Why Multi-Factor Authentication Matters
Multi-factor authentication (MFA) is one of the single most effective ways to protect your account. Microsoft reports that MFA blocks over 99.9% of account compromise attacks.
MFA adds a second layer of verification beyond your password - typically a notification or code on your phone. Even if someone obtains your password, they cannot access your account without this second factor.
Your IT team may have already enabled MFA for your account. If so, you will be prompted to set it up the next time you sign in. This guide walks you through that process.
What You Will Need
Your Microsoft 365 email address and password
A smartphone with the Microsoft Authenticator app installed - download it from the App Store (iPhone) or Google Play (Android)
A few minutes to complete the setup
Step 1: Sign In to Microsoft 365
Go to portal.office.com or microsoft365.com and sign in with your work email address and password as normal.
If MFA has been enabled for your account, you will see a screen saying "More information required". Click Next to begin the setup.
Step 2: Install the Microsoft Authenticator App
If you have not already done so, download the Microsoft Authenticator app on your phone. It is free and available on the App Store (iPhone) and Google Play (Android).
Once installed, open the app. You do not need to create an account in the app itself - you will link it in the next step.
Step 3: Link Your Account
Back on your computer, Microsoft will show you a QR code on screen. In the Authenticator app on your phone:
Tap the + button in the top right corner
Select Work or school account
Tap Scan a QR code
Point your phone camera at the QR code on your computer screen
Your account will be added to the app automatically. Click Next on your computer to continue.
Step 4: Test It Works
Microsoft will now send a test notification to your phone. You should see a pop-up from the Authenticator app asking you to Approve the sign-in. Tap Approve and then click Next on your computer.
You may also be asked to enter a number shown on screen into the app - this is called number matching and is an extra security step. Simply type the number displayed on your computer into the app and tap Yes.
Step 5: You Are All Set
That is it - MFA is now active on your account. From now on, when you sign in to Microsoft 365, you will enter your password as usual and then approve a notification on your phone. It only takes a couple of seconds.
What to Expect Day-to-Day
You will not be prompted every single time - Microsoft remembers trusted devices, so you may only see the MFA prompt every few weeks or when signing in from a new device or location
If you get a new phone, you will need to set up the Authenticator app again - contact your IT team if you need help with this
If you receive an unexpected approval request that you did not initiate, tap Deny and change your password immediately - someone may have your credentials
Troubleshooting
Not receiving notifications? Make sure notifications are enabled for the Authenticator app in your phone settings
QR code not scanning? Try selecting "Can't scan image?" on the Microsoft setup screen to enter a code manually instead
Locked out of your account? Contact your IT team or raise a support ticket and we will get you back in
Need Help?
If you get stuck at any point during the setup, do not worry. Just raise a support ticket or give us a call and one of our team will walk you through it.