The last hurdle to utilizing multifactor authentication (MFA) for Office 365 has been resolved: IOS devices. Iphone and Ipad users can now setup their accounts with MFA. Up until now users were forced to use long “app passwords” to enable their Outlook, IOS or Android Office 365 email because the standard password and MFA text, email or call would not execute on these devices. App passwords are less secure than MFA as they are prone to “brute force attacks” in which hackers use computer automation to try thousands of passwords.
Previously, Outlook users were also forced to use app passwords but versions 2013 or later have been able to utilize MFA for months.
Here are some tips to get Office 365 to work with Outlook and IOS devices, as well as MACs and Android devices:
“Modern Authentication” is needed for Office 365 deployments to utilize MFA. All new Office 365 deployments have “modern authentication” enabled by default but older tenants do not. To enable it see Enable Modern Authentication in Office 365.
After enabling Modern Authentication, in Outlook, change your app password to the regular password and then respond to the MFA . On IOS and Android devices you need to completely remove the Exchange account and reinstall using your regular password and then respond to the MFA prompt. On IOS devices go to settings, passwords and accounts.
One last important step: after enabling MFA on all the user’s devices, revoke all app passwords.
Go to your administrative portal for Office 365, select “Active Users” and then click on the user. Then click on “manage multifactor authentication” on the bottom right.
Click the check mark to the left of the user’s name. Then click “manage user settings”.
Click “delete all app passwords….”. Finally click on “save”.
For any assistance on setting up your devices for MFA, enabling modern authentication in Office 365 and revoking app passwords, call Legal Computer Consultants at 800.646.9199.