How to Setup MFA for Office 365 Users

0

Multi-Factor Authentication also known as MFA is a security mechanism where computer users have to input 2 evidence of authentication such as password and OTP (One time password). In this ear of technology, security is very important and almost all big companies provide MFA for their IT services. In this article, we will learn how we can set up MFA on an Azure Active Directory user and what options are available in MFA settings.

How to Setup MFA on Azure Active Directory User

 

Step 1 : Log in to  https://portal .azure.com

Step 2 :  Search Azure Active Directory in Search Bar

Multi Factor Authentication

 

Step 3 : Select Users from Users Blade

MFA Users

Step 4:  Click on Multi-Factor Authentication, it will open in a new browser tab.

MFA Link

Step 5 : Click on Search Icon and find the user on which you want to enable MFA. Select User and Click Enable

MFA Settings

Step 6: Click Enable and then select enable multi-factor auth

enable multi-factor auth

 

Step 7: Click Settings and select the first option “ Require Selected Users to provide contact methods again ”, You will be presented by two options

  1. Authentication Phone – You will receive a code by SMS.

MFA Phone

  2. MFA Mobile App – You will install Microsoft Authenticator App on your phone to authenticate Login.

MFA APP

 

How to get List of Users with MFA Status

You can use the following PowerShell commands to fetch a list of users with their MFA Status enabled or disabled. This script will get a list of users who are licensed.

Get-MsolUser -all | select DisplayName,UserPrincipalName,IsLicensed, @{N=”MFA Status”; E={ if($_.StrongAuthenticationRequirements.Count -ne 0){  $_.StrongAuthenticationRequirements[0].State } else {‘Disabled’} } } | Export-Csv -Path “C:\scripts\mfa.csv”

 

Leave A Reply

Your email address will not be published.