How to Enable Multi-Factor Authentication (MFA) in Office 365?

Requirement: Enable multifactor authentication for Office 365 users.

How to Enable Multi-Factor Authentication in Microsoft 365?

Multi-Factor Authentication (MFA) adds an extra layer of security to your account by requiring an additional form of authentication in addition to your password and can help protect your data from unauthorized access in the event your password is compromised. MFA is not enabled by default. This article will show you how to enable MFA for your Microsoft 365 account. We’ll cover the different authentication methods available, and walk you through the process step by step.

We can enable MFA in Office 365 through the Microsoft 365 Admin Center:

  1. Login to the Microsoft 365 Admin Center at https://admin.microsoft.com/.
  2. Expand “Users” and click on “Active Users”.
  3. Click on “Multi-Factor Authentication” button in the ribbon.enable multi factor authentication for office 365
  4. Select the user(s) for which you want to enable MFA >> Click on “Enable” on the right side panel.enable multi factor authentication office 365 admin
  5. Click on “enable multi-factor auth” to confirm enabling the multi-factor authentication for selected users.how to enable multi factor authentication in office 365

Bulk enable multi-factor Authentication in Office 365

You can bulk enable MFA for multiple users by selecting all of them on the “Multi-factor Authentication” page above. Alternatively, you can click on the “Bulk Update” button and follow the steps to enable MFA for bulk users in Office 365. It uses a CSV template to bulk update MFA settings for multiple users.

bulk enable multi factor authentication office 365

PowerShell to Enable Multi-factor authentication in Office 365

Currently, there is no method to enable MFA using the PowerShell V2 module, and we got to use the classic V1! Ensure you have installed the Azure AD PowerShell Module: How to Install the Azure AD PowerShell module?

Let’s enable MFA for one particular user account in Office 365:

$UserID = "[email protected]"

#Connect to Azure AD V1
Connect-MsolService

#Create a Strong Authentication Requirement Object
$SAR = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$SAR.RelyingParty = "*"
$SAR.State = "Enabled"

#Enable MFA for the user
Set-MsolUser -UserPrincipalName $UserID -StrongAuthenticationRequirements @($SAR)

To get all user accounts with MFA enabled, use:

Get-MsolUser | Where {$_.StrongAuthenticationMethods -like "*"}

You can enable Multifactor authentication for all user accounts with the following:

#Connect to Azure AD V1
Connect-MsolService

#Create a Strong Authentication Requirement Object
$SAR = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$SAR.RelyingParty = "*"
$SAR.State = "Enabled"

#Enable MFA for All User Accounts
Get-MsolUser -All | Where {$_.StrongAuthenticationRequirements.State -eq $null} | Set-MsolUser -StrongAuthenticationRequirements @($SAR)

Wrapping up

In conclusion, enabling multifactor authentication in Microsoft 365 is a simple and effective way to increase the security of your accounts and protect your sensitive data. By requiring an additional form of authentication, such as a code sent to your phone or email, you can significantly reduce the risk of unauthorized access to your accounts. Setting up multifactor authentication is quick and easy, and the added security is well worth the effort. Whether you’re an individual user or part of a larger organization, take the time to enable multifactor authentication and safeguard your Microsoft 365 accounts.

Salaudeen Rajack

Salaudeen Rajack - SharePoint Expert with Two decades of SharePoint Experience. Love to Share my knowledge and experience with the SharePoint community, through real-time articles!

Leave a Reply

Your email address will not be published. Required fields are marked *