Microsoft bolsters Office 365 security with multi-factor authentication

Office 365
Not quite 365 authentication factors, but definitely more than one

Microsoft has expanded multi-factor authentication to all Office 365 subscription plans, giving consumers and businesses an extra security option to ensure the safety of their documents.

The new feature requires users to give extra authentication in addition to a standard password. This will usually take the form of a code via a text message or app notification, but it might also involve a phone call to verify the user.

Multi-factor authentication has been available for Office 365 admins since June 2013, but now everyone can turn on the feature, and business owners can enable it for all their employees.

Offering choices

Once the feature is enabled, users will be prompted to set up how they would like to authenticate their account: an automated phone call requiring them to press the pound (#) key, a text message containing a six-digit code they must enter on their computer, or a notification or code received through a smartphone app.

This second authentication method can be changed by the user at any time once they are logged into their account.

Enhanced security

Admins also have the option to enforce multi-factor authentication for some users, perhaps those with more privileges or who work with more sensitive information, while letting others use standard password authentication.

The enhanced security will also require setting up of app passwords for Office applications. These are 16-character randomly generated passwords that can be used in place of the standard second authentication factor. This can be disabled if needed.

Microsoft said it will continue to work on new multi-factor authentication methods in the future.

Via PC World