This is applicable to accounts that already exist, have been logged into previously and are in use.
Getting Prepared for Multi-Factor Authentication (MFA)
To be ready for when MFA is enabled for your account, you must first get registered and prepared for how you would like to accept the MFA access requests. There are a few different ways to approach this, and currently we are recommending the use of the Microsoft Authenticator app on your Mobile Device.
It is always recommended to setup more than one method in the event that one of the methods becomes inoperable or gets broken.
Login to the Additional Security Verification page
On your computer, Navigate to:
https://account.activedirectory.windowsazure.com/Proofup.aspx
You can also use this link to manage your security information on an on-going basis, say if you are transitioning to a new phone.
If you have not already logged into an Office 365 enabled site for the day (Email, MS Teams, Brightspace, etc) you will be prompted to sign in. Use your email address and password to Login. Once logged in some of this is likely already setup, but most is most likely not setup.
There are different options available for MFA, it is important to choose the one that is right for you. The options are in the screen shot and described below that.
Call my Authentication phone: Your programmed phone (Mobile, Landline) will ring with an automated voice on the other side. This voice will ask you to press a button to allow access.
Text code to my authentication phone: A text message, including a One Time PIN will be sent to the number of the programmed phone (Only applicable to mobile phones).
Call my office phone: This allows the ability to include an extension number in the phone being called. Same results as call my authentication phone.
Notify me through app: This will use the Microsoft Authenticator app (when setup) to push an Allow/Deny notification to the phone the app is installed on.
Use verification code from app or token: This option allows the use of Time Based On Time Pins, either in an App (like Google Authenticator) or on a physical device, to be used as verification. Usually 6 digit pin that rolls every 30 seconds.
Setup Microsoft Authenticator App (Recommended)
Download the App
To download the authenticator app, click the link below and enter your phone number to receive a text message with the link to your device.
https://www.microsoft.com/en-us/account/authenticator
Open the Additional Security Verification Page
In the Additional Security Verification Page, regardless of the other options that are already setup, click the Set up Authenticator app button.
A new pane will open in the browser with some information and instructions.
Follow the instruction on the screen to setup the Authenticator App
Click Next when completed
You will be prompted in the app on your device to approve the sign in request. Approve the request.
Once you have successfully completed the registration to your app/device, you will be brought back to the original page with your phone model listed at the bottom (next to the Delete Button), and Check Mark will have been placed automatically next to Authenticator App or Token option and the drop down at the top of the page should now say Notify me through app.
If this information is not reflected, adjust reflect as shown in the image example below.
Click Save
Setup Text Messaging
This is required as backup to the App Notification.
This only works on Mobile phones that can accept text messages (SMS). Mobile rates may apply.
Open the Additional Security Verification Page
In the Additional Security Verification Page, ensure a check mark is placed next to Authentication Phone. Select the country code for the phone number being used from the drop down, and enter your phone number to be used in the provided space.
If you have previously validated the phone number and you are using this option only as a backup, not additional steps are required and you can click the save option.
Setting as Preferred option
From the Preferred option section drop down, select Text code to my authentication phone.
This will start the verification process to make sure you do not get logged out, which in this case will send you a text message to your device to authenticate.
Changing Preferred Options
Anytime you change preferred options, you will be prompted to validate that the option is available to you. For example, if you move from Notify me through app to Text code to my authentication phone, you will be required to test and confirm that you can receive a code through Text message. If you move from Text code to Notify me through app, you will need to press Accept in the push notification.
These options can be changed at any time.