How do I enable 2FA for Microsoft 365?

Featured image

Share this article

How do I enable 2FA for Microsoft 365 (Office 365)? - Paubox

Two-factor authentication (2FA) is a layer of email security to prevent hackers from accessing email accounts. Healthcare organizations should seriously consider enabling 2FA as part of your HIPAA compliant email strategy. Even if a hacker gains access to a password, it’s highly unlikely that they will be able to access a second authentication method.

It’s possible to enable 2FA for Microsoft 365. If you bought it recently, it may already have automatically turned on. But if you need to manually enable 2FA (or multi-factor authentication (MFA) as Microsoft 365 calls it), here are the steps to do so.

SEE ALSO: Is Microsoft 365 HIPAA compliant?

Step 1: Turn off legacy per user MFA

You must be a global admin to enable MFA for all employee email accounts. But before you begin, you’ll need to turn off legacy per user if it’s enabled. Once you log into the Microsoft 365 admin center, follow these steps to turn off legacy per user:

  • In the left navigation pane, select “Users” and click “Active users.”
  • Choose “Multi-factor authentication.” 
  • Select each email account and set its multi-factor authentication status to “Disabled.”

Turning off the legacy per user allows an administrator to turn on security defaults. 

Step 2: Turn on modern authentication (Only for Office 2013 clients on Windows devices)

Modern authentication may already be enabled, but you will need to verify this to enable MFA. From the Microsoft 365 admin center home page, the steps to turn on modern authentication are:

  • In the left navigation pane, choose “Settings” and then click on “Org settings”
  • Look under the “Services” tab for “Modern authentication” and click on it. 
  • Select “Enable modern authentication” if it’s not already on. 
  • Click “Save changes”

Step 3: Turn on security defaults

Security defaults may have already turned on automatically with your subscription, but you’ll want to confirm this. Here are the steps you need to take to check your security defaults from the Microsoft 365 admin center home page:

  • In the left navigation pane, choose “Show all.” Under “Admin centers,” select “Azure Active Directory.”
  • On the next page, click “Azure Active Directory” and choose “Properties.”
  • Choose “Manage security defaults.”
  • Select “Yes” to turn on security defaults. Don’t forget to hit save!

This is the last step for administrators. After this, employees are in charge of setting up MFA for their email accounts. 

Step 4: Employees will be prompted to set up MFA when they sign in next

Once an administrator has turned on security defaults, employees will get a prompt to set up MFA the next time they launch Microsoft 365. Employees will choose which authentication method is best for them.

The default authentication method is to use the Microsoft authenticator app to receive a one-time code to sign into their email account. If employees don’t want to use a verification code generator, they can opt to receive a text message with a one-time code to access their email account.

Choose Paubox for healthcare email security

Paubox Email Suite enables healthcare professionals to send HIPAA compliant email to their patients. Employees can use automatically encrypted emails to directly communicate with patients in their inboxes. 

Paubox is simple to use since it can easily integrate into popular email providers like Microsoft 365. Paubox also requires two-factor authentication to log into the customer admin panel, which gives your email security an extra layer of protection.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022