Multi-factor authentication (MFA) is a security enhancement that allows you to present two or more pieces of evidence – your credentials – when logging in to an account. It is considered to be the single most effective security measure to protect against unauthorized account take overs and identity compromise.
Your credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a security card), or something you are (like your fingerprint).
You’ve used MFA if you’ve:
- swiped your bank card at the ATM and then entered your PIN (personal ID number).
- logged into a website that sent a numeric code to your phone, which you then entered to gain access to your account.
MFA helps protect you by adding an additional layer of security, making it incredibly harder for bad guys to log in as if they were you. Your information is safer because thieves now need more than just your username and password to access your account.
Protecting Office 365
With many services moving to the cloud, this makes it increasingly easy for you to access your data from any device and any location. In the event that your account becomes compromised, the same holds true for the bad guys as well. Someone halfway around the world could just as easily access your account if they possess your username and password.
By enabling MFA on your Office 365 account, you are adding a significant layer of protection. Without access to your additional factor, your username and password alone, are worthless to the bad guys.
Using the Security Card
By pressing the Questar “star”, your new MFA
card will be used to generate a random six-digit
Security Code that will be used as your final
authenticating factor, after entering your
username and password.
This randomized Security Code is:
- Unique to only your account
- Valid for 30-seconds
- Single-Use only
Whenever you sign into any Office 365 service on a new
device, you will be prompted to enter a Security Code.
To reduce the number of times that you’re prompted for
a Security Code on that particular device, check the box
indicating, “Don’t ask again for 14 days”
In addition to your Security Card, it is highly recommended that you add at least one more security factor method to your account. Doing so can help you avoid getting locked out of your account in the event that your Security Card becomes lost or damaged. This can be accomplished by navigating to your account settings within Office 365.
- Log into Office 365
- Click on your initials in the top right of the screen
- Select “View account”
- Within the Security info pane, select “UPDATE INFO”
- Click on the “Add method” option
- Choose your preferred additional authentication method
o We’ll continue with the Phone option (Text Message)
- Enter your cell phone number when prompted
- Ensure the “Text me a code” is selected – Hit Next button
- Enter 6-digit code from your cell phone when prompted
Using Additional Factors
When attempting to use any of your additional factor methods, click the link to “Sign in another way” when prompted for your Security Card code.