Free Support via:  +31 (0)20 796 9999
  1. Home
  2. Knowledge Base
  3. Microsoft 365 (Office 365)
  4. Set Up Two-Step Verification for Microsoft 365

Set Up Two-Step Verification for Microsoft 365

Microsoft 365 users enhance the security of their accounts by setting up Multi-Factor Authentication (two-step verification or MFA). In this guide, we explain the available options within the Microsoft 365 environment and provide you with a step-by-step process to configure MFA.

Follow these steps to set up Multi-Factor Authentication (MFA) for Microsoft 365

Step 1: Select your user(s)

First, select the user for whom you want to activate or deactivate MFA (for example, due to issues with an authenticator app):

  1. Log in with the Global Admin of your Microsoft 365 tenant. (You can find the login in our control panel, under ‘Users’ in your Microsoft 365 tenant.)
  2. Go to Users > Active users in the Microsoft 365 admin center.
  3. Select the user whose MFA settings you want to modify.

Step 2: Change the Multi-Factor Authentication settings

Once you have selected the appropriate user, the option ‘Multi-Factor Authentication’ will appear above the user list.

  1. Click on ‘Multi-Factor Authentication’.
  2. You will be redirected to ‘entra.microsoft.com’, where you can enable or disable MFA for your users.
  3. To enable or disable MFA for a user, select the user and click “Enable MFA” / “Disable MFA”.

Requiring Multi-Factor Authentication for a user

As an admin, you can also enforce MFA for your users. This will require users to set up MFA the next time they log in.

  1. Select the user for whom you want to enforce MFA.
  2. Next to ‘Enable MFA’ and ‘Disable MFA’, you will also find the option ‘Enforce MFA’. Click on this to enforce MFA.

Additional options for configuring MFA

Once you are on the ‘entra.microsoft.com’ page and have selected a user, you will also see the ‘User MFA settings’ option. Here you can find additional settings for configuring MFA. We highlight three options:

  1. Require selected users to provide contact methods again:
    This option ensures that selected users must reconfigure their MFA contact methods (such as phone number or email address).
    Useful if you suspect that the contact information is outdated or incorrect, or if a user needs to be reset for MFA.
  2. Delete all existing app passwords generated by the selected users:
    This deletes all previously created app passwords for the selected users.
    App passwords are often used for applications that do not support MFA. Enabling this option forces users to create new app passwords when needed.
  3. Restore multifactor authentication on all remembered devices:
    This resets all devices marked as “trusted” by the user. Users will then need to perform MFA again on all devices, even those previously exempted. This is useful if you want to investigate a suspicious login attempt or enhance security.
Updated on 17 December 2024

Was this article helpful?

Related Articles