Connecting Technology and Business.

Go beyond Passwords - Use an Additional Factor for Authentication

Multi Factor Authentication helps secure user sign-ins for cloud services beyond just a single password. The security of multi-factor authentication lies in its layered approach.

  • Compromising multiple authentication factors presents a significant challenge for attackers.

  • Even if an attacker manages to learn the user's password, it is useless without also having possession of the trusted device.

  • Should the user lose the device, the person who finds it won't be able to use it unless he or she also knows the user's password.

Mult-Factor Authentication overview

Office 365 uses multi-factor authentication to help provide the extra security and is managed from the Office 365 admin center.


Office 365 offers the following subset of Azure multi-factor authentication capabilities as a part of the subscription:

  • The ability to enable and enforce multi-factor authentication for end users

  • The use of a mobile app (online and one-time password) as a second authentication factor

  • The use of a phone call as a second authentication factor

  • The use of a Short Message Service (SMS) message as a second authentication factor

  • Application passwords for non-browser clients

  • Default Microsoft greetings during authentication phone calls

Feature comparison of versions

A form of multi-factor authentication is included with Office 365, but Enterprises can also purchase Azure Multi-Factor authentication that includes extended functionality.


The following table below provides a list of the features that are available in the various versions of Azure Multi-Factor Authentication.


O365 MFA

Azure MFA

Administrators can protect accounts with MFA

Mobile app as a second factor

Phone call as a second factor

SMS as a second factor

App passwords for clients that don't support MFA

Admin control over authentication methods


PIN mode


Fraud alert


MFA Reports


One-Time Bypass


Custom greetings for phone calls


Customization of caller ID for phone calls


Event Confirmation


Trusted IPs


Suspend MFA for remembered devices (Public Preview)




MFA for on-premises apps using MFA server