Enable Two-Factor Authentication (2FA/MFA) for Microsoft Office 365

---

Office 365 Two-Factor Authentication (2FA) or Multi-Factor Authentication is the process of secure Authentication in which a user or an organizational employee have to provide two factors to gain the access to Office 365 data. Microsoft Office 365 Two-Factor Authentication starts with user submitting his traditional username and password. Once user successfully gets authenticated with the 1st step verification, configured 2FA (OTP over SMS, Push Notifications, Google Authenticator, Microsoft Authenticator etc) method prompts on for 2nd-step verification. After successfully authenticating with both of the steps a user is granted with the access to the Microsoft Office 365 resources. This additional security layer prevents the unauthorized person from accessing the Microsoft 365 resources even if cyber attackers get to know your credentials.

miniorange provides 15+ Multi-Factor Authentication (MFA) methods and security solutions for various use cases. It allows users and organization to configure certain authentication and settings which includes setting up password restrictions, restricting sign-in methods, as well as other security settings. miniorange also makes a way for authentication apps that support Time-Based One-Time Password (TOTP) Google Authenticator, Microsoft Authenticator, Authy 2-Factor authentication app and our own miniorange Authenticator app. Follow the given guide to setup secure Multi-factor Authentication in Office 365 account.

5. Now sign in to your Microsoft Office 365 account with miniOrange IdP by either of the two steps:

1. Using SP initiated login :-

1. Go to Office 365 Login and click on sign-in.
2. You will be redirected to Microsoft Online portal. Here you have to enter the UPN of the user.(It should contain the domain that is federated with miniOrange)
3. Now you will be redirected to miniOrange IdP Sign On Page.




4. Enter your login credential and click on Login.
5. Since we have Multifactor/Two-factor authentication (MFA/2FA) enabled, you will be prompted to register for it. It's a one time process.
6. Configure your basic details.



7. Configure any authentication method of your choice.



8. After successful registration, you will be logged in to your Office 365 account.
9. Now we have Two-factor authentication enabled.
10. To verify your Two-factor authentication(2FA) configuration, go to your Office 365 Domain. You will be redirected to miniOrange login console.



11. Enter your login credentials, and click on login. It will prompt to verify yourself against the configured Multifactor Authentication (mfa/2fa) method.
    e.g. If you have configured OTP over SMS, after login into Office 365 it will prompt for OTP.



12. Enter the OTP received in your phone, after successful 2FA verification, you will be redirected to the Office 365 dashboard.

2. Using IdP initiated login :-

1. Login to your miniOrange Self Service Console as an End User and click on the Office 365 icon on your Dashboard.
2. Once you click on Office 365 you don't need to enter credentials again you will be redirected to Office 365 account.

External References

• What is Multi-Factor Authentication (MFA) and how does it work?
  
• Get more info around Office 365 Multi-Factor Authentication (MFA) security
  
• Configure Office 365 IP Restriction
  
• Office 365 setup with on-premises environments
  
• Looking for SSO and 2FA solutions around other Office 365 Applications (PowerBI, Sharepoint, Outlook etc)
  
• 2-Factor Authentication for Outlook