I do not have an MFA set up and it is now required – what to do?
If you are logged into an Office365 application (Teams, Outlook, etc.), chances are you will be able to continue working with your existing login. If you log in on a new device, or if your saved login is not enough, you will be prompted to log in with a password, and after logging in with a password, you will be prompted to set up an MFA.
In the case of the Outlook mobile application, you will be redirected to a link to set up the MFA in your Internet browser on your mobile phone.
Setting up the MFA
A certain limitation in this situation is the offer of only three methods of setting up the MFA – SMS to the phone, MS Authenticator on the mobile and other authentication applications generating one-time codes. Therefore, it is not possible to set up the security key method (FIDO) in this situation. However, if you set up any of the offered methods and log in with the MFA set up, you will then be able to set up authentication using the security (FIDO) key (multiple MFA methods can be set up).
MS Authenticator on mobile
Install the Microsoft Authenticator application on your mobile from Google Play or the App Store (see below for other MFA setting options). Launch this app, select Add Account, select Work or School Account, and finally select Scan QR Code
In the dialog for MFA settings, Microsoft Authenticator will be preselected as the default option, so choose the “Next” button straight away and then one more time until you see the QR code.
Scan this QR code with the Microsoft Authenticator app on your phone. Confirm the test notification on the mobile with the Approve button and continue on your computer with the Next button.
After setting the second factor, the next time you log in to Office365, you will be prompted to enter a code that you will see in the Microsoft Authenticator application on your mobile.
SMS to phone
In the MFA settings dialog, click “I want to set another method” at the bottom. Select the “Phone” method from the drop-down list.
Enter the area code and phone number to which you want to receive SMS with verification codes. Warning: for this method, it is not possible to use a phone number that is used by another user for authentication within the organization.
To verify the phone, a 6-digit code will be sent to it, which you write down in the dialog. After this step, the setup will be completed.
Another authentication application on mobile
Microsoft Authenticator will be selected as the default option in the dialog for MFA settings – so select “I want to use a different authentication app“.
Office365 prompts you to add a new account for one-time codes in the application of your choice. Do so and click “Next” in the Office 365 dialog. You should see a QR code that you can then scan with your mobile app.
You will then be asked to enter a code generated by your mobile application. Do so. This will allow Office365 to verify that the pairing with the mobile was successful and complete the authentication method setup.