Office 365 Multi-factor Authentication
Like many applications that Tufts uses, Office 365 uses Duo Security to protect your account with Two-Factor Authentication. This page is for those who wish to have another layer of security on top of Duo's Two-Factor Authentication.
With Multi-Factor Authentication for Office 365, users are required to acknowledge a phone call, text message, or an app notification on their smartphone after correctly entering their password. Only after this authentication factor has been satisfied can a user sign in.
If your device is lost, you can disable the password remotely.
To set up multi-factor authentication, the first step is to request it:
Begin by submitting a request for o365 MFA, addressed to firstname.lastname@example.org.
When your request is answered, you are ready to move on.
After you are enabled for multi-factor authentication, you will be required to configure your second factor of authentication at your next login. Each subsequent login is enforced and will require use of the password and phone acknowledgement. The next step is to go into your Office 365 account:
Navigate to https://login.microsoftonline.com/
Enter your Tufts email address and click away from that field. You are redirected to the Tufts log in page.
Enter your Tufts Username and Password and click Log In. Your Office 365 page opens.
Click Set it up now. The Step 1 page opens.
In the How should we contact you? field, make a selection. The Mobile App is commonly chosen (apps are available for Windows Phone, iPhone, and Android devices), so we will follow those steps. If you selected Mobile App, use the Receive notifications for verification default option. If you selected one of the phone options, enter your phone number.
- Click Set up. The Configure mobile app window opens.
- In the window, follow the three Configure mobile app steps. (On your mobile phone, go to the appropriate store and install the Azure Authenticator app.)
- Scan the image (barcode), or if you're unable to scan the image, enter the information listed manually into your app. If the app displays a six-digit code, you are done.
- In the window, when finished, click Done. A test notification is sent to your device.
- On your device, press Verify in Azure. In the Additional security verification window, the "In case you lose access to the mobile app" field displays.
- Enter a phone number (in case you lose your device).
Each subsequent login to your Office 365 account will require the use of your Tufts password and then the additional phone acknowledgement.
Once you are enrolled for multi-factor authentication, in some apps, like Outlook, Apple Mail, and Microsoft Office, you can't use a phone to secure your account. To use these apps, you'll need to create a new "app password" to use in place of your work or school account password. It is suggested to use a different app password for each device you use. To set up App Passwords:
- In the next step Keep using your existing applications, click the icon next to your 16-digit password. The Copy to clipboard window opens.
- Copy the password, and paste it into a secure location.
- The next time you log into Outlook or MS Office, use that password.
Once you are signed in, if needed, you can change your second factor of authentication or reset your app password.
For further help, see the video (although the video shows a phone acknowledgement selection from step 5 above).
If you forget your app password, you can reset it. (You can also use these steps to change the phone number of the second factor of authentication.)
To reset your App Passwords:
- Navigate to https://login.microsoftonline.com/
- Enter your Tufts email address and click away from that field. You are redirected to the Tufts login page.
- Enter your Tufts Username and Password and click Log In. Your Office 365 page opens.
- In the upper right corner of the window, click the gear (Settings Menu), then click Office 365 settings. The General settings display.
- In the Password section, click Additional security verification.
- Click Update your phone numbers used for account security. A new tab opens.
- At the top of the page, click app passwords.
- Make any app password changes here, such as creating a new one. As you create new ones, it is suggested that you create a different password for each device. You can name each device during the creation process to make it easy to track them.