Two Factor Authentication for Office 365: What, Why & How

Curtis Glassen Helpdesk Tech Tips

Chances are high you’ve seen a message from an account you hold asking if you’d like to enable two-factor authentication (2FA). It might have seemed like the account provider was trying to make your life more complicated! However, they were actually using 2FA to deliver an extra level of security and protection for your credentials and the information you were accessing. Let’s take a closer look at exactly what 2FA is, why it’s important, and how it works.

What is 2FA?

Two-factor authentication is a security protocol that requires two different forms of identification to verify you are who you say you are before allowing access to an account. For example, in addition to entering your User ID and password (one form of identification), you might also be required to submit a verification code sent to your phone. This is just one method of 2FA, but there are many.

Why is 2FA Important?

Simply put, two-factor authentication makes it harder for outside attackers to access sensitive or private information such as bank accounts or customer data. An Office 365 account that provides access to email, documents, financial statements, customer data, and a multitude of
other information is exactly the kind of account that’s most valuable to attackers. Think about a time where you’ve had to request a password change for your bank account – where does your bank send the reset link? To your email account! If hackers have access to your email account, they’re able to see everything you see, putting your sensitive data at risk.

In addition, as phishing threats continue to rise, so does the risk of your user ID and password falling into the wrong hands. However, if 2FA is enabled, your User ID and password aren’t enough to allow the attacker into your account, and your information will be better protected.

How does 2FA Work?

2FA can be enabled through a variety of methods and will depend on how you choose to set it up. For Microsoft 365, you can choose to verify with a unique code sent to your phone, a phone call or by using the Microsoft Authenticator app. Once you set up your method and identify your computer and other devices as “trusted,” you will only be prompted to enter a new security code any time you log in to a device that isn’t trusted. That means you won’t have to authenticate over and over again on devices you use regularly.

We also recommend setting up an additional verification method for Office 365 in case of a lost or stolen phone or mobile device. This enables a user to make use of the “sign in another way” link to access the account. If an alternative verification method has not been set, the user will need to work with the help desk to access and update the account.

Protecting business assets and customer data should be a top priority for any company and enabling two-factor authentication for Office 365 is a simple first step to getting it done. Contact us today to get started.