If your organization requires multifactor authentication (MFA), you need to register an additional verification method the next time you sign in to Microsoft 365.
Multifactor authentication adds an extra layer of security by requiring two or more forms of verification when you sign in. For example, after entering your password, you might be asked to approve a notification on your phone, provide a verification code, or use a passkey.
Why multifactor authentication is important
Passwords can be guessed, stolen, or reused across multiple websites. Multifactor authentication helps protect your account by requiring an extra form of verification that's more difficult for an attacker to obtain.
Multifactor authentication can use a combination of:
- Something you know, such as your password.
- Something you have, such as your phone or a security key.
- Something you are, such as a fingerprint or facial recognition.
Before you begin
Your Microsoft 365 administrator must enable multifactor authentication for your account before you can set it up. When MFA is required, you're prompted to register a verification method when you sign in.
Set up multifactor authentication
Sign in to Microsoft 365 using your work or school account.
If your organization requires MFA, you'll be asked to provide additional security information.
Follow the prompts to register one or more verification methods approved by your organization. Depending on your organization's settings, available methods might include:
- Microsoft Authenticator
- Authenticator Lite in Outlook
- Passkeys
- Windows Hello for Business
- SMS text messages
- Voice calls
- Hardware or software tokens
Complete the verification process.
When setup is finished, your registration information is saved and can be used to verify your identity during future sign-ins.
What happens after setup?
After you register a verification method, Microsoft Entra ID can request additional verification when your organization requires it. MFA prompts appear as part of the normal sign-in experience.
Your organization might require multifactor authentication:
- Every time you sign in.
- Only for specific applications.
- When you're signing in from a new device.
- When you're outside the corporate network.
- Under other conditions defined by your organization's security policies.
Manage your verification methods
You can review, add, or change your verification methods at any time from My Profile.
From there, you can:
- Add a new verification method.
- Change an existing verification method.
- Remove a verification method that you no longer use.
- Update your phone number or device information, if your organization allows it.
Troubleshooting
I don't see the option I want to use
Your organization's security policies determine the verification methods available to you. If you don't see a preferred method, contact your IT administrator.
I replaced or lost my phone
If you no longer have access to a registered verification method, contact your IT administrator for help regaining access to your account.