Two Factor Authentication for Office 365 - Free Practical Security For GDPR


Two Factor Authentication (2FA) is a quick and easy way to greatly increase your level of security when logging into your systems. Two factor authentication is based on needing two things that will act as a security token, rather than just one. This is usually something you know and something you have; like your normal password and a code off your phone. You may already use two factor authentication with your personal online banking but with GDPR coming up, it is important you review your security, and potentially implement 2FA across other systems.

In What Scenario Is 2FA Useful?

Two Scenario 1 - Hacking: Imagine that you are working in a popular coffee chain store (I don't drink coffee, but I'm told hackers love it!), using their Wi-Fi to do some work and check your emails. A hacker is sat in the corner of the room (surreptitiously drinking his/her Café macchiato with extra marshmallows...again, NOT a coffee drinker here), this well caffeinated hacker has already got access to the poorly secured Wi-Fi network, and router, and is listening to all the traffic passing through it, including your password/s. 2FA means that even if your password is known to the hacker, or indeed someone you mistakenly told your password to, they still can't log in to your system as they don't have the other half of the solution!

Scenario 2 - Theft: Imagine that your laptop is stolen from your car, or just left on a bus and subsequently taken. The Windows password is easy to bypass for people with basic IT skills, and once inside your computer the perpetrator could load up your web browser and log into your office 365 portal with ease, assuming your password is saved by the browser already. 2FA will prevent this.

How To Setup Two Factor Authentication For Office 365

At the moment, you probably have your Office 365 login set to "Keep me logged in" and "Do not ask me again". This has never really been fine to do, but under GDPR you face the reality of hefty fines for loss of data, and will be more aware of the need to have tighter security.

1. First off, we will need to download the Microsoft Authenticator app from the google play store (for android devices) or the Appstore (for Apple devices). You may also have seen google authenticator, this is good for may platforms but does not work with Office 365. Both are good but for Office 365 you will need to download and install the Microsoft Authenticator.

2. Once that has been installed, find the Icon on your phone. It will look like a lock on a blue background titled "authenticator". Then you should see the option to add an account. Once you tap on that you should see the screen below:

3. If you do not have an obvious button, you can use the "three-dot" menu in the top right to get a drop-down and then tap "add account":

4. Then tap on "work or school account" and enter your details, you should then be taken to a QR code scanner. 

5. Now it's time to switch devices and get the QR code you need to display on your computer screen. If you have had your two-factor authentication setup by your admin then you should be prompted when you try to login to Office 365 to setup your two factor authentication credentials.

6. Click on the "Mobile app" option. Enter in your mobile phone number for emergency recovery and click next.

7. You should then be shown a QR code (similar to the one below). Scan this with your phone and the account will be added onto the authenticator app.

8. The next time you login you will be asked to provide a code, this can be found on the authenticator app and is generated automatically when you open the app.


Security Takes Discipline

Does this all seem like a hassle? Well yes, it is, and that’s just tough really (sorry, not sorry), security isn't easy, having no security is much easier, of course! So, discipline yourself to do things the "hard" way, and think of all those coffee drinking hackers you will be upsetting by having a decent level of security. 


Enjoy the blog post? Then you would love our newsletter! Sign up here Signup and get a free Office 365 pitfall PDF guide

Call us on: 01865 988 217

Follow us here LinkedIn or here Twitter

Drive Encryption For Windows - Free Practical Secu...
OWA is retiring – no more easy access to Shared ma...

  • At Bongo IT, we know that technology is increasingly dominant and crucial to maintaining business performance and productivity.

    Organisations should make sure they are making the right IT decisions for their current needs, whilst also planning for the future with flexible and scalable solutions.

  • As a special offer, we are offering a FREE one hour consultation to address your current IT setup and recommend an effective strategy for your future requirements.

    Addressing issues such as computer hardware, broadband, data security, file sharing, compliance and more, we’ll help you build a plan and ensure you deploy the most cost-effective IT strategy for your company’s needs.