Summary

Adding a second factor to your online accounts makes it more difficult for a 3rd party to access your account. Two factor authentication (2FA) is a common practice among most internet platforms.

Our Office 365 accounts allow a variety of methods to be used.

  • Mobile Phone Number (receive a text message containing a code each login attempt)
  • Authentication App (receive a notification or open app to reveal code to type in each login attempt)

Why Two Factor Authentication?

As more of our lives migrate to digital platforms, our digital accounts become bigger targets for hackers. Hackers have a lot of tools at their disposal to access accounts that do not belong to them. Most platforms require a working email address and relatively complex password during the account creation process, but even having a complex password can fail against a determined hacker.

To help protect digital accounts, most internet platforms encourage a second factor be used (2FA). Most 2FA systems create a randomly generated key that is stored only on the device of the person setting up 2FA. Instead of having to remember the often long and complex key, a unique code can be generated using this key that is only a few digits long. Most 2FA systems generate a new code once every 60 seconds (time-based one-time password), so that even if a hacker was able to see a code this minute, it will not work the next.

Office 365 2FA Options

Microsoft allows a variety of tools to serve as a second factor for your Office 365 account. The simplest factor is a mobile phone number. When this is enabled and a sign-in is attempted, Microsoft will send an automated text message to your mobile device that contains a randomly generated code. You will need to copy the code to the device you are trying to sign into in order to access your account. This code is only effective for one sign-in attempt, and a new code will be generated with each login.

For those without a mobile phone number or working in an area without reliable cell coverage, users need an alternate method. There are applications that can generate a code using a locally stored key that can serve as a second factor. The app that works best with Office 365 is “Microsoft Authenticator”, which can be found in the iOS App Store and Android Google Play Store. For more information, or to download Microsoft Authenticator, click here.

When Microsoft Authenticator is used, a notification is sent to your device whenever a sign-in is attempted. Upon opening the application, you can either accept or deny the login attempt. If you do not have a network connection, you can open the app to generate a code that can be typed into your computer.

How to Turn on 2FA in Office 365

  1. Go to Office 365 and sign-in using your district account
  2. Click on your account icon on the top right of the screen
  1. Click “View account” in the drop down menu that appears
  1. Click “Update Info” towards the middle of the screen
  1. Click “Add sign-in method”
  1. Choose the second factor method you would like to use by clicking “Choose a method”
    • If you choose “phone”, you will be asked to enter your mobile phone number. Using this method will send you a one-time code upon each login attempt, and is reliant on your phone’s cell connection and ability to receive SMS messages.
    • If you choose “Authenticator app” you will be provided instructions on how to setup your authentication app. Using this method relies less on the cell network and can be setup on many more devices.
  1. You will see all methods you have added. You can add multiple methods to prevent getting locked out of your account if a device is lost or misplaced. You can also change the default sign-in method to match the easiest method for you.
  1. Once you have added a second factor, you will be asked to enter a second verification step every time you login to Office 365 on a new device. If you click “Sign in another way”, you will be shown all of the methods you have setup for your account.