Introduction - What is Multi Factor Authentication (MFA)?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide
two or more verification factors to gain access to their online account. MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack. The main benefit of MFA is it will enhance your organization's security by requiring your users to identify themselves by more than a username and password.
While important, usernames and passwords are vulnerable to brute force attacks and can be
stolen by third parties. Enforcing the use of an MFA leveraging either the Microsoft Authenticator
Application (preferred) or a phone call means increased confidence that your organization will stay safe
from cyber criminals.
This document will outline the procedure needed to successfully complete your MFA registration
using your mobile phone to ensuring account security.
Second factors for two-factor authentication methods
Allowed Factors
o Phone Factor (Phone Call)
o Token via Mobile App
o Push notification via Mobile App (Phone needs to be connected to the internet)
Disallowed Factors
o SMS Text Message
o Hardware Token
o Mail
We recommend configuring two methods for MFA. The easiest method to use is Push Notification via
the Microsoft Authenticator app found in the Google Play and Apple App Store. The app is free of charge
to download and use.
How to configure your first, second factor with Azure MFA
Once your account has been enabled for MFA, we recommend performing your setup from a
desktop computer using an approved browser (Microsoft Edge, Google Chrome or Mozilla
Firefox) by completing the following steps:
1. Point your browser to https://aka.ms/mfasetup
2. Sign in with your cloud account:
3. You will then be asked for “more information”, please click “NEXT” Now you can start
configuring your first, second factor:
a. If you have a smartphone, we recommend that you configure the Microsoft
Authenticator App as second factor authentication. In this case, go to section 2.1
Mobile App.
b. If you do not have a smartphone, you should configure the second factor
authentication as described in section 2.2 Phone Factors.
2.1 Mobile App
Click the pull-down menu and select Mobile App from the list:
You can choose one of two types of verifications:
Choose your preference and click setup to continue:
To complete the next phase, you will need to download the Microsoft Authenticator application by
scanning one of the QR codes below with your mobile device:
Once the app is installed, launch it and tap on Add account
Then select Work or school account:
Use your phone’ camera to scan the QR code on the registration page in your web browser.
Approve the sign-in on your mobile device if you chose Receive notifications for verification as your
method. If you chose Use verification code then type the indicated code into the setup page.
Congratulations, you have successfully configured second factor for two-factor
Authentication using the Microsoft Authenticator App.
2.2 Phone Factor
Click the pull-down menu and select Office phone from the first list:
Click the pull-down menu and select your country code from the second list:
Enter your phone number (including area code) in the first field and enter your extension (if required) in
the second field. If you do not have an extension, leave the field blank. Click Next to continue.
You will receive a verification call at the number specified in the first step. Follow the instructions you
receive in the phone call to successfully complete the setup
Once you press the pound key (#) the verification will be successful
*NOTE: Using the phone method, each MFA request will call the number you specified in step one.
Please make sure you have access to that phone to be able to successfully log in to your account.
2.3 Managing MFA settings
After you have successfully enrolled your account to MFA, you can manage or make changes to your
setup if required:
1. Point your browser to https://aka.ms/mfasetup
2. Sign in with your cloud account
3. Approve the MFA request on your mobile device
4. Make the changes you need and click save:\
3.FAQ
What can I do, when I have lost or broke my mobile phone or deleted Microsoft
Authenticator App by mistake?
In case of problems with the registration or if the user is somehow locked, please open a
ticket by emailing support@gazl.co to reset the user. After a reset, you can start onboarding
from scratch as described in this guide.
Comments
Please sign in to leave a comment.