How to Set Up Multi-Factor Authentication for Microsoft 365

What to do after a Cyber Breach Reading How to Set Up Multi-Factor Authentication for Microsoft 365 3 minutes Next Essential Cybersecurity Compliance for Small Business

In today's digital landscape, safeguarding your business's sensitive information is more crucial than ever. Cyber threats are continually evolving, and relying solely on passwords to protect your accounts is no longer sufficient.

This is where Multi-Factor Authentication (MFA) steps in as a vital layer of defence. MFA significantly enhances your security by requiring users to verify their identity through multiple methods before gaining access to their accounts.


Implementing MFA in your business, especially for platforms like Microsoft 365 is essential.

Here we outline how to set up MFA for Microsoft 365.

Step 1: Access the Microsoft 365 Admin Centre

  • First, you need to log in to the Microsoft 365 Admin Centre. You can access this by visiting admin.microsoft.com and entering your admin credentials.

Step 2: Navigate to the MFA Settings

  • Once logged in, navigate to the Users > Active users section.
  • On the Active users page, click on Multi-factor authentication. This link will take you to the MFA setup page where you can see the status of MFA for each user.

Step 3: Enable MFA for Users

  • You can set up MFA for individual users or in bulk. To enable MFA, select the user(s) you want to enable MFA for and then click on Enable under the quick steps section on the right side of the page.
  • A pop-up window will appear to confirm that you want to enable MFA. Click enable multi-factor auth to proceed.

Step 4: Configure User Settings

  • After enabling MFA, users will need to set up additional verification methods the next time they log in. As an administrator, you can also define available methods.
  • Go to the Service settings tab where you can choose methods available to users, such as phone call, text message, or app notifications.

Step 5: User Setup

  • When MFA is enabled, instruct your users to complete their MFA setup. They will be prompted to set up additional security verification during their next login.
  • Users can choose their preferred method (e.g., Microsoft Authenticator app, phone call, or SMS) and follow the on-screen instructions to complete the setup.

Step 6: Review and Manage MFA Settings

  • Regularly review the MFA settings and compliance from the Microsoft 365 admin centre. Ensure all users have MFA enabled and are using it correctly.
  • You can also generate usage reports to monitor compliance and usage of MFA across your business.

Additional Tips:

  • Educate your users on the importance of MFA in protecting their accounts.
  • Consider using conditional access policies for more granular security controls, such as requiring MFA only when users are not connected to the corporate network.
  • Encourage users to install the Microsoft Authenticator app for a smoother and more secure verification process

Note: If you purchased your subscription or trial after 21st October 2019, and you're prompted for MFA when you sign in, security defaults have been automatically enabled for your subscription. We recommend following these steps to check settings for all users. If you purchased your subscription before 21st October 2019, follow these steps to turn on security default MFA for all users.