- NOTE: an App password is not viewable after creation, so ensure you have taken a copy of it before clicking Done on the final set-up screen.
Direct access to MFA settings are here: https://aka.ms/mfasetup (sometimes the My Account page doesn't load correctly)
If this takes you to the older-style MFA Setup page, click the title "App Passwords" even though it doesn't look like a link.