Why you need to enable MFA for your Microsoft 365 account

Why you need to enable MFA for your Microsoft 365 account

Illustration of multi-factor authentication (MFA) process

Enabling multi-factor authentication for your Microsoft account will give you better protection against attacks and phishing attempts.

A single password, which is often weak and used across multiple websites, is not enough to protect your organisation against a cyber attack. If a hacker cracks that password, they will very quickly have access to not only your email account, but all your Microsoft services and you may not be immediately aware. Another frightening thought is that a hacker could crack into a Microsoft account and pose as that user to trick others into opening malicious links or attachments, or revealing confidential information. 

Multi-Factor Authentication (MFA) for Microsoft 365 (formerly Office 365) is a simple and easy way to keep your network and email protected from cyber attacks – it is a second layer of protection against intruders. MFA means that, if an attacker figures out your Microsoft account password, the account will not be compromised unless they also have access to your second protection layer, usually your mobile device. 

MFA is particularly important for the people who administer Microsoft 365 for your organisation because they have more and deeper access to the inner workings of your network. We highly recommend that, at the very least, your Microsoft 365 administrators use some form of MFA. 

MFA on Microsoft 365 is easy to set up for individuals or across your whole organisation – check out the useful resources below. 

What is multi-factor authentication (MFA)? 

MFA is an extra layer of security to prevent unauthorised access to your Microsoft 365 account. You may also hear it referred to as Two-Factor Authentication (2FA) or Two-Step Authentication (2SA). Instead of only entering your email address and password to log in, you’ll also be required to approve sign-in attempts with the Microsoft Authenticator app. 

How to set up MFA – For users 

The link below gives instructions for users to download and set up the Microsoft Authenticator app for smart phones – the easiest verification method for MFA 

Use Microsoft Authenticator with Microsoft 365

How to set up MFA – For organisation administrators 

The links below explain how Microsoft 365 administrators can set up MFA for other Microsoft 365 users in your organisation and clarify the security defaults that you need to be aware of. 

Set up multi-factor authentication

What are security defaults?


For further security tips and tricks, check out our Resources page which we are continually adding to.